Skip to content

Add DPE ML-DSA support to Caliptra 2.0#3622

Merged
mhatrevi merged 1 commit into
chipsalliance:caliptra-2.0from
ArthurHeymans:fix-dpe-stack-overflow
Apr 30, 2026
Merged

Add DPE ML-DSA support to Caliptra 2.0#3622
mhatrevi merged 1 commit into
chipsalliance:caliptra-2.0from
ArthurHeymans:fix-dpe-stack-overflow

Conversation

@ArthurHeymans
Copy link
Copy Markdown
Contributor

@ArthurHeymans ArthurHeymans commented Apr 15, 2026
edited by parvathib
Loading

Squashed backport of:

DPE rev: a26db5b — last rev bumped by PRs in this list (#3371).

caliptra-2.0 adaptations:

  • DpeMldsaCrypto uses MldsaReg (2.0 has dedicated ML-DSA HW register;
    main uses AbrReg shared Adams Bridge register for ML-DSA and ML-KEM)
  • SignData::Mu returns CryptoError::NotImplemented (no external-mu on 2.0)
  • Removed ML-KEM commands (no ML-KEM HW on 2.0)
  • Removed main-only commands (ocp_lock, shake256)
  • Flat PersistentData paths (2.0 uses single struct, not rom/fw split)
  • Kept 2.0 caliptra-cfi-*-git package names to avoid ROM recompilation
  • STACK_SIZE=136KB (main uses 154KB; 2.0 has ~30KB more PersistentData)
  • RUNTIME_SIZE=176KB (main uses 210KB; 2.0 has fewer runtime features)

Additional fixes on top:

  • Fix stack overflow in initialize_dpe by using execute_serialized
  • Split InvokeDpe and CertifyKeyExtended into per-profile dispatch
  • Defer common response buffer allocation to reduce stack usage
  • Remove external AXI response support (unnecessary in 2.0)
  • Remove subsystem mailbox size limit handling (mailbox not smaller in 2.0)
  • Reduce MAX_HANDLES to preserve ROM layout
  • Derive DPE context thresholds from MAX_HANDLES
  • Fix tests for 32/64 context configurations

@ArthurHeymans ArthurHeymans marked this pull request as ready for review April 22, 2026 14:33
zhalvorsen
zhalvorsen previously approved these changes Apr 23, 2026
View reviewed changes
Comment thread runtime/src/invoke_dpe.rs Outdated
Comment thread runtime/src/certify_key_extended.rs Outdated
@ArthurHeymans ArthurHeymans marked this pull request as draft April 23, 2026 16:01
@parvathib parvathib force-pushed the fix-dpe-stack-overflow branch 2 times, most recently from 46643df to 2d84048 Compare April 29, 2026 22:06
@parvathib parvathib marked this pull request as ready for review April 29, 2026 22:07
zhalvorsen
zhalvorsen reviewed Apr 29, 2026
View reviewed changes
Comment thread runtime/src/invoke_dpe.rs Outdated
@parvathib parvathib force-pushed the fix-dpe-stack-overflow branch from 6899806 to 04af3c1 Compare April 30, 2026 14:39
@parvathib parvathib changed the title Fix stack overflow in initialize_dpe by using execute_serialized Add DPE support to Caliptra 2.0 Apr 30, 2026
@parvathib
runtime: DPE ML-DSA hybrid support with stack overflow fix
5e317d7 
Squashed backport of:
- [dpe] Enable hybrid DPE feature (chipsalliance#3243)
- [dpe] Add ML-DSA DPE Crypto trait (chipsalliance#3315)
- [dpe] Add support for 64 DPE contexts (chipsalliance#3246)
- [dpe] Add ML-DSA DPE command (chipsalliance#3326)
- [dpe] Test ML-DSA CertifyKey (chipsalliance#3357)
- [dpe] Test using external mu with ML-DSA profile (chipsalliance#3371)
- [dpe] reduce nesting of InvokeDpeCmd::execute (chipsalliance#3386)
- [dpe] Add optional ML-DSA response over DMA (chipsalliance#3391)
- [dpe] Add HW model support for large DPE responses (chipsalliance#3403)
- [dpe] Support both DPE profiles in more tests (chipsalliance#3407)
- [dpe] Add a test for worst case scenario certs and CSRs (chipsalliance#3417)
- [dpe] Fail early for response sizing (chipsalliance#3415)
- [dpe] Add ML-DSA support to CertifyKeyExtended (chipsalliance#3426)
- [dpe] Test ML-DSA profile with golang verification (chipsalliance#3454)
- [dpe] Add comment that initialization is profile agnostic (chipsalliance#3460)

DPE rev: a26db5b — last rev bumped by PRs in this list (chipsalliance#3371).

caliptra-2.0 adaptations:
- DpeMldsaCrypto uses MldsaReg (2.0 has dedicated ML-DSA HW register;
  main uses AbrReg shared Adams Bridge register for ML-DSA and ML-KEM)
- SignData::Mu returns CryptoError::NotImplemented (no external-mu on 2.0)
- Removed ML-KEM commands (no ML-KEM HW on 2.0)
- Removed main-only commands (ocp_lock, shake256)
- Flat PersistentData paths (2.0 uses single struct, not rom/fw split)
- Kept 2.0 caliptra-cfi-*-git package names to avoid ROM recompilation
- STACK_SIZE=136KB (main uses 154KB; 2.0 has ~30KB more PersistentData)
- RUNTIME_SIZE=176KB (main uses 210KB; 2.0 has fewer runtime features)

Additional fixes on top:
- Fix stack overflow in initialize_dpe by using execute_serialized
- Split InvokeDpe and CertifyKeyExtended into per-profile dispatch
- Defer common response buffer allocation to reduce stack usage
- Remove external AXI response support (unnecessary in 2.0)
- Remove subsystem mailbox size limit handling (mailbox not smaller in 2.0)
- Reduce MAX_HANDLES to preserve ROM layout
- Derive DPE context thresholds from MAX_HANDLES
- Fix tests for 32/64 context configurations
@parvathib parvathib force-pushed the fix-dpe-stack-overflow branch from 04af3c1 to 5e317d7 Compare April 30, 2026 18:46
@parvathib parvathib changed the title Add DPE support to Caliptra 2.0 Add DPE ML-DSA support to Caliptra 2.0 Apr 30, 2026
@mhatrevi mhatrevi enabled auto-merge (squash) April 30, 2026 20:51
@mhatrevi mhatrevi merged commit 2e734c1 into chipsalliance:caliptra-2.0 Apr 30, 2026
14 checks passed
@mhatrevi mhatrevi deleted the fix-dpe-stack-overflow branch April 30, 2026 20:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@parvathib parvathib parvathib left review comments

@zhalvorsen zhalvorsen zhalvorsen approved these changes

@jhand2 jhand2 Awaiting requested review from jhand2 jhand2 is a code owner

@fdamato fdamato Awaiting requested review from fdamato fdamato is a code owner

@rusty1968 rusty1968 Awaiting requested review from rusty1968 rusty1968 is a code owner

@bluegate010 bluegate010 Awaiting requested review from bluegate010 bluegate010 is a code owner

@mhatrevi mhatrevi Awaiting requested review from mhatrevi mhatrevi is a code owner

@swenson swenson Awaiting requested review from swenson swenson is a code owner

@vsonims vsonims Awaiting requested review from vsonims vsonims is a code owner

@timothytrippel timothytrippel Awaiting requested review from timothytrippel timothytrippel is a code owner

@ajisaxena ajisaxena Awaiting requested review from ajisaxena ajisaxena is a code owner

@korran korran Awaiting requested review from korran korran is a code owner

@JohnTraverAmd JohnTraverAmd Awaiting requested review from JohnTraverAmd JohnTraverAmd is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ArthurHeymans @zhalvorsen @parvathib @mhatrevi