// Copyright lowRISC contributors (OpenTitan project). // Licensed under the Apache License, Version 2.0, see LICENSE for details. // SPDX-License-Identifier: Apache-2.0 // // Hardened LFSR module that instantiates two LFSRs of the same type. // The state vector of both LFSRs is constantly checked and an error is asserted if the // two states are inconsistent. module prim_double_lfsr #( // prim_lfsr parameters - refer to prim_lfsr for their meaning/ parameter LfsrType = "GAL_XOR", parameter int unsigned LfsrDw = 32, localparam int unsigned LfsrIdxDw = $clog2(LfsrDw), parameter int unsigned EntropyDw = 8, parameter int unsigned StateOutDw = 8, parameter logic [LfsrDw-1:0] DefaultSeed = LfsrDw'(1), parameter logic [LfsrDw-1:0] CustomCoeffs = '0, parameter bit StatePermEn = 1'b0, parameter logic [LfsrDw-1:0][LfsrIdxDw-1:0] StatePerm = '0, parameter bit MaxLenSVA = 1'b1, parameter bit LockupSVA = 1'b1, parameter bit ExtSeedSVA = 1'b1, parameter bit NonLinearOut = 1'b0, // This should only be disabled in special circumstances, for example // in non-comportable IPs where an error does not trigger an alert. parameter bit EnableAlertTriggerSVA = 1 ) ( input clk_i, input rst_ni, input seed_en_i, input [LfsrDw-1:0] seed_i, input lfsr_en_i, input [EntropyDw-1:0] entropy_i, output logic [StateOutDw-1:0] state_o, // Asserted if the parallel LFSR states are inconsistent. output logic err_o ); logic [1:0][LfsrDw-1:0] lfsr_state; // We employ redundant LFSRs to guard against FI attacks. for (genvar k = 0; k < 2; k++) begin : gen_double_lfsr // Instantiate size_only buffers to prevent // optimization / merging of redundant logic. logic lfsr_en_buf, seed_en_buf; logic [EntropyDw-1:0] entropy_buf; logic [LfsrDw-1:0] seed_buf, lfsr_state_unbuf; prim_buf #( .Width(EntropyDw + LfsrDw + 2) ) u_prim_buf_input ( .in_i({seed_en_i, seed_i, lfsr_en_i, entropy_i}), .out_o({seed_en_buf, seed_buf, lfsr_en_buf, entropy_buf}) ); prim_lfsr #( .LfsrType(LfsrType), .LfsrDw(LfsrDw), .EntropyDw(EntropyDw), // output the full width so that the states can be cross checked. .StateOutDw(LfsrDw), .DefaultSeed(DefaultSeed), .CustomCoeffs(CustomCoeffs), .StatePermEn(StatePermEn), .StatePerm(StatePerm), .MaxLenSVA(MaxLenSVA), .LockupSVA(LockupSVA), .ExtSeedSVA(ExtSeedSVA), .NonLinearOut(NonLinearOut) ) u_prim_lfsr ( .clk_i, .rst_ni, .seed_en_i ( seed_en_buf ), .seed_i ( seed_buf ), .lfsr_en_i ( lfsr_en_buf ), .entropy_i ( entropy_buf ), .state_o ( lfsr_state_unbuf ) ); prim_buf #( .Width(LfsrDw) ) u_prim_buf_output ( .in_i(lfsr_state_unbuf), .out_o(lfsr_state[k]) ); end `ifdef SIMULATION `ifndef VERILATOR // Ensure both LFSRs start off with the same default seed. if randomized in simulations. initial begin : p_sync_lfsr_default_seed wait (!$isunknown(gen_double_lfsr[0].u_prim_lfsr.DefaultSeedLocal)); wait (!$isunknown(gen_double_lfsr[1].u_prim_lfsr.DefaultSeedLocal)); gen_double_lfsr[1].u_prim_lfsr.DefaultSeedLocal = gen_double_lfsr[0].u_prim_lfsr.DefaultSeedLocal; $display("%m: Updated gen_double_lfsr[1].u_prim_lfsr.DefaultSeedLocal = 0x%0h", gen_double_lfsr[1].u_prim_lfsr.DefaultSeedLocal); end `endif `endif // Output the state from the first LFSR assign state_o = lfsr_state[0][StateOutDw-1:0]; assign err_o = lfsr_state[0] != lfsr_state[1]; // This logic that will be assign to one, when user adds macro // ASSERT_PRIM_DOUBLE_LFSR_ERROR_TRIGGER_ALERT to check the error with alert, in case that // prim_double_lfsr is used in design without adding this assertion check. `ifdef INC_ASSERT logic unused_assert_connected; `ASSERT_INIT_NET(AssertConnected_A, unused_assert_connected === 1'b1 || !EnableAlertTriggerSVA) `endif endmodule : prim_double_lfsr