This script generates the configurable (register and partition) blocks for
the instantiation of the fuse_ctrl.
The configurable parts of the fuse_ctrl are bootstrapped via several Mako
template files found in src/fuse_ctrl/templates. A Mako template file intersperses constant
data (rendered unchanged) with its own DSL that operates on arbitrary data that is passed
as Python variables to the rendering function. Each template file is rendered into a
file of the same name without the .tpl suffix:
otp_ctrl_mmap.hjson.tpl: All the partitions and their corresponding fuses are defined in this template file. If a user wishes to add, remove or update a partition, it should happen in here. The template further contains a configurable portion with respect to vendor-specific partitions that is instrumented viagen_fuse_ctrl_partitions.yml(see below).otp_ctrl.hjson.tpl: All the CSRs are defined in this template file. Since the exact composition of the register map depends on the defined partitions, the generatedotp_ctrl_mmap.hjsonserves as a basis for this template. If a user wishes to add, remove or update a register, it should happen in this file.otp_ctrl_pkg.sv.tpl,otp_ctrl_reg_top.sv.tpl: These two template files are rendered into the register RTL. They depend on the generatedotp_ctrl.hjsonfile and, under normal circumstances, should not be modified.otp_ctrl_part_pkg.sv.tpl: A partition-specific RTL block is rendered from this template file for which the generatedotp_ctrl_mmap.hjsonserves as a basis. It should not be modified.otp_ctrl.rdl.tpl: Unfortunately, there does not seem to exist a mature tool that converts OpenTitan register files, i.e.,otp_ctrl.hjson, into a correspondingRDLfile, hence any change to the register map inotp_ctrl.hjsonmust be duplicated to this file.
/*------------------------------+
| gen_fuse_ctrl_partitions.yml |
+------------------------------*/
|
| /*---------------------------+ /*----------------------------+
---- > | otp_ctrl_mmap.hjson(.tpl) | -----> | otp_ctrl_part_pkg.sv(.tpl) |
+---------------------------*/ +----------------------------*/
|
| /*----------------------+ /*--------------------+
----> | otp_ctrl.hjson(.tpl) | ----> | otp_ctrl.rdl(.tpl) |
+----------------------*/ +--------------------*/
|
/*---------------------------+ | /*---------------------------+
| otp_ctrl_reg_top.sv(.tpl) | <---------> | otp_ctrl_reg_pkg.sv(.tpl) |
+---------------------------*/ +---------------------------*/
The generated RTL and configuration files alongside their corresponding Markdown documentation files and placed in the following directories:
src/fuse_ctrl/rtl
├── otp_ctrl_part_pkg.sv
├── otp_ctrl_core_reg_top.sv
└── otp_ctrl_reg_pkg.sv
src/fuse_ctrl/data
├── otp_ctrl.rdl
├── otp_ctrl_mmap.hjson
└── otp_ctrl.hjson
src/fuse_ctrl/doc
├── otp_ctrl_digests.md
├── otp_ctrl_field_descriptions.md
├── otp_ctrl_mmap.md
└── otp_ctrl_partitions.md
Optional vendor-specific partitions with variable number of fuses can
be added by setting the following parameters in gen_fuse_ctrl_partitions.yml
to non-zero values:
num_vendor_pk_fuses: This will generate either up to three partitions pertaining to the public-key hashes:VENDOR_HASHES_MANUF_PARTITION: Contains the first vendor public-key hashe. Programmable during the manufacturing life-cycle phase.VENDOR_HASHES_PROD_PARTITION: Contains the remainingnum_pk_fuses-1vendor public-key hashes. In-field programmable. This partition is omitted ifnum_pk_fuses==1.VENDOR_REVOCATIONS_PROD_PARTITION: Containsnum_pk_fusessets of revocation bits for each vendor public-key.
num_vendor_secret_fuses: If non-zero, this parameter will result in the following partition:VENDOR_SECRET_PROD_PARTITION: Containsnum_vendor_secret_fusessecret vendor-specific fuses. In-field programmable.
num_vendor_non_secret_fuses: If non-zero, this parameter will result in the following partition:VENDOR_NON_SECRET_PROD_PARTITION: ContainsNnon-secret vendor-specific fuses. In-field programmable.
A variable number of ratchet seed partitions (one 256-bit seed per parition) can be inserted before the
life-cycle partition by setting the num_ratchet_seed_partitions parameter in gen_fuse_ctrl_partitions.yml.
For the exact definition of these vendor-specific fuses and the ratchet seeds see otp_ctrl_mmap.hjson.tpl.
cd $CALIPTRA_SS_ROOT/tools/scripts/fuse_ctrl_script
cat requirements.txt
> hjson==3.1.0
> importlib_resources==5.4.0
> Mako==1.1.6
> pycryptodome==3.21.0
> PyYAML==6.0.1
> tabulate==0.8.10
python3 -m pip install -r requirements.txt
cd $CALIPTRA_SS_ROOT
./tools/scripts/fuse_ctrl_script/gen_fuse_ctrl_partitions.py -f tools/scripts/fuse_ctrl_script/gen_fuse_ctrl_partitions.ymlInvalid edits to the otp_ctrl_mmap.hjson.tpl and otp_ctrl.hjson.tpl files are caught
and signaled to the user. Potential invalid configurations include:
- Any kind of HJSON syntax error.
- The partitions do not fit into the allocated memory.
- Duplicated partition/fuse names.
- Unknown partition parameters.
- Undeclared keys for the secret partitions.
- Missing fields such as register or fuse sizes.