[otp_ctrl] D2S Signoff

[msfschaffner]

Description

Ensure D2S signoff criteria are fulfilled after focus area changes have landed.

[msfschaffner]

Commits since Earlgrey-ES tapeout

$ git rev-parse --short HEAD

b9f4e72

$ git log Earlgrey-M2.5.2-RC0..HEAD --oneline hw/ip/otp_ctrl

• a08791a [otp_ctrl] Fix OTP_CTRL enums
  • Fixes a VCS warning (no functional change)
• c6107c4 [otp_ctrl] Add SW partitions for ROM keys
  • OTP memory map update according to RFC
• 8c36f2a [regtool/otp_ctrl] Line length optimizations
  • Long partition names can cause lint issues due to long lines, which is fixed in this commit.
• 06bd802 [otp_ctrl] Add second HW_CFG partition
  • Split chicken switches into a separate HW_CFG partition to align the memory map with the intended provisioning flow.
• d4aa1a0 [otp_ctrl] Filter ECC errors in partitions with no integrity
  • This is added to make the OTP_CTRL backwards compatible with the already existing closed source wrapper implementation from Nuvoton.
• 5e35d3f Revert "[dv,top_earlgrey] Remove dv flag to set OTP ast_init"
  • Reversion of previous commit
• 3f447cc [otp_ctrl] Remove entropy_src chicken switches
  • Removes unused chicken switches that will always be set to True for Earlgrey.PROD
• 3705405 [otp_ctrl] Differentiate between owner and creator keys
  • Introduce the option to choose which life cycle access control signal is used to lock associated key material (e.g. the owner vs creator key material). This feature is not used in Earlgrey.PROD. The DV environment has been updated accordingly.
• 114807d [dv,top_earlgrey] Remove dv flag to set OTP ast_init
  • No effect since the change is reverted further above
• 1c9adba [otp_ctrl] Make DAI registers software-lockable
  • This improvement was requested so that ROM/ROM_EXT can choose to lock down OTP programming access without having to use any ePMP entries. The OTP_CTRL DV scoreboard has been updated accordingly.
• 5639924 Revert "[edn] Move prim_edn_req out of prim"
  • Reversion of previous commit.
• c721c51 [rtl, prim] Add 'commit' functionality to prim_count
  • This primitive update added a new port to prim_count. The new functionality is not used in OTP_CTRL, so this is not a functional change.
• 87814b0 [otp_ctrl] Minor alignments
  • Minor alignments to fix things that were missed during the batch carry-over from integrated_dev.
• 0397477 [otp_ctrl/lint] Correct lint error
  • lint cleanup
• 37cbc50 [otp_ctrl/lint] Update range comparisons
  • lint cleanup
• c470b98 [otp_ctrl/lint] Unused signals cleanup
  • lint cleanup
• a805866 [otp_ctrl/dif] Distinguish LC and SW partitions with no digest
  • refactoring to make DIFs more parametric
• b2e1f3b [otp_ctrl,gen] Parameterize OTP size
  • refactor to make RTL more parametric
• eba6752 [otp_ctrl,dv] fix parallel sequence test
  • DV fix
• cbd5679 [otp_ctrl/dv] Update template for env_cov
  • refactoring to make DV environment more parametric
• 8b416b9 [otp_ctrl,gen] Fix handling of partitions with digest
  • refactoring to make DIFs more parametric
• d09cb15 [otp_ctrl,gen] Fix comment in dif_ctrl.h.tpl
  • refactoring to make DIFs more parametric
• a30fd54 [otp_ctrl,gen] Add templates for difs
  • refactoring to make DIFs more parametric
• 76a9169 [otp_ctrl,gen] Improve descriptions in hjson partition map
  • documentation improvement
• 908487a [otp_ctrl,gen] Fix some issues in generators
  • refactoring to make DV environment more parametric
• efd00fb [otp_ctrl,gen] Fix error code coverage collection
  • refactoring to make DV environment more parametric
• 41496e9 [otp_ctrl/dv] Update scoreboard template
  • refactoring to make DV environment more parametric
• c63f443 [otp_ctrl/dv] Update sequence templates
  • refactoring to make DV environment more parametric
• 394e21a otp_ctrl/dv] Add templates for some sequences
  • refactoring to make DV environment more parametric
• 9100be2 [otp_ctrl/dv] Update template for otp_ctrl_if
  • refactoring to make DV environment more parametric
• 496ea05 [otp_ctrl/dv] Add template for otp_ctrl_if
  • refactoring to make DV environment more parametric
• fb46782 [otp_ctrl/dv] Update to reduce line lengths
  • refactoring to make DV environment more parametric
• c89d1f4 [otp_ctrl/dv] Update template for covergroup defs
  • refactoring to make DV environment more parametric
• 977ce71 [otp_ctrl/dv] Add template for covergroup defs
  • refactoring to make DV environment more parametric
• 1f75034 [dv/otp_ctrl] Update templates to support parts without digest
  • refactoring to make DV environment more parametric
• a073505 [otp_ctrl,rtl] Fix logic bug in keymgr key output
  • bugfix for issue introduced by previous changes
• 9e79e1f [otp_ctrl/dv] Update scoreboard template
  • refactoring to make DV environment more parametric
• 60c82fc [otp_ctrl] Make secret partition LC lock more generic
  • refactoring to make RTL environment more parametric
• 978233e [otp_ctrl/dv] Update otp_ctrl_env_pkg template
  • refactoring to make DV environment more parametric
• d69f033 [otp_ctrl/dv] Make a template for otp_ctrl_env_pkg
  • refactoring to make DV environment more parametric
• fa224ad [otp_ctrl/dv] Replace hardcoded offsets with templating
  • refactoring to make DV environment more parametric
• 4264697 [otp_ctrl/dv] Use more generated constants in DV env
  • refactoring to make DV environment more parametric
• 3953d17 [otp_ctrl/dv] Add missing sram_pull_agent in check_otp_idle
  • DV alignment for previous commit
• a6995cf [otp_ctrl] Add a scrambling key slot for the mbox SRAM
  • this provisions an extra key slot for the mailbox SRAM for integrated settings. the slot will be tied off in Earlgrey.PROD.
• e81b588 [keymgr/otp_ctrl] Add support for creator/owner seeds
  • this adds support for storing the seeds in a separate SECRET* partition. this feature is not used in Earlgrey.PROD, but it was needed for Darjeeling, where the seeds cannot be kept in on-chip flash anymore.
• af72751 [otp_ctrl,gen] Generate cov_bind and scoreboard files from template
  • refactoring to make DV environment more parametric
• d37182c [otp_ctrl,gen] Move otp_ctrl_part_pkg.sv.tpl to data
  • refactoring to make DV environment more parametric
  • refactoring to make DV environment more parametric
• 3b811a6 [otp_ctrl,gen] Create templates for cov_bind and scoreboard
  • refactoring to make DV environment more parametric
• 61a237e [util/reggen] reverse order of substruct generation
  • generic reggen change that is transparent
• fc84846 [reggen,hw] Create index parameter for registers windows
  • generic reggen change that is transparent
• d15e6bd [otp_ctrl] Ensure broadcast valid is flopped
  • ensures the proper latency on that signal
• 914dee7 [otp_ctrl] Fix UNKNOWN error due to array indexing
  • fixing a bug introduced by the sequence of changes
• 2ba74d6 [otp_ctrl] Fix OOB error in DAI
  • this bug was not relevant for Earlgrey since the array sizes just aligned so that this could not occur. it was uncovered with the Darjeeling configuration.
• be3312f [otp_ctrl/dv] Fix xcelium compile errors
  • cleanup for xcelium, mostly around usage of SV types which is checked more strictly
• c939d9a [otp_ctrl] Add support for multiple HW_CFG partitions
  • this is a preparatory step to splitting the HW_CFG partition into two partitions
• ce648ca [ipgen.pwrmgr] Change core files to vlnv naming and label as virtual
  • IPgen update touches the core file of OTP_CTRL, no RTL impact
• 4c8050f [otp_ctrl/lint] Fix lint error
  • as description says
• c04a5bb [otp_ctrl] Make ERR_CODE register non-compact
  • this changes the CSR layout to make it more amenable for parameterization, and a larger number of partitions (where one 32bit register would not be sufficient anymore to store compacted error codes). the DV is updated accordingly.
• 5f4c0c9 [otp_ctrl/doc] Update documentation
  • doc update, no RTL impact
• dc9da97 [otp_ctrl] Add option to disable integrity on a partition
  • some partitions such as partitions with strike counters do not need ECC integrity. this adds support for such partitions. in Earlgrey.PROD, only the VENDOR_TEST partition will use this feature. the DV is updated accordingly.
• db4f0fa [otp_ctrl/dv] Remove obsolete behavior
  • DV cleanup
• 1321b6f [otp_ctrl] Support SW partitions without digest
  • some SW partitions (e.g. strike counters) do not need a digest. this adds support for such partitions, but this attribute is not used within Earlgrey. the DV is updated accordingly.
• c1d2c27 [otp_ctrl] Make CSR read-enables assignment parametric
  • RTL refactor to make RTL more parameterizable
• 07fc07d [otp_ctrl] Make digest CSR assignment parameterizable
  • RTL refactor to make RTL more parameterizable
• 3bbdcb2 [otp_ctrl] Bump version to 2.0.0 and move back to D1/V1
  • version increase due to changes that are coming
• 3b4e36e [edn] Move prim_edn_req out of prim
  • this change is reverted above
• de31bdf [reggen] Remove the devmode input
  • this change removes the devmode input in all generated register nodes. no functional change since the alternative mode with devmode set to 0 was never used.
• 963a500 [doc] Minor tweak to md sanitisation code
  • doc fix
• 15396a3 [sku] Update prodc to match sival_bringup sku configuration.
  • sival test updates, no RTL change
• 613ca17 [silicon] Add prodc OTP configuration.
  • OTP image update, no RTL change
• 88508d8 [otp_ctrl,doc] Document scrambling keys being ephemeral if seed_valid=0
  • documentation update, no RTL change
• f485d6d [manuf] remove raw unlock step from CP stage
  • manuf test updates, no RTL change
• ed1019f [sival] Add SiVal SKU
  • sival test updates, no RTL change
• b04bcf3 [sival] SiVal Bring-Up SKU
  • sival test updates, no RTL change
• 5f9ef53 [rom_ext, sival] Build & Sign configuration for SiVAL ROM_EXT
  • sival test updates, no RTL change
• d07ac98 [sival] add RMA SiVal OTP images
  • sival test updates, no RTL change
• 4d16600 [sival] update _personalized otp image names to match doc
  • sival test updates, no RTL change
• 975a6eb [adc_ctrl,dv] Tidy up access to intr_state in env_cfg files
  • DV cleanup touching many comportable IPs, no RTL change
• 2589d2e [manuf] send attestation TCB measurements to device over console
  • sival test updates, no RTL change
• 5b41922 [sival] Update SiVal OTP target names.
  • sival test updates, no RTL change
• 88a8ea0 [sival] Add SiVal dev guide.
  • sival test updates, no RTL change
• 6c89691 [sival] Update flash_ctrl_rma_test to use sival infra.
  • sival test updates, no RTL change
• 1e44656 [sival] Define set of OTP profiles.
  • sival test updates, no RTL change
• bf6a1a6 [sival,otp_ctrl] sival testplan update for otp_ctrl
  • sival test updates, no RTL change
• c393406 [sival] Add SiVal OTP SKU.
  • sival test updates, no RTL change
• ccefe9d [sival] Move default earlgrey a0 otp config
  • sival test updates, no RTL change
• cfaa932 [manuf] split CREATOR_SW_CFG OTP provisioning into several sub-steps
  • manufacturing test updates, no RTL change
• c2ea8e2 [otp] add flash data region config to generic SKU image
  • manufacturing test updates, no RTL change
• cb61338 [manuf] move SECRET1 provisioning to the personlize lib
  • manufacturing test updates, no RTL change
• 011901a [manuf] switch LC state individualize functest runs at
  • manufacturing test updates, no RTL change
• 005363a [sival] Add OTP and bitstream docs.
  • OTP image definition updates, no RTL impact
• 1987f83 [otp] add OTP CREATOR_* and OWNER_SW_CFG definitions for ES
  • OTP image definition updates, no RTL impact
• bf0457f [otp] move default fixed secret0 overlay to shared location
  • build system change for generating OTP images, no RTL impact
• 3f88a55 [pwrmgr,ipgen] Generate pwrmgr ip_autogen files with topgen
  • this only affected a link in the OTP_CTRL docs
• 1b16ca2 [reggen] Add mubi support SWAccess that sets/clears a reg
  • MuBi support in reggen, no impact on OTP_CTRL
• 4fb9ab5 [otp_ctrl,dv] Add virtual to uncorr comp function
  • DV update to accommodate closed source testing
• 59f8142 [doc] Moved badges over to using hosted images
  • doc update
• adb5200 [doc] otp_ctrl registers and interfaces now use CMDGEN
  • doc generator update
• 2d61350 Integrate DRG3 class for generating randomness
  • update to RNG mechanism for compile-time random constant generation. while this has RTL impact, generation is automatic, similar to changing the constants as part of the closed source ingestion process. DV adapts automatically to this change.
• 44a6dc6 [otp_ctrl,dv] fix parallel sequence test
  • no RTL impact
• 025c510 [manuf] rename individualize_preop lib
  • no RTL impact
• d35c795 [manuf] make OTP image consts a link-time dep
  • no RTL impact
• d67e35d [reggen] Generate constants for only the main block
  • no RTL impact
• 7688e71 [reggen] Add initial support for version and cip_id hjson fields
  • Hjson support for CIP_ID, no RTL change
• fbd888e Revert "[reggen] Add CIP_IDs and bump all major versions"
  • reversion of previous commit
• 0ba10b3 [reggen] Add CIP_IDs and bump all major versions
  • no RTL impact since reverted in the next commit
• 5581931 [hw] Rename OTP item: OWNER_SW_CFG_ROM_EXT_BOOTSTRAP_EN
  • SW item in the memory map, no RTL impact
• e47df29 [misc] Use lc_tx_t testing functions at endpoints
  • cleanup refactor with no functional change
• 0be5abc [hw] Disable ROM_EXT recovery by default
  • SW item in the memory map, no RTL impact
• 71fa8db [hw] New OTP item: OWNER_SW_CFG_ROM_EXT_RECOVERY_EN
  • SW item in the memory map, no RTL impact

Issues closed since the Earlgrey-ES tapeout

• [otp_ctrl] Carry-over refactored version from Darjeeling #20830
  • this led to many RTL and DV refactorings as can be seen above, but basically no functional changes for Earlgrey, with a few exceptions as described in the summary below.
• [otp_ctrl] Make DAI CSR lockable #20348
  • minor RTL change to make the DAI lockable via a CSR. this has been requested so that ROM/ROM_EXT can lock access to the OTP programming interface without having to blow ePMP entries. The functionality has been modeled in the scoreboard.
• [dv/otp_ctrl] Force mubi value for hw cfg read lock #17779
  • This issue had no effect on RTL.
• [dv/cdc] Enable CDC instrumentation in all ips #16689
  • Enablement of CDC instrumentation for all DV environments, no RTL impact.
• [bazel, dv] Leverage ROM e2e OTP config infra in bazel for DV  #15622
  • Bazel issue, no RTL impact.
• [otbn] Check seed_valid bit of OTP scrambling interface #13201
  • Documentation fix, no RTL impact
• [otp_ctrl] Enhancement for device-specific scrambling keys #10434
  • Has been closed as not planned
• [otp_ctrl] Unused hw_cfg #6404
  • This issue has not been closed in a long time even though the fix was already implemented for ES. No impact on RTL therefore.

Currently open issues

• [otp_ctrl/dv] Make sure the otp_ctrl tolerates spurious ECC errors on the VENDOR_TEST partition #21265
  • This DV issue has been spawned for PROD.M4/M5. We need to double check that the VENDOR_TEST partition behaves as expected in the closed source environment.
• [RFC] Move ROM keys to OTP #21204
  • Open RFC that proposes to move the ROM keys into OTP for flexibility (and to save space in ROM, since there is a lot of unused space in the Earlgrey OTP). The RFC has not been fully implemented on the ROM side yet, but the partition change has already been carried out. This basically led to the addition of a few new SW partitions, and the refactored OTP RTL and DV environment enabled fully automatic generation of the associated RTL and DV collateral. This hence had RTL impact, but the DV was updated automatically alongside.
• [multi_top,ipgen] Add support for generating software collateral #19823
  • this is a multi-top issue, not relevant here
• [bazel,otp_ctrl] OWNER_SW_CFG_ROM_ALERT_DIGEST_* values are hardcoded #19505
  • this issue pertains to how the alert configuration datastructure is assembled. while this is stored in a SW partition inside OTP, it does not affect the OTP RTL for Earlgrey.
• [otp_ctrl/dv] use mem_bkdr_util interface to read check ECC uncorrectable error #17798
  • DV enhanvement, potentially useful for V3 but not required
• [otp/dv/sv] Align OTP image generation for all targets #15337
  • Build system issue, no impact on RTL
• [doc] Add D2/D3 review item for documentation of instantiation parameters  #13858
  • Checklist enhancement, no impact on RTL
• [tracking] Use ipgen to produce templated IPs #8440
  • This is a multitop issue, not required for Earlgrey.PROD
• [lint] otp_ctrl is (sort of) failing verible lint #5027
  • Issue due to limitation of Verible linter on DV code. Not important for Earlgrey.PROD

Summary

The OTP_CTRL has undergone quite some refactoring in order to make generation of RTL and DV collateral possible, given an Hjson memory map description. This refactoring was carried out on the integrated_dev branch for Darjeeling in order to accommodate different OTP_CTRL memory map layouts. Since the memory map for Earlgrey.PROD needed some alignments, these refactorings have been carried over from the integrated_dev branch in order to make these changes more straightforward.

While overall the functionality is largely unchanged, the series of patches do change a few things:

• it is now possible to define partitions with and without integrity support. while this new functionality does not affect most partitions in Earlgrey, the VENDOR_TEST partition is now using this new attribute. The open-source DV environment models this behavior, and an extra issue has been spawned to double check compatibility with the closed source wrapper in a later milestone: [otp_ctrl/dv] Make sure the otp_ctrl tolerates spurious ECC errors on the VENDOR_TEST partition #21265
• it is now possible to define SW partitions that are not lockable (i.e., that do not have a digest), although the Earlgrey configuration does not make use of this feature.
• the Earlgrey memory map has been changed in the following ways:
  • the HW_CFG partition has been split into two partitions (HW_CFG0 and HW_CFG1) in order to better accommodate the provisioning flow. HW_CFG0 now contains only the DEVICE_ID and the MANUF_STATE, whereas the HW_CFG1 partition contains chicken switches for the design. The chicken switches for ENTROPY_SRC have been removed since they will always be set to True going forward.
  • The ERR_CODE CSR has been made non-compact to make the design more parametric, and allow for a larger number of partitions (otherwise we can get corner cases that are annoying to implement in a parametric way in the DIF and DV, e.g. once the error codes cannot be compacted into a single 32bit register anymore).
  • Functionality for sideloading more key material from OTP into keymgr. This also comes with the option to modulate write access to this partition with either the lc_creator_seed_sw_rw_en_i or the lc_owner_seed_sw_rw_en_i life cycle signal. The mechanism is however not used in the Earlgrey configuration.
  • new SW partitions have been added as per [RFC] Move ROM keys to OTP #21204

The OTP_CTRL IP has seen quite some RTL changes, but the associated DV tests have been updated alongside so that there should not be any coverage gaps.

Note that this is a "focus block" and hence the PROD.M2 requirement would be a D2 signoff.
However, since no countermeasures have been changed / removed in the series of patches, the recommendation is to sign this block off at D2S instead.

[msfschaffner]

@andreaskurth @vogelpi @matutem Would be great if you could take a look.

Let me know if going all the way to D2S seems problematic, we can also just sign off at D2 and do another review for PROD.M3.

[vogelpi]

FYI @msfschaffner , @andreaskurth and I are currently reviewing the RTL changes and will provide feedback once we're done with that.

[vogelpi]

@andreaskurth and I've reviewed this issue and the RTL changes. We've identified one thing and discussed with with @msfschaffner to fix this before declaring D2S. This is now tracked here: #21948.

Other than that, we are okay to declare D2S for otp_ctrl. Thanks @msfschaffner for putting this together!

[andreaskurth]

Other than that, we are okay to declare D2S for otp_ctrl.

So D2 for now, and D2S for M3, when we will have addressed #21948?

[msfschaffner]

I made a patch so that we can sign off D2S: #21953