User/ekarabulut/otp optional items

[ekarabu]

1. Updated FUSE macro map, updated size of FUSE items (IDevID Cert vs Attribute).
2. Updated documentation and explained optional FUSE partitions/items.
3. Cleaned up the code space (removing redundant semicolons).
4. Extended MCI state translation capacity and covered Volatile RAW Unlock state.

[andrea-caforio]

Thank you @ekarabu. I removed the hardcoded values from the TB services and fixed the failing tests. The remaining things look good to me.

[taku202107]

Thank you for fixing the size of CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR, but the size in "opt_ctrl_mmap.md" is still 7952B.
Please check it.

[Alexandiz]

Hi,
Thank you for fix! I reviewed the changes in updated document [caliptra-ss/src/fuse_ctrl/doc/otp_ctrl_field_descriptions.md at 98ebd3811883d1e6f57c7467b96dfe6918ced2b8 · chipsalliance/caliptra-ss](https://github.com/chipsalliance/caliptra-ss/blob/98ebd3811883d1e6f57c7467b96dfe6918ced2b8/src/fuse_ctrl/doc/otp_ctrl_field_descriptions.md) . These are new opens:

CPTRA_SS_OWNER_PQC_KEY_TYPE1..15 – missing in the list. Exist only index ‘0’
CPTRA_SS_OWNER_PK_HASH1..15 – missing in the list. Exist only index ‘0’
CPTRA_SS_OWNER_MLDSA_REVOCATION_1..15 - missing in the list. Exist only index ‘0’
CPTRA_SS_OWNER_ECC_REVOCATION_1..15 - missing in the list. Exist only index ‘0’
CPTRA_SS_OWNER_PK_HASH_VALID - shall cover 16 keys, not 1 (shall be 2 bytes)
CPTRA_SS_OWNER_LMS_REVOCATION_0..15 – why it is not 1 bit per key x 16 keys? (2 bytes total)
CPTRA_CORE_ECC_REVOCATION_0..15 - why it is not 1 bit per key x 16 keys? (2 bytes total)
CPTRA_CORE_LMS_REVOCATION_0..15 - why it is not 1 bit per key x 16 keys? (2 bytes total)
CPTRA_CORE_MLDSA_REVOCATION_0..15 - why it is not 1 bit per key x 16 keys? (2 bytes total)
missing:

• CPTRA_CORE_UDS_SEED
• CPTRA_CORE_FIELD_ENTROPY_0 .. 3
• LC_TRANSITION_CNT
• csr_mode

[andrea-caforio]

Thank you for fixing the size of CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR, but the size in "opt_ctrl_mmap.md" is still 7952B. Please check it.

Where do you see that? It's 96 bytes here:

caliptra-ss/src/fuse_ctrl/doc/otp_ctrl_mmap.md

Line 20 in b0548ff

| | | | 32bit | CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR | 0x0D1 | 96 |

[taku202107]

Thank you for fixing the size of CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR, but the size in "opt_ctrl_mmap.md" is still 7952B. Please check it.

Where do you see that? It's 96 bytes here:

caliptra-ss/src/fuse_ctrl/doc/otp_ctrl_mmap.md

Line 20 in b0548ff

| | | | 32bit | CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR | 0x0D1 | 96 |

Sorry for my ambiguous comment. Please check "Preview" page of opt_ctrl_mmap.md.

[andrea-caforio]

Thank you for fixing the size of CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR, but the size in "opt_ctrl_mmap.md" is still 7952B. Please check it.

Where do you see that? It's 96 bytes here:

caliptra-ss/src/fuse_ctrl/doc/otp_ctrl_mmap.md

Line 20 in b0548ff

| | | | 32bit | CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR | 0x0D1 | 96 |

Sorry for my ambiguous comment. Please check "Preview" page of opt_ctrl_mmap.md.

Can you give a me link to where it is 7952? :-) In this PR it's 96.

[taku202107]

Thank you for fixing the size of CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR, but the size in "opt_ctrl_mmap.md" is still 7952B. Please check it.

Where do you see that? It's 96 bytes here:

caliptra-ss/src/fuse_ctrl/doc/otp_ctrl_mmap.md

Line 20 in b0548ff

| | | | 32bit | CPTRA_CORE_IDEVID_CERT_IDEVID_ATTR | 0x0D1 | 96 |

Sorry for my ambiguous comment. Please check "Preview" page of opt_ctrl_mmap.md.

Can you give a me link to where it is 7952? :-) In this PR it's 96.

Please check the index 6 of the following link:
https://github.com/chipsalliance/caliptra-ss/blob/main/src/fuse_ctrl/doc/otp_ctrl_mmap.md

You are referring to the main branch where it is still 7982. This PR has not been merged yet. Once it is it will also be correct on the main branch.

[Alexandiz]

• CPTRA_CORE_UDS_SEED
• CPTRA_CORE_FIELD_ENTROPY_0 .. 3
• LC_TRANSITION_CNT
• csr_mode

Please review https://github.com/chipsalliance/caliptra-ss/blob/main/src/fuse_ctrl/doc/otp_ctrl_mmap.md

1. CPTRA_CORE_UDS_SEED, CPTRA_CORE_FIELD_ENTROPY_0 .. 3, LC_TRANSITION_CNT present in otp_ctrl_mmap.md, but missing in otp_ctrl_field_descriptions.md
2. csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md

[bharatpillilli]

"csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md" -> Can you please explain?

[Alexandiz]

"csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md" -> Can you please explain?
I read again the specifications and looks like CSR_MODE is not an OTP setting, but a software-writeable bit in the HMAC control register.
I assume it is SOC decision if CSR Mode is enabled or not. I think it would be more convenience to handle it as OTP setting.
what do you think?

[bharatpillilli]

"csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md" -> Can you please explain?
I read again the specifications and looks like CSR_MODE is not an OTP setting, but a software-writeable bit in the HMAC control register.
I assume it is SOC decision if CSR Mode is enabled or not. I think it would be more convenience to handle it as OTP setting.
what do you think?

Are you talking about HMAC operations within Caliptra core? If so, please check Caliptra RT FW on the APIs and modes it has in terms of the current usage. from HW point of view, its a write-only register and Caliptra RT FW controls it and it controls the externally available APIs -> https://chipsalliance.github.io/caliptra-rtl/main/internal-regs/?p=clp.hmac_reg.HMAC512_CTRL

[bharatpillilli]

@Alexandiz - can you please state your affiliation/company since its not obvious from your githubID?

[Alexandiz]

@Alexandiz - can you please state your affiliation/company since its not obvious from your githubID?

Sure. I updated profile and contacted you over slack

[Alexandiz]

"csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md" -> Can you please explain?
I read again the specifications and looks like CSR_MODE is not an OTP setting, but a software-writeable bit in the HMAC control register.
I assume it is SOC decision if CSR Mode is enabled or not. I think it would be more convenience to handle it as OTP setting.
what do you think?

Are you talking about HMAC operations within Caliptra core? If so, please check Caliptra RT FW on the APIs and modes it has in terms of the current usage. from HW point of view, its a write-only register and Caliptra RT FW controls it and it controls the externally available APIs -> https://chipsalliance.github.io/caliptra-rtl/main/internal-regs/?p=clp.hmac_reg.HMAC512_CTRL

@bharatpillilli ,
How you suggest to discuss this flow E2E? over slack? in this thread? in weekly meeting?
Thank you

[bharatpillilli]

"csr_mode is missing in both otp_ctrl_mmap.md and otp_ctrl_field_descriptions.md" -> Can you please explain?
I read again the specifications and looks like CSR_MODE is not an OTP setting, but a software-writeable bit in the HMAC control register.
I assume it is SOC decision if CSR Mode is enabled or not. I think it would be more convenience to handle it as OTP setting.
what do you think?

Are you talking about HMAC operations within Caliptra core? If so, please check Caliptra RT FW on the APIs and modes it has in terms of the current usage. from HW point of view, its a write-only register and Caliptra RT FW controls it and it controls the externally available APIs -> https://chipsalliance.github.io/caliptra-rtl/main/internal-regs/?p=clp.hmac_reg.HMAC512_CTRL

@bharatpillilli , How you suggest to discuss this flow E2E? over slack? in this thread? in weekly meeting? Thank you

Plz open a GitHub issue. Further hmac is not exposed to SoC for random injections. It would be best to look through the spec one more time before filing the issue itself.

[Alexandiz]

@bharatpillilli ,
@bharatpillilli
I opened this issue: chipsalliance/Caliptra#374
Thank you