[fuse_ctrl, rtl] Make pk hash vendor lock more generic

Signed-off-by: Andrea Caforio <andrea.caforio@lowrisc.org>

Author: andrea-caforio

src/fuse_ctrl/rtl/otp_ctrl.sv

@@ -397,10 +397,16 @@ module otp_ctrl
     // Intercept write requests to the `VENDOR_HASHES_PROD` partition and verify
     // the write is allowed by the volatile lock of the `VENDOR_PK_HASH_VOLATILE LOCK` register.
     if (NumVendorPkFuses > 1) begin
+
+      localparam int prod_vendor_hash_num   = NumVendorPkFuses-1;
+      localparam int prod_vendor_hash_size  = CptraCoreVendorPkHash1Size + CptraCorePqcKeyType1Size;
+      localparam int prod_vendor_hash_start = CptraCoreVendorPkHash1Offset;
+      localparam int prod_vendor_hash_end   = CptraCoreVendorPkHash1Offset + (prod_vendor_hash_size * prod_vendor_hash_num);
+
       if (dai_cmd == DaiWrite && reg2hw.vendor_pk_hash_volatile_lock != '0 &&
-          dai_addr >= VendorHashesProdPartitionOffset &&
-          dai_addr < VendorHashesProdPartitionDigestOffset) begin
-        if (32'(dai_addr) >= (VendorHashesProdPartitionOffset + (reg2hw.vendor_pk_hash_volatile_lock * (CptraCoreVendorPkHash1Size + CptraCorePqcKeyType1Size)))) begin
+          dai_addr >= prod_vendor_hash_start &&
+          dai_addr < prod_vendor_hash_end) begin
+        if (32'(dai_addr) >= (prod_vendor_hash_start + ((reg2hw.vendor_pk_hash_volatile_lock-1) * prod_vendor_hash_size))) begin
           part_access_pre[VendorHashesProdPartitionIdx].write_lock = MuBi8True;
         end
       end

src/integration/test_suites/smoke_test_fc_pk_volatile_lock/smoke_test_fc_pk_volatile_lock.c

@@ -41,26 +41,22 @@ volatile char* stdout = (char *)SOC_MCI_TOP_MCI_REG_DEBUG_OUT;
  * the volatile lock works as intended. The test proceeds in the following steps:
  * 
  *   1. Write a value to first fuse.
- *   2. Write a value to second fuse.
- *   3. Activate the volatile lock such that the fuse from step 2 is now in the
+ *   2. Activate the volatile lock such that the fuse from step 2 is now in the
  *      locked region.
- *   4. Verify that writing to the second fuse now results in an error.
+ *   3. Verify that writing to the second fuse now results in an error.
  */
 void program_vendor_hashes_prod_partition(void) {
-    const uint32_t addresses[2] = {CPTRA_CORE_VENDOR_PK_HASH_3, CPTRA_CORE_VENDOR_PK_HASH_5};
+    const uint32_t addresses[2] = {CPTRA_CORE_VENDOR_PK_HASH_3, CPTRA_CORE_VENDOR_PK_HASH_4};
 
     const uint32_t data = 0xdeadbeef;
 
     // Step 1
     dai_wr(addresses[0], data, 0, 32, 0);
 
     // Step 2
-    //dai_wr(addresses[1], data+1, 0, 32, 0);
+    lsu_write_32(SOC_OTP_CTRL_VENDOR_PK_HASH_VOLATILE_LOCK, 4); // Lock all hashes starting from index 4.
 
     // Step 3
-    lsu_write_32(SOC_OTP_CTRL_VENDOR_PK_HASH_VOLATILE_LOCK, 4); // Lock all hashes starting from index 5.
-
-    // Step 4
     dai_wr(addresses[1], data+2, 0, 32, OTP_CTRL_STATUS_DAI_ERROR_MASK);
 }