[VAL] Cherry-pick regression fixes from main (PRs #817, #839, #844, #866, #882, #971, #992, #1008, #1141)#1136
Merged
calebofearth merged 13 commits intoMay 8, 2026
Conversation
…_ctrl_filter coverage (#1056) Cherry-picked commit: 2041523 * Add smoke_test_fc_filter_rule_write_zer_id for fuse_ctrl_filter coverage Add a new integration test targeting four uncovered paths in the fuse_ctrl_filter FSM (FUSE_ADDR_AXI_WR_ST and FUSE_CMD_AXI_ADDR_ST states): Scenario 1 - trigger_table_check in FUSE_ADDR_AXI_WR_ST: Writing DIRECT_ACCESS_ADDRESS twice in succession causes the FSM to see trigger_table_check while already in FUSE_ADDR_AXI_WR_ST, exercising the re-latch-and-loop-back path to FUSE_ADDR_AXI_ADDR_ST. Issuing a DaiWrite from the MCU user to a secret partition address (SECRET_MANUF_PARTITION). The MCU user is not in the access_control_table for the secret range [0x48,0xF0], so wr_req_allowed evaluates to false and the filter asserts discard_fuse_write. Writing WDATA_0 and WDATA_1 with MCU user, then switching to Caliptra core user for ADDRESS and CMD. The command is authorized (Caliptra core matches entry[0]), but the latched data IDs (MCU) differ from the address/command IDs (Caliptra core), making all_same_id false. The filter discards the write. Writing DIRECT_ACCESS_ADDRESS with MCU user, then switching to Caliptra core user for the DaiZeroize CMD. A non-secret partition (SW_MANUF_PARTITION at 0xF8) is targeted so the FIPS zeroization check passes, and the command is authorized, but addr_and_cmd_same_id is false because the address writer differs from the command writer. The filter discards the zeroize. * removed hard-coded line numbers * added new fc cov test to the regression list * Cover the false-branch of line 172 in mci_lcc_st_trans.sv where │ │ │ │ lcc_volatile_raw_unlock_success_i is HIGH but state_error is also HIGH, │ │ │ │ keeping the FSM in TRANSLATOR_NON_DEBUG instead of transitioning to │ │ │ │ TRANSLATOR_UNPROV_DEBUG. This is a security-critical guard that prevents │ │ │ │ debug unlock when a fatal state error is active. │ │ │ │ │ │ │ │ Changes: │ │ │ │ - Add CMD_MCI_FORCE_STATE_ERROR/CMD_MCI_RELEASE_STATE_ERROR BFM commands │ │ │ │ to caliptra_ss_tb_cmd_list.svh, caliptra_ss_lib.h, and │ │ │ │ fc_lcc_tb_services.sv (force/release state_error on │ │ │ │ MCI_PATH.LCC_state_translator) │ │ │ │ - Add caliptra_ss_lcc_volatile_unlock_with_state_error test that boots │ │ │ │ to RAW, forces state_error, performs volatile raw unlock, and verifies │ │ │ │ the MCI translator stays locked │ │ │ │ - Fix UnProvSIGNAL_with_Volatile_Decoding_A assertion to disable when │ │ │ │ state_error is active (the assertion incorrectly fired when state_error │ │ │ │ legitimately blocks the volatile unlock promotion) │ │ │ │ - Register test in master test list and regenerate regression YAMLs │ │ * removed the hard-coded line number * removed assertion change on RTL * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/ekarabulut/fc-filter-write-zeroize-id-coverage' with updated timestamp and hash after successful run * updated assertion label * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/ekarabulut/fc-filter-write-zeroize-id-coverage' with updated timestamp and hash after successful run
…e refactor (PR #817) Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Refactors the lc_ctrl test library with modernized API signatures: - Consolidates token parameters into array-based passing (uint32_t token[4]) - Changes return types from void to bool for error propagation - Improves state transition functions with cleaner interfaces - Updates all dependent test files to use the new API This is a prerequisite for subsequent cherry-picks (PRs #839, #844, Original-commit: 9b97c02 Original-author: Rupert Swarbrick <rswarbrick@lowrisc.org>
…#839) Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Resolves multiple issues with the smoke_test_fc_filter_rule_uds_fe test: - Fixes test flow and validation logic for fuse controller filter rules - Improves UDS/Field Entropy partition access testing - Corrects expected behavior assertions for secret partition zeroization Original-commit: 87cc449 Original-author: Rupert Swarbrick <v-rswarbrick@microsoft.com>
…no_ppd_pin (PR #844) Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Comprehensive cleanup of lifecycle controller test infrastructure: - Introduces check_lc_state() helper for readable LC state validation - Modernizes transition_state() and transition_state_check() APIs - Adds documentation to all lc_ctrl library functions - Fixes broken caliptra_ss_lcc_st_trans_scrap_no_ppd_pin test - Updates 37 files to use consistent patterns across all LCC/FC tests Original-commit: eb3fb4c Original-author: Rupert Swarbrick <v-rswarbrick@microsoft.com>
Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Removes stale FIXME/TODO comments and modernizes error handling: - Converts handle_error() calls to VPRINTF(FATAL, ...) for consistency - Removes unused src/mcu/rtl/config_defines_mcu.svh - Cleans up testbench service files and library headers - Adds DEVICE_STATUS_0 validation in I3C recovery test Original-commit: 06f97ee Original-author: Clayton Kuchta <ckuchta@microsoft.com>
Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Resolves multiple L1-priority test case failures for lifecycle controller and fuse controller tests: - Refactors tests to use bool body() pattern for proper error propagation - Adds test_unlock_token.hjson for tests requiring token configuration - Improves fuse_ctrl_axi_id, fuse_ctrl_init_fail, fuse_ctrl_unexpected_reset - Fixes lcc_volatile_unlock_wrong_state and lcc_volatile_unlock_wrong_token - Enhances smoke_test_fc_filter_rule_uds_fe with randomized partition selection - Updates smoke_test_fc_unlock_transitions with extracted helper functions - Regenerates fuse_ctrl_mmap.c from template Original-commit: f86da13 Original-author: EMRE KARABULUT <ekarabu>
Cherry-pick from main to patch_ss_v2.1 for nightly regression fixes. Updates LCC clock configuration and test infrastructure: - Adjusts LCC clock parameter for correct timing behavior - Adds transition_state_without_reset() helper to lc_ctrl library - Updates caliptra_ss_lcc_errors test with improved transition handling - Fixes external clock and clock bypass test references Original-commit: 15bb165 Original-author: EMRE KARABULUT <ekarabu>
…1141) * Small delay at MCU program test-end to allow Caliptra to observe status and quiesce DMA * MICROSOFT AUTOMATED PIPELINE: Stamp 'cwhitehead-msft-fix-mcu-sram-prot-reg-test' with updated timestamp and hash after successful run
calebofearth
changed the title
…1008_2.1' with updated timestamp and hash after successful run
* Fix wrong token test to skip ZER transitions Filter out unconditional (ZER) transitions from the candidate target states so the test only exercises token-gated paths. * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/ekarabulut/fix-lcc-raw-wrong-token-skip-zer' with updated timestamp and hash after successful run
…1008_2.1' with updated timestamp and hash after successful run
This was referenced Apr 30, 2026
ekarabu
approved these changes
May 8, 2026
upadhyayulakiran
approved these changes
May 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Apply val-only fixes from internal regressions to the 2.1 patch branch.
NOTE: This PR does not make any hardware modifications to the Subsystem design.