ENTROPY_SRC HWIP Technical Specification

Overview

This document specifies ENTROPY_SRC hardware IP functionality. This module conforms to the Comportable guideline for peripheral functionality.

Features

  • This revision provides an interface to an external physical random noise generator (also referred to as a physical true random number generator. The PTRNG external source is a physical true random noise source. A noise source and its relation to an entropy source are defined by SP 800-90B.
  • A set of registers is provided for firmware to obtain entropy bits.
  • Interrupts are supported:
    • Entropy bits are available for firmware consumption.
    • The internal health tests have detected a test failure.
    • An internal FIFO error has occurred.
  • Two health checks that are defined by SP 800-90B are performed by this revision: Repetition Count and Adaptive Proportion tests.
  • Two additional hardware health checks are performed by this revision: Bucket and Markov tests.
  • Firmware-defined (mailbox-based) and vendor-defined health checks are also supported.
  • A health check failure alert is supported by this revision.

Description

This IP block provides an entropy source that is capable of using a PTRNG noise source to generate random values in a manner that is compliant both with FIPS (though NIST SP 800-90B) and CC (AIS31) recommendations.

The random values generated by this block serve as non-deterministic seeds for the CSRNG block. The outputs of the CSRNG are then used either directly by firmware or are distributed to other hardware blocks through the Entropy Distribution Network.

In the terms of AIS31 classes, this block is meant to satisfy the requirements for a PTG.2 class physical entropy source, with “internal” entropy (an AIS31 term, meaning the min-entropy as measured just before the output pins) exceeding 0.997 entropy-bits/output-bit. In NIST terms, this block satisfies the requirements for a “full-entropy” source, which requires even smaller deviations from ideal entropy, at the level of less than one part in 264. When operating in full-compliance mode, raw outputs from a PTRNG noise source (external to this block) are passed through a conditioning function based on a suitable secure hash function (SHA-2 or SHA-3) which has been vetted by NIST to meet these stringent requirements.

These raw noise bits are subjected to a sequence of health-checks to screen the raw signals for statistical defects which would cause any significant deviations from ideal entropy at the output of the conditioning block. These tests include:

  • The Repetition Count test, which screens for stuck-bits, or a complete failure of the PTRNG noise source,
  • The Adaptive Proportion test, which screens for statistical bias in the number of 1’s or 0’s output by the noise source,
  • The “Bucket Test”, which looks for correlations between the individual noise channels that the external noise source concatenates together to produce the raw noise sequence,
  • The “Markov Test”, which looks for unexpected first-order temporal correlations between bits output by the individual noise channels,
  • The “Mailbox Test”, in which raw-noise data is transferred to firmware in contiguous 2kbit-blocks, so that firmware can perform custom tests, and signal a failure through the same path as the other tests, and
  • Optional Vendor Specific tests, which allow silicon creators to extend the health checks by adding a top-level block external to this IP.

The Repetition Count and Adaptive Proportion test are specifically recommended by SP 800-90B, and are implemented in accordance with those recommendations. In FIPS/CC-compliance mode, all checks except the Repetition Count test are performed on fixed window of data, typically consisting of 2048 bits each. Per the definition in SP 800-90B, the Repetition Count test does not operate on a fixed window. The repetition count test fails if any sequence of bits continuously asserts the same value for too many samples, as determined by the programmable threshold, regardless of whether that sequence crosses any window boundaries. The thresholds for these tests should be chosen to achieve a low false-positive rate (α) given a conservative estimate of the manufacturing tolerances of the PTRNG noise source. The combined choice of threshold and window size then determine the false-negative rate (β), or the probability of missing statistical defects at any particular magnitude.

When the IP is disabled by clearing the ENABLE bit in CONF, all heath checks are disabled and all counters internal to the health checks are reset.

In order to compensate for the fact our tests (like all realistic statistical tests) have finite resolution for detecting defects, we conservatively use 2048 bits of PTRNG noise source to construct each 384 bit conditioned entropy sample. When passed through the conditioning block, the resultant entropy stream will be full entropy unless the PTRNG noise source has encountered some statistical defect serious enough to reduce the raw min-entropy to a level below 0.375 bits of entropy per output bit. We choose this level as our definition of “non-tolerable statistical defects” for the purposes of evaluating this system under AIS31. Given this definition of “non-tolerable defects”, the health-checks as implemented for this block will almost certainly detect any of the previously mentioned defects in a single iteration of the health checks (i.e. such serious defects will be detected with very low β).

In addition to the brief, low-latency health checks, various long-term statistics are accumulated in registers for additional diagnostic purposes or for in-depth analysis. For the hardware interface, entropy bits will be transferred whenever the downstream consumer is ready to receive them.

At a high-level, this ENTROPY_SRC block, when enabled, will continuously collect entropy bits from the entropy source into a FIFO that can be read from the TL-UL bus, or sent out through a hardware interface. The PTRNG noise source will generate a relatively slow set of bit streams, with a total bit rate on the order of 50 kbps. The digital source can be programmed to be faster, or much slower if desired. A digital source rate of flexible speed might be useful in demonstrating how the downstream applications use the entropy.

Once a noise source has been selected through configuration, the raw noise data processing begins. This ENTROPY_SRC block will do health checks, collect and pack bits, and finally send them through a conditioning unit. There are two modes in which entropy bits are delivered, boot-time and FIPS/CC mode. Boot-time mode will deliver bits sooner for specific on-boot obfuscation applications, though the bits may not yet have been subjected to the same level of startup health checks required for FIPS or CC compliance.

In boot-time mode health checks only operate on a window of 384 bits. The boot-time health checks are the same as the FIPS/CC health-checks, though with different thresholds. They are sensitive to the same types of statistical defects, though at reduced statistical resolution. With suitable thresholds, the boot-time health checks can be operate both with low false-alarm rates (low α), while still confirming with low β that the total entropy of the first seed contains at least 80 bits of total entropy. During start up the initial 384 bits are held in a buffer until the boot-time start-up health checks are performed. Storing the seed in this buffer, allows this seed to released to the CSRNG immediately after the entropy has been confirmed.

Boot-time mode also has the feature that it bypasses the SHA conditioning function, as only 384 bits are used in the initial boot-time seed.

For maximal flexibility in normal operation, the conditioning function can also be implemented by firmware. When this firmware conditioning feature is activated, data read directly out of the noise source can be reinjected into the entropy pipeline via a TL-UL register after it has been processed by firmware. It should be noted that this firmware algorithm must be vetted by NIST to satisfy the requirements for a full-entropy source. This feature can also be disabled for security purposes, either by locking the feature via the REGEN register at boot, or by a write to one-time programmable (OTP) memory.

Compatibility

This IP block does not have any direct hardware compatibility requirements. However, the general design of this block follows the overall NIST recommendations, as described by SP 800-90B.

Theory of Operations

As already described, this IP block will collect bits of entropy for firmware or hardware consumption. This revision supports only an external interface for a PTRNG noise source implementation.

The first step is initialization and enabling. The PTRNG noise source mode is selected when the ENABLE field will be set. After the block is enabled and initialized, entropy bits will be collected up indefinitely until disabled.

After a reset, the ENTROPY_SRC block will start up in boot-time mode by default. This feature is designed to provide an initial seed’s worth of entropy with lower latency than the normal FIPS/CC compliant health check process. Health testing will still be performed on boot-time mode entropy, but the window of checking is, by default, 384 bits instead of 2048 bits. When entropy is delivered to the downstream hardware block, a signal will indicate what type of entropy it is - FIPS compliant or not. Boot-time mode can be completely disabled in the CONF register.

Once the initial boot-time mode phase has completed, the ENTROPY_SRC block will switch to FIPS compliant mode. In this mode, once the raw entropy has been health checked, it will be passed into a conditioner block. This block will compress the bits such that the entropy bits/physical bits, or min-entropy value, should be improved over the raw data source min-entropy value. The compression operation, by default, will compress every 2048 tested bits into 384 full-entropy bits.

The hardware conditioning can also be bypassed and replaced in normal operation with a firmware-defined conditioning algorithm. This firmware conditioning algorithm can be disabled on boot for security purposes.

The firmware override function has the capability to completely override the hardware health tests and the conditioner paths. In the case of health tests, firmware can turn off one or all of the health tests and perform the tests in firmware. A data path is provided in the hardware such that the inbound entropy can be trapped in the pre-conditioner FIFO. Once a pre-determined threshold of entropy has been reached in this FIFO, the firmware can then read the entropy bits out of the FIFO. The exact mechanism for this functionality starts with setting the FW_OV_MODE field in the FW_OV_CONTROL register. This will enable firmware to monitor post-health test entropy bits by reading from the FW_OV_RD_DATA register. Firmware can use the OBSERVE_FIFO_THRESH and OBSERVE_FIFO_DEPTH to determine the state of the OBSERVE FIFO. At this point, firmware can do additional health checks on the entropy. Optionally, firmware can do the conditioning function, assuming the hardware is configured to bypass the conditioner block. Once firmware has processed the entropy, it can then write the results back into the FW_OV_WR_DATA register (pre-conditioner FIFO). The FW_OV_ENTROPY_INSERT in the FW_OV_CONTROL register will enable inserting entropy bits back into the entropy flow. The firmware override control fields will be set such that the new entropy will resume normal flow operation.

An additional feature of the firmware override function is to insert entropy bits into the flow and still use the condtioning function in the hardware. Setting the FW_OV_INSERT_START field in the FW_OV_SHA3_START register will prepare the hardware for this flow. Once this field is set true, the FW_OV_WR_DATA register can be written with entropy bits. The FW_OV_WR_FIFO_FULL register should be monitored after each write to ensure data is not dropped. Once all of the data has been written, the FW_OV_INSERT_START field should be set to false. The normal SHA3 processing will continue and finally push the conditioned entropy through the module.

Health checks are performed on the input raw data from the PTRNG noise source when in that mode. There are four health tests that will be performed: repetitive count, adaptive proportion, bucket, and Markov tests. Each test has a pair of threshold values that determine that pass/fail of the test, one threshold for boot-time mode, and one for normal mode. By default, all tests are enabled, but can be turn off in the CONF register. Because of the variability of the PTRNG noise source, there are several registers that log statistics associated with the health tests. For example, the adaptive proportion test has a high watermark register that logs the highest measured number of ones. The ADAPTP_HI_WATERMARKS register has an entry for both normal and boot-time modes. This register allows for determining how close the threshold value should be set to the fail over value. Specific to the adaptive proportion test, there is also the ADAPTP_LO_WATERMARKS register, which will hold the lowest number of ones measured. To help understand how well the thresholds work through time, a running count of test fails is kept in the ADAPTP_HI_TOTAL_FAILS register. The above example for the adaptive proportion test also applies to the other health tests, with the exception of the low watermark registers. See the timing diagrams below for more details on how the health tests work. It should be noted that for all error counter registers, they are sized for 16 bits, which prevents any case where counters might wrap.

Vendor-specific tests are supported through an external health test interface (xht). This is the same interface that is used for the internal health tests. Below is a description of this interface:

  • entropy_bit: 4-bit wide bus of entropy to be tested.
  • entropy_bit_valid: indication of when the entropy is valid.
  • clear: signal to clear counters, and is register driven.
  • active: signal to indicate when the test should run, and is register driven.
  • thresh_hi: field to indicate what high threshold the test should use, and is register driven.
  • thresh_lo: field to indicate what low threshold the test should use, and is register driven.
  • window: field to indicate what the size of the test window is, and is register driven.
  • test_cnt: generic test count result, to be read from a register.
  • test_fail_hi_pulse: indication that a high threshold comparison failed, to be read from a register.
  • test_fail_lo_pulse: indication that a low threshold comparison failed, to be read from a register.

The ALERT_THRESHOLD register determines how many fails can occur before an alert is issued. By default, the current threshold is set to two, such that the occurrence of two failing test cycles back-to-back would provide a very low α value. The ALERT_FAIL_COUNTS register holds the total number of fails, plus all of the individual contributing failing tests. Setting the ALERT_THRESHOLD register to zero will disable alert generation.

Firmware has a path to read entropy from the ENTROPY_SRC block. The ENTROPY_CONTROL register allows firmware to set the internal multiplexers to steer entropy data to the ENTROPY_DATA register. The control bit ES_TYPE sets whether the entropy will come from the conditioning block or be sourced through the bypass path. A status bit will be set that can either be polled or generate an interrupt when the entropy bits are available to be read from the ENTROPY_DATA register. The firmware needs to read the ENTROPY_DATA register twelve times in order to cleanly evacuate the 384-bit seed from the hardware path (12*32bits=384bits total). The firmware will directly read out of the main entropy FIFO, and when the control bit ES_ROUTE is set, no entropy is being passed to the block hardware interface.

If the esfinal FIFO fills up, additional entropy that has been health checked will be dropped before entering the conditioner. This drop point will save on conditioner power, and still preserve esfinal FIFO entropy that has already been collected.

The above process will be repeated for as long as entropy bits are to be collected and processed.

At any time, the ENABLE field can be cleared to halt the entropy generation (and health check testing). See the Programmers Guide section for more details on the ENTROPY_SRC block disable sequence.

Block Diagram

ENTROPY_SRC Block Diagram

Hardware Interfaces

Referring to the Comportable guideline for peripheral device functionality, the module entropy_src has the following hardware interfaces defined.

Primary Clock: clk_i

Other Clocks: none

Bus Device Interfaces (TL-UL): tl

Bus Host Interfaces (TL-UL): none

Peripheral Pins for Chip IO: none

Interrupts:

Interrupt NameDescription
es_entropy_valid

Asserted when entropy source bits are available.

es_health_test_failed

Asserted when the alert count has been met.

es_observe_fifo_ready

Asserted when the observe FIFO has filled to the threshold level.

es_fatal_err

Asserted when a FIFO error occurs, or if an illegal state machine state is reached.

Security Alerts:

Alert NameDescription
recov_alert

This alert is triggered upon the alert health test threshold criteria not met.

fatal_alert

This alert triggers for any condition detected in the !!ERROR_CODE register, which includes FIFO errors, COUNTER errors, FSM state errors, and also when integrity failures are detected on the TL-UL bus.

Security Countermeasures:

Countermeasure IDDescription
ENTROPY_SRC.CONFIG.REGWEN

Registers are protected from writes.

ENTROPY_SRC.CONFIG.MUBI

Registers have multi-bit encoded fields.

ENTROPY_SRC.CONFIG.REDUN

Threshold register has an inverted copy to compare against.

ENTROPY_SRC.INTERSIG.MUBI

OTP signal used to enable software access to registers.

ENTROPY_SRC.MAIN_SM.FSM.SPARSE

The ENTROPY_SRC main state machine uses a sparse state encoding.

ENTROPY_SRC.ACK_SM.FSM.SPARSE

The ENTROPY_SRC ack state machine uses a sparse state encoding.

ENTROPY_SRC.RNG.BKGN_CHK

Random number generator is protected with continuous background health checks.

ENTROPY_SRC.CTR.REDUN

Counter hardening for all health test counters.

ENTROPY_SRC.CTR.LOCAL_ESC

Redundant counter failures will cause a local escalation to the main state machine.

ENTROPY_SRC.ESFINAL_RDATA.BUS.CONSISTENCY

Comparison on successive bus values for the post-conditioned entropy seed bus.

ENTROPY_SRC.TILE_LINK.BUS.INTEGRITY

Tilelink end-to-end bus integrity scheme.

Design Details

Initialization

After power-up, the ENTROPY_SRC block is disabled.

For simplicity of initialization, only a single register write is needed to start functional operation of the ENTROPY_SRC block. This assumes that proper defaults are chosen for thresholds, sampling rate, and other registers.

For security reasons, a configuration and control register locking function is performed by the REGEN register. Clearing the bit in this register will prevent future modification of the CONF register or other writeable registers by firmware.

Entropy Processing

When enabled, the ENTROPY_SRC block will generate entropy bits continuously. The es_entropy_valid bit in the ENTROPY_SRC_INTR_STATE register will indicate to the firmware when entropy bits can read from the ENTROPY_DATA register. The firmware will do 32-bit register reads of the ENTROPY_DATA register to retrieve the entropy bits. Each read will automatically pop an entry from the entropy unpacker block. A full twelve 32-bit words need to be read at a time.

The hardware entropy interface will move entropy bits out of the ENTROPY FIFO when it is not empty, and the downstream hardware is ready. If firmware is not currently reading entropy bits, all processed entropy bits will flow to the hardware entropy interface.

Security

All module assets and countermeasures performed by hardware are listed in the hjson countermeasures section. Labels for each instance of asset and coutermeasure are located throughout the RTL source code.

For all of the health test threshold registers, these registers could be protected with shadow registers. A design choice was made here to not use shadow registers and save on silicon cost. The threshold registers are protected by software. It is expected that software will read the threshold registers on a periodic basis, and compare these values to what was originally programmed into the threshold registers.

Bus integrity checking is performed for the final seed delivery to CSRNG. This is done to make sure repeated values are not occurring. Only 64 bits (out of 384 bits) are checked, since this is statistically significant, and more checking would cost more silicon.

Interrupts

The ENTROPY_SRC module has several interrupts: es_entropy_valid, es_health_test_failed, and es_fifo_err.

The es_entropy_valid interrupt should be asserted when an entropy source has been implemented that is relatively slow.

The es_health_test_failed interrupt will trigger when the internal health test fails and exceeds the alert threshold.

The es_fifo_err interrupt will fire when an internal FIFO has a malfunction. The conditions that cause this to happen are either when there is a push to a full FIFO or a pull from an empty FIFO.

Main State Machine Diagram

The following diagram shows how the main state machine state is constructed. The larger circles show the how the overall state machine transitions. The sub-state machines with smaller circles show more detail about how the large circles operate.

ENTROPY_SRC State Diagram

Entropy Source Hardware Interface

The following waveform shows an example of how the entropy source hardware interface works, which is much like a FIFO.

PTRNG Hardware Interface

The following waveform shows an example of what the PTRNG timing looks like.

Repetition Count Test

The following waveform shows how a sampling of a data pattern will be tested by the Repetition Count test. Operating on each bit stream, this test will count when a signal is at a stuck level. This NIST test is intended to signal a catastrophic failure with the PTRNG noise source.

Adaptive Proportion Test

This NIST-defined test is intended to detect statistical bias in the raw entropy data. The test counts the number of 1’s in a given sample, and applies thresholds to reject samples which deviate too far from the ideal mean of 50%.

Depending on the value of the CONF.THRESHOLD_SCOPE field, the thresholds can either be applied collectively to the all RNG inputs, or the thresholds can be applied on a line-by-line basis. Setting CONF.THRESHOLD_SCOPE to kMuBi4True will apply the thresholds to the aggregated RNG stream. This can be useful for lowering the likelihood of coincidental test failures (higher α). Meanwhile, setting CONF.THRESHOLD_SCOPE to kMuBi4False will apply thresholds on a line-by-line basis which allows the ENTROPY_SRC to detect single line failures.

The following waveform shows how a sampling of a data pattern will be tested by the Adaptive Proportion test. In this example, the sum is taken over all RNG lines (i.e., CONF.THRESHOLD_SCOPE is True).

Bucket Test

The following waveform shows how a sampling of a data pattern will be tested by the Bucket test. Operating on all four bit streams, this test will identify the symbol and sort it into bin counters, or “buckets”. This test is intended to find bias with a symbol or symbols.

Markov Test

The following waveform shows how a sampling of a data pattern will be tested by the Markov test.

The test aims to detect either:

  1. Oversampling of AST/RNG outputs leading to “clustered” input values that eventually change, but often are just repeats of the previous sample. For example the string: “00111111000011000111000111000001111” has roughly equal numbers of 1’s and 0’s, but no good entropy source should generate such strings, because each bit is likely just a repeat of the previous one.

  2. Wild oscillations of the RNG, in a distinctly non-random way. For instance the string: “010101010101010101” has almost zero entropy, even though the number of 1’s and 0’s appears unbiased.

The test counts the number of changes in the a fixed number of RNG samples, and comparing the number of “01”/“10” pairs to the number of “00”/“11” pairs. On average, the number of switching (e.g., “01”) vs. non-switching (e.g., “00”) pairs should be 50% of the total, with a variance proportional to the sample size.

Like the Adaptive Proportion test, the Markov Test can be computed either cumulatively (summing the results over all RNG lines) or on a per-line basis. In this example, the RNG lines are scored individually (i.e., CONF.THRESHOLD_SCOPE is False).

Programmers Guide

Initialization

The following code snippet demonstrates initializing the ENTROPY_SRC block for entropy bit generation.


void entropy_src_init(unsigned int rate) {

  // set the configuration enable bits (rng mode, all health tests enabled)
  *CONF_REG = 0x1;

  // the ENTROPY_SRC interrupts can optionally be enabled
}

Entropy Processing

The following code snippet demonstrates reading entropy bits from the ENTROPY_SRC block.


int entropy_src_entropy(unsigned int numEntropyBits) {

  // read numEntropyBits, check for ENTROPY_SRC_INTR_STATE bit 0
  return *ENTROPY_DATA_REG;

}

Note that when software makes frequent re-seed requests to CSRNG, any stored up entropy seeds in the final entropy FIFO will quickly consumed. Once the FIFO is empty, subsequent entropy seed requests will have to wait the worst case latency time while new entropy is being created.

Entropy Source Module Disable

A useful feature for the ENTROPY_SRC block is the ability to disable it in a graceful matter. Since there exists another feature to avoid power spikes between ENTROPY_SRC and CSRNG, software needs to monitor the disabling process. Bit 16 in the DEBUG_STATUS should be polled after the ENTROPY_SRC enable bits are cleared in the CONF register. After the handshakes with CSRNG are finished, the above bit should be set and the ENTROPY_SRC block can be safely enabled again.

Error conditions

Need to alert the system of a FIFO overflow condition.

Register Table

entropy_src.INTR_STATE @ 0x0

Interrupt State Register

Reset default = 0x0, mask 0xf
31302928272625242322212019181716
 
1514131211109876543210
  es_fatal_err es_observe_fifo_ready es_health_test_failed es_entropy_valid
BitsTypeResetNameDescription
0rw1c0x0es_entropy_valid

Asserted when entropy source bits are available.

1rw1c0x0es_health_test_failed

Asserted when the alert count has been met.

2rw1c0x0es_observe_fifo_ready

Asserted when the observe FIFO has filled to the threshold level.

3rw1c0x0es_fatal_err

Asserted when a FIFO error occurs, or if an illegal state machine state is reached.


entropy_src.INTR_ENABLE @ 0x4

Interrupt Enable Register

Reset default = 0x0, mask 0xf
31302928272625242322212019181716
 
1514131211109876543210
  es_fatal_err es_observe_fifo_ready es_health_test_failed es_entropy_valid
BitsTypeResetNameDescription
0rw0x0es_entropy_valid

Enable interrupt when INTR_STATE.es_entropy_valid is set.

1rw0x0es_health_test_failed

Enable interrupt when INTR_STATE.es_health_test_failed is set.

2rw0x0es_observe_fifo_ready

Enable interrupt when INTR_STATE.es_observe_fifo_ready is set.

3rw0x0es_fatal_err

Enable interrupt when INTR_STATE.es_fatal_err is set.


entropy_src.INTR_TEST @ 0x8

Interrupt Test Register

Reset default = 0x0, mask 0xf
31302928272625242322212019181716
 
1514131211109876543210
  es_fatal_err es_observe_fifo_ready es_health_test_failed es_entropy_valid
BitsTypeResetNameDescription
0wo0x0es_entropy_valid

Write 1 to force INTR_STATE.es_entropy_valid to 1.

1wo0x0es_health_test_failed

Write 1 to force INTR_STATE.es_health_test_failed to 1.

2wo0x0es_observe_fifo_ready

Write 1 to force INTR_STATE.es_observe_fifo_ready to 1.

3wo0x0es_fatal_err

Write 1 to force INTR_STATE.es_fatal_err to 1.


entropy_src.ALERT_TEST @ 0xc

Alert Test Register

Reset default = 0x0, mask 0x3
31302928272625242322212019181716
 
1514131211109876543210
  fatal_alert recov_alert
BitsTypeResetNameDescription
0wo0x0recov_alert

Write 1 to trigger one alert event of this kind.

1wo0x0fatal_alert

Write 1 to trigger one alert event of this kind.


entropy_src.ME_REGWEN @ 0x10

Register write enable for module enable register

Reset default = 0x1, mask 0x1
31302928272625242322212019181716
 
1514131211109876543210
  ME_REGWEN
BitsTypeResetNameDescription
0rw0c0x1ME_REGWEN

When true, the MODULE_ENABLE register can be modified. When false, it becomes read-only.


entropy_src.SW_REGUPD @ 0x14

Register write enable for control and threshold registers

Reset default = 0x1, mask 0x1
31302928272625242322212019181716
 
1514131211109876543210
  SW_REGUPD
BitsTypeResetNameDescription
0rw0c0x1SW_REGUPD

When this bit true and the MODULE_ENABLE field is false, the REGWEN write enable bit read as true, and is distributed to all associated control and threshold registers. When false, these registers become read-only.


entropy_src.REGWEN @ 0x18

Register write enable for all control registers

Reset default = 0x1, mask 0x1
31302928272625242322212019181716
 
1514131211109876543210
  REGWEN
BitsTypeResetNameDescription
0ro0x1REGWEN

This read-only write enable bit will allow write access to control and theshold registers that are associated with this bit, but only when the MODULE_ENABLE field is set to kMultiBitBool4False and the SW_REGUPD write enable bit is set to true. When read as false, these registers become read-only.


entropy_src.REV @ 0x1c

Revision register

Reset default = 0x10303, mask 0xffffff
31302928272625242322212019181716
  CHIP_TYPE
1514131211109876543210
HW_REVISION ABI_REVISION
BitsTypeResetNameDescription
7:0ro0x3ABI_REVISION

Read of this register shows the ABI of this block.

15:8ro0x3HW_REVISION

Read of this register shows the revision of this block.

23:16ro0x1CHIP_TYPE

Read of this register shows the type of chip using this block.


entropy_src.MODULE_ENABLE @ 0x20

Module enable register

Reset default = 0x9, mask 0xf
Register enable = ME_REGWEN
31302928272625242322212019181716
 
1514131211109876543210
  MODULE_ENABLE
BitsTypeResetNameDescription
3:0rw0x9MODULE_ENABLE

Setting this field to kMultiBitBool4True will enable the ENTROPY_SRC module. Setting this field to kMultiBitBool4False will effectively reset the module.


entropy_src.CONF @ 0x24

Configuration register

Reset default = 0x909099, mask 0x3f0f0ff
Register enable = REGWEN
31302928272625242322212019181716
  RNG_BIT_SEL RNG_BIT_ENABLE  
1514131211109876543210
THRESHOLD_SCOPE   ENTROPY_DATA_REG_ENABLE FIPS_ENABLE
BitsTypeResetNameDescription
3:0rw0x9FIPS_ENABLE

Setting this field to kMultiBitBool4True will enable FIPS qualified entropy to be generated.

7:4rw0x9ENTROPY_DATA_REG_ENABLE

Setting this field to kMultiBitBool4True will enable reading entropy values from the ENTROPY_DATA register. This function also requires that the otp_en_entropy_src_fw_read input vector is set to the enable encoding.

11:8Reserved
15:12rw0x9THRESHOLD_SCOPE

This field controls the scope (either by-line or by-sum) of the health checks. If set to kMultiBitBool4True, the Adaptive Proportion and Markov Tests will accumulate all RNG input lines into a single score, and thresholds will be applied to the sum all the entropy input lines. If set to kMultiBitBool4False, the RNG input lines are all scored individually. A statistical deviation in any one input line, be it due to coincidence or failure, will force rejection of the sample, and count toward the total alert count.

19:16Reserved
23:20rw0x9RNG_BIT_ENABLE

Setting this field to kMultiBitBool4True enables the single RNG bit mode, where only one bit is sampled.

25:24rw0x0RNG_BIT_SEL

When the above bit iset, this field selects which bit from the RNG bus will be processed when in single RNG bit mode. This two bit field selects the RNG bit stream: 0b00: RNG bit 0 0b01: RNG bit 1 0b10: RNG bit 2 0b11: RNG bit 3


entropy_src.ENTROPY_CONTROL @ 0x28

Entropy control register

Reset default = 0x99, mask 0xff
Register enable = REGWEN
31302928272625242322212019181716
 
1514131211109876543210
  ES_TYPE ES_ROUTE
BitsTypeResetNameDescription
3:0rw0x9ES_ROUTE

Setting this field to kMultiBitBool4True routes the generated entropy value to the ENTROPY_DATA register to be read by firmware. When this field is kMultiBitBool4False, the generated entropy will be forwarded out of this module to the hardware interface.

7:4rw0x9ES_TYPE

Setting this field to kMultiBitBool4True will bypass the conditioning logic and bring raw entropy data to the ENTROPY_DATA register. When kMultiBitBool4False, FIPS compliant entropy will be brought the ENTROPY_DATA register, after being conditioned.


entropy_src.ENTROPY_DATA @ 0x2c

Entropy data bits

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
ENTROPY_DATA...
1514131211109876543210
...ENTROPY_DATA
BitsTypeResetNameDescription
31:0roxENTROPY_DATA

A read of this register provides generated entropy bits to firmware.


entropy_src.HEALTH_TEST_WINDOWS @ 0x30

Health test windows register

Reset default = 0x600200, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_WINDOW
1514131211109876543210
FIPS_WINDOW
BitsTypeResetNameDescription
15:0rw0x200FIPS_WINDOW

This is the window size for all health tests. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. The default value is (2048 bits * 1 clock/4 bits);

31:16rw0x60BYPASS_WINDOW

This is the window size for all health tests when running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. The default value is (384 bits * 1 clock/4 bits);


entropy_src.REPCNT_THRESHOLDS @ 0x34

Repetition count test thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the repetition count health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the repetition count health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.REPCNTS_THRESHOLDS @ 0x38

Repetition count symbol test thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the repetition count symbol health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the repetition count symbol health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.ADAPTP_HI_THRESHOLDS @ 0x3c

Adaptive proportion test high thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the adaptive proportion health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the adaptive proportion health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.ADAPTP_LO_THRESHOLDS @ 0x40

Adaptive proportion test low thresholds register

Reset default = 0x0, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0x0FIPS_THRESH

This is the threshold size for the adaptive proportion health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.

31:16rw0x0BYPASS_THRESH

This is the threshold size for the adaptive proportion health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.


entropy_src.BUCKET_THRESHOLDS @ 0x44

Bucket test thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the bucket health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the bucket health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.MARKOV_HI_THRESHOLDS @ 0x48

Markov test high thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the Markov health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the Markov health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.MARKOV_LO_THRESHOLDS @ 0x4c

Markov test low thresholds register

Reset default = 0x0, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0x0FIPS_THRESH

This is the threshold size for the Markov health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.

31:16rw0x0BYPASS_THRESH

This is the threshold size for the Markov health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.


entropy_src.EXTHT_HI_THRESHOLDS @ 0x50

External health test high thresholds register

Reset default = 0xffffffff, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0xffffFIPS_THRESH

This is the threshold size for the external health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.

31:16rw0xffffBYPASS_THRESH

This is the threshold size for the external health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is less than the current value of this register. A read from this register always reflects the current value.


entropy_src.EXTHT_LO_THRESHOLDS @ 0x54

External health test low thresholds register

Reset default = 0x0, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
BYPASS_THRESH
1514131211109876543210
FIPS_THRESH
BitsTypeResetNameDescription
15:0rw0x0FIPS_THRESH

This is the threshold size for the external health test. This value is used in normal mode when entropy is being tested in FIPS/CC compliance mode. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.

31:16rw0x0BYPASS_THRESH

This is the threshold size for the external health test running in bypass mode. This mode is active after reset for the first and only test run, or when this mode is programmed by firmware. This register must be written before the module is enabled. Writing to this register will only update the register if the written value is greater than the current value of this register. A read from this register always reflects the current value.


entropy_src.REPCNT_HI_WATERMARKS @ 0x58

Repetition count test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the REPCNT test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the REPCNT test in bypass mode.


entropy_src.REPCNTS_HI_WATERMARKS @ 0x5c

Repetition count symbol test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the REPCNTS test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the REPCNTS test in bypass mode.


entropy_src.ADAPTP_HI_WATERMARKS @ 0x60

Adaptive proportion test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the adaptive proportion test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the adaptive proportion test in bypass mode.


entropy_src.ADAPTP_LO_WATERMARKS @ 0x64

Adaptive proportion test low watermarks register

Reset default = 0xffffffff, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0ro0xffffFIPS_WATERMARK

Low watermark value of the adaptive proportion test in FIPS mode.

31:16ro0xffffBYPASS_WATERMARK

Low watermark value of the adaptive proportion test in bypass mode.


entropy_src.EXTHT_HI_WATERMARKS @ 0x68

External health test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the external health test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the external health test in bypass mode.


entropy_src.EXTHT_LO_WATERMARKS @ 0x6c

External health test low watermarks register

Reset default = 0xffffffff, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0ro0xffffFIPS_WATERMARK

Low watermark value of the external health test in FIPS mode.

31:16ro0xffffBYPASS_WATERMARK

Low watermark value of the external health test in bypass mode.


entropy_src.BUCKET_HI_WATERMARKS @ 0x70

Bucket test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the bucket test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the bucket test in bypass mode.


entropy_src.MARKOV_HI_WATERMARKS @ 0x74

Markov test high watermarks register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0roxFIPS_WATERMARK

High watermark value of the Markov test in FIPS mode.

31:16roxBYPASS_WATERMARK

High watermark value of the Markov test in bypass mode.


entropy_src.MARKOV_LO_WATERMARKS @ 0x78

Markov test low watermarks register

Reset default = 0xffffffff, mask 0xffffffff
31302928272625242322212019181716
BYPASS_WATERMARK
1514131211109876543210
FIPS_WATERMARK
BitsTypeResetNameDescription
15:0ro0xffffFIPS_WATERMARK

Low watermark value of the Markov test in FIPS mode.

31:16ro0xffffBYPASS_WATERMARK

Low watermark value of the Markov test in bypass mode.


entropy_src.REPCNT_TOTAL_FAILS @ 0x7c

Repetition count test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
REPCNT_TOTAL_FAILS...
1514131211109876543210
...REPCNT_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxREPCNT_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.REPCNTS_TOTAL_FAILS @ 0x80

Repetition count symbol test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
REPCNTS_TOTAL_FAILS...
1514131211109876543210
...REPCNTS_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxREPCNTS_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.ADAPTP_HI_TOTAL_FAILS @ 0x84

Adaptive proportion high test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
ADAPTP_HI_TOTAL_FAILS...
1514131211109876543210
...ADAPTP_HI_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxADAPTP_HI_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.ADAPTP_LO_TOTAL_FAILS @ 0x88

Adaptive proportion low test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
ADAPTP_LO_TOTAL_FAILS...
1514131211109876543210
...ADAPTP_LO_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxADAPTP_LO_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.BUCKET_TOTAL_FAILS @ 0x8c

Bucket test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
BUCKET_TOTAL_FAILS...
1514131211109876543210
...BUCKET_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxBUCKET_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.MARKOV_HI_TOTAL_FAILS @ 0x90

Markov high test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
MARKOV_HI_TOTAL_FAILS...
1514131211109876543210
...MARKOV_HI_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxMARKOV_HI_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.MARKOV_LO_TOTAL_FAILS @ 0x94

Markov low test failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
MARKOV_LO_TOTAL_FAILS...
1514131211109876543210
...MARKOV_LO_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxMARKOV_LO_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.EXTHT_HI_TOTAL_FAILS @ 0x98

External health test high threshold failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
EXTHT_HI_TOTAL_FAILS...
1514131211109876543210
...EXTHT_HI_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxEXTHT_HI_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.EXTHT_LO_TOTAL_FAILS @ 0x9c

External health test low threshold failure counter register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
EXTHT_LO_TOTAL_FAILS...
1514131211109876543210
...EXTHT_LO_TOTAL_FAILS
BitsTypeResetNameDescription
31:0roxEXTHT_LO_TOTAL_FAILS

This register will hold a running count of test failures observed during normal operation. It will persist until cleared.


entropy_src.ALERT_THRESHOLD @ 0xa0

Alert threshold register

Reset default = 0xfffd0002, mask 0xffffffff
Register enable = REGWEN
31302928272625242322212019181716
ALERT_THRESHOLD_INV
1514131211109876543210
ALERT_THRESHOLD
BitsTypeResetNameDescription
15:0rw0x2ALERT_THRESHOLD

This is the threshold size that will signal an alert when value is reached. A value of zero will disable alerts. The default value is 2.

31:16rw0xfffdALERT_THRESHOLD_INV

This should be set to the value above, but inverted.


entropy_src.ALERT_SUMMARY_FAIL_COUNTS @ 0xa4

Alert summary failure counts register

Reset default = 0x0, mask 0xffff
31302928272625242322212019181716
 
1514131211109876543210
ANY_FAIL_COUNT
BitsTypeResetNameDescription
15:0roxANY_FAIL_COUNT

This field will hold a running count of the total alert count, which is a sum of all of the other counters in the ALERT_FAIL_COUNTS register. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.


entropy_src.ALERT_FAIL_COUNTS @ 0xa8

Alert failure counts register

Reset default = 0x0, mask 0xfffffff0
31302928272625242322212019181716
REPCNTS_FAIL_COUNT MARKOV_LO_FAIL_COUNT MARKOV_HI_FAIL_COUNT BUCKET_FAIL_COUNT
1514131211109876543210
ADAPTP_LO_FAIL_COUNT ADAPTP_HI_FAIL_COUNT REPCNT_FAIL_COUNT  
BitsTypeResetNameDescription
3:0Reserved
7:4roxREPCNT_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

11:8roxADAPTP_HI_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

15:12roxADAPTP_LO_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

19:16roxBUCKET_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

23:20roxMARKOV_HI_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

27:24roxMARKOV_LO_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

31:28roxREPCNTS_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.


entropy_src.EXTHT_FAIL_COUNTS @ 0xac

External health test alert failure counts register

Reset default = 0x0, mask 0xff
31302928272625242322212019181716
 
1514131211109876543210
  EXTHT_LO_FAIL_COUNT EXTHT_HI_FAIL_COUNT
BitsTypeResetNameDescription
3:0roxEXTHT_HI_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.

7:4roxEXTHT_LO_FAIL_COUNT

This field will hold a running count of test failures that contribute to the total alert count. It will be reset after every passing test sequence. If an alert is signaled, this value will persist until it is cleared.


entropy_src.FW_OV_CONTROL @ 0xb0

Firmware override control register

Reset default = 0x99, mask 0xff
Register enable = REGWEN
31302928272625242322212019181716
 
1514131211109876543210
  FW_OV_ENTROPY_INSERT FW_OV_MODE
BitsTypeResetNameDescription
3:0rw0x9FW_OV_MODE

Setting this field to kMultiBitBool4True will put the entropy flow in firmware override mode. In this mode, firmware can monitor the post-health test entropy by reading the observe FIFO. This function also requires that the otp_en_entropy_src_fw_over input vector is set to the enable encoding.

7:4rw0x9FW_OV_ENTROPY_INSERT

Setting this field to kMultiBitBool4True will switch the input into the pre-conditioner packer FIFO. Firmware can directly write into the packer FIFO, enabling the ability to insert entropy bits back into the hardware flow. Firmware can read data from the health check packer FIFO, then do optional health checks or optional conditioning, then insert the results back into the flow. Also, the FW_OV_CONTROL.FW_OV_MODE bit must be set.


entropy_src.FW_OV_SHA3_START @ 0xb4

Firmware override sha3 block start control register

Reset default = 0x9, mask 0xf
31302928272625242322212019181716
 
1514131211109876543210
  FW_OV_INSERT_START
BitsTypeResetNameDescription
3:0rw0x9FW_OV_INSERT_START

Setting this field to kMultiBitBool4True will instruct the ENTROPY_SRC main state machine to start the SHA3 process and be ready to accept entropy data. This field should be set prior to writting the FW_OV_WR_DATA register. Once all data has been written, this field should be set to kMultiBitBool4False. Once that happened, the SHA3 block will finish processing and push the result into the ESFINAL FIFO.


entropy_src.FW_OV_WR_FIFO_FULL @ 0xb8

Firmware override FIFO write full status register

Reset default = 0x0, mask 0x1
31302928272625242322212019181716
 
1514131211109876543210
  FW_OV_WR_FIFO_FULL
BitsTypeResetNameDescription
0roxFW_OV_WR_FIFO_FULL

"When this bit is clear, writes to the FW_OV_WR_DATA register are allowed. If this bit is set, it is the equivalent to a FIFO full condition, and writes to the FW_OV_WR_DATA register must be delayed until this bit is reset.


entropy_src.FW_OV_RD_FIFO_OVERFLOW @ 0xbc

Firmware override Observe FIFO overflow status

Reset default = 0x0, mask 0x1
31302928272625242322212019181716
 
1514131211109876543210
  FW_OV_RD_FIFO_OVERFLOW
BitsTypeResetNameDescription
0rw0c0x0FW_OV_RD_FIFO_OVERFLOW

This bit is set by hardware whenever RNG data is lost due to an overflow condition in the Observe FIFO. The RNG data rate is slow enough that firmware should always be able to keep up. This register meanwhile provides an additional check to confirm that bytes read from the FW_OV_RD_DATA register represent contiguous RNG samples. If an overflow event occurs, this bit must be cleared by software.


entropy_src.FW_OV_RD_DATA @ 0xc0

Firmware override Observe FIFO read register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
FW_OV_RD_DATA...
1514131211109876543210
...FW_OV_RD_DATA
BitsTypeResetNameDescription
31:0roxFW_OV_RD_DATA

A read of this register pops and returns the top of the Observe FIFO.


entropy_src.FW_OV_WR_DATA @ 0xc4

Firmware override FIFO write register

Reset default = 0x0, mask 0xffffffff
31302928272625242322212019181716
FW_OV_WR_DATA...
1514131211109876543210
...FW_OV_WR_DATA
BitsTypeResetNameDescription
31:0woxFW_OV_WR_DATA

A write to this register will insert entropy back into the entropy source module flow. Both FW_OV_CONTROL.FW_OV_MODE and FW_OV_CONTROL.FW_OV_ENTROPY_INSERT bits need to be set to enable the insertion.


entropy_src.OBSERVE_FIFO_THRESH @ 0xc8

Observe FIFO threshold register

Reset default = 0x20, mask 0x7f
Register enable = REGWEN
31302928272625242322212019181716
 
1514131211109876543210
  OBSERVE_FIFO_THRESH
BitsTypeResetNameDescription
6:0rw0x20OBSERVE_FIFO_THRESH

This field will set the threshold that the depth of the Observe FIFO will be compared with when setting the interrupt status bit. Note: a value of zero is reserved and not to be used.


entropy_src.OBSERVE_FIFO_DEPTH @ 0xcc

Observe FIFO depth register

Reset default = 0x0, mask 0x7f
31302928272625242322212019181716
 
1514131211109876543210
  OBSERVE_FIFO_DEPTH
BitsTypeResetNameDescription
6:0roxOBSERVE_FIFO_DEPTH

This field will hold the current depth of the Observe FIFO.


entropy_src.DEBUG_STATUS @ 0xd0

Debug status register

Reset default = 0x10000, mask 0x303ff
31302928272625242322212019181716
  MAIN_SM_BOOT_DONE MAIN_SM_IDLE
1514131211109876543210
  SHA3_ERR SHA3_ABSORBED SHA3_SQUEEZING SHA3_BLOCK_PR SHA3_FSM ENTROPY_FIFO_DEPTH
BitsTypeResetNameDescription
2:0roxENTROPY_FIFO_DEPTH

This is the depth of the entropy source FIFO.

5:3roxSHA3_FSM

This is the SHA3 finite state machine current state.

6roxSHA3_BLOCK_PR

This is the SHA3 block processed signal current state.

7roxSHA3_SQUEEZING

This is the SHA3 squeezing signal current state.

8roxSHA3_ABSORBED

This is the SHA3 absorbed signal current state.

9roxSHA3_ERR

This is a logic-or of all of the SHA3 error signals.

15:10Reserved
16ro0x1MAIN_SM_IDLE

The entropy_src main state machine is in the idle state.

17roxMAIN_SM_BOOT_DONE

The entropy_src main state machine is in the boot phase done state.


entropy_src.RECOV_ALERT_STS @ 0xd4

Recoverable alert status register

Reset default = 0x0, mask 0x7faf
31302928272625242322212019181716
 
1514131211109876543210
  ES_THRESH_CFG_ALERT ES_BUS_CMP_ALERT ES_MAIN_SM_ALERT ES_TYPE_FIELD_ALERT ES_ROUTE_FIELD_ALERT FW_OV_ENTROPY_INSERT_FIELD_ALERT FW_OV_MODE_FIELD_ALERT FW_OV_SHA3_START_FIELD_ALERT   RNG_BIT_ENABLE_FIELD_ALERT   THRESHOLD_SCOPE_FIELD_ALERT MODULE_ENABLE_FIELD_ALERT ENTROPY_DATA_REG_EN_FIELD_ALERT FIPS_ENABLE_FIELD_ALERT
BitsTypeResetNameDescription
0rw0c0x0FIPS_ENABLE_FIELD_ALERT

This bit is set when the FIPS_ENABLE field in the CONF register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

1rw0c0x0ENTROPY_DATA_REG_EN_FIELD_ALERT

This bit is set when the ENTROPY_DATA_REG_ENABLE field in the CONF register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

2rw0c0x0MODULE_ENABLE_FIELD_ALERT

This bit is set when the MODULE_ENABLE field in the MODULE_ENABLE register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

3rw0c0x0THRESHOLD_SCOPE_FIELD_ALERT

This bit is set when the THRESHOLD_SCOPE field in the CONF register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

4Reserved
5rw0c0x0RNG_BIT_ENABLE_FIELD_ALERT

This bit is set when the RNG_BIT_ENABLE field in the CONF register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

6Reserved
7rw0c0x0FW_OV_SHA3_START_FIELD_ALERT

This bit is set when the FW_OV_SHA3_START field in the FW_OV_SHA3_START register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

8rw0c0x0FW_OV_MODE_FIELD_ALERT

This bit is set when the FW_OV_MODE field in the FW_OV_CONTROL register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

9rw0c0x0FW_OV_ENTROPY_INSERT_FIELD_ALERT

This bit is set when the FW_OV_ENTROPY_INSERT field in the FW_OV_CONTROL register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

10rw0c0x0ES_ROUTE_FIELD_ALERT

This bit is set when the ES_ROUTE field in the ENTROPY_CONTROL register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

11rw0c0x0ES_TYPE_FIELD_ALERT

This bit is set when the ES_TYPE field in the ENTROPY_CONTROL register is set to a value other than kMultiBitBool4False or kMultiBitBool4True. Writing a zero resets this status bit.

12rw0c0x0ES_MAIN_SM_ALERT

This bit is set when the main state machine detects a threshhold failure state. Writing a zero resets this status bit.

13rw0c0x0ES_BUS_CMP_ALERT

This bit is set when the interal entropy bus value is equal to the prior valid value on the bus, indicating a possible attack. Writing a zero resets this status bit.

14rw0c0x0ES_THRESH_CFG_ALERT

This bit is set when the ALERT_THRESHOLD register is not configured properly. The upper field must be the exact inverse of the lower field. Writing a zero resets this status bit.


entropy_src.ERR_CODE @ 0xd8

Hardware detection of error conditions status register

Reset default = 0x0, mask 0x70700007
31302928272625242322212019181716
  FIFO_STATE_ERR FIFO_READ_ERR FIFO_WRITE_ERR   ES_CNTR_ERR ES_MAIN_SM_ERR ES_ACK_SM_ERR  
1514131211109876543210
  SFIFO_ESFINAL_ERR SFIFO_OBSERVE_ERR SFIFO_ESRNG_ERR
BitsTypeResetNameDescription
0ro0x0SFIFO_ESRNG_ERR

This bit will be set to one when an error has been detected for the esrng FIFO. The type of error is reflected in the type status bits (bits 28 through 30 of this register). This bit will stay set until the next reset.

1ro0x0SFIFO_OBSERVE_ERR

This bit will be set to one when an error has been detected for the observe FIFO. The type of error is reflected in the type status bits (bits 28 through 30 of this register). This bit will stay set until the next reset.

2ro0x0SFIFO_ESFINAL_ERR

This bit will be set to one when an error has been detected for the esfinal FIFO. The type of error is reflected in the type status bits (bits 28 through 30 of this register). This bit will stay set until the next reset.

19:3Reserved
20ro0x0ES_ACK_SM_ERR

This bit will be set to one when an illegal state has been detected for the ES ack stage state machine. This error will signal a fatal alert, and also an interrupt if enabled. This bit will stay set until the next reset.

21ro0x0ES_MAIN_SM_ERR

This bit will be set to one when an illegal state has been detected for the ES main stage state machine. This error will signal a fatal alert, and also an interrupt if enabled. This bit will stay set until the next reset.

22ro0x0ES_CNTR_ERR

This bit will be set to one when a hardened counter has detected an error condition. This error will signal a fatal alert, and also an interrupt if enabled. This bit will stay set until the next reset.

27:23Reserved
28ro0x0FIFO_WRITE_ERR

This bit will be set to one when any of the source bits (bits 0 through 1 of this this register) are asserted as a result of an error pulse generated from any full FIFO that has been recieved a write pulse. This bit will stay set until the next reset.

29ro0x0FIFO_READ_ERR

This bit will be set to one when any of the source bits (bits 0 through 1 of this this register) are asserted as a result of an error pulse generated from any empty FIFO that has recieved a read pulse. This bit will stay set until the next reset.

30ro0x0FIFO_STATE_ERR

This bit will be set to one when any of the source bits (bits 0 through 1 of this this register) are asserted as a result of an error pulse generated from any FIFO where both the empty and full status bits are set. This bit will stay set until the next reset.


entropy_src.ERR_CODE_TEST @ 0xdc

Test error conditions register

Reset default = 0x0, mask 0x1f
Register enable = REGWEN
31302928272625242322212019181716
 
1514131211109876543210
  ERR_CODE_TEST
BitsTypeResetNameDescription
4:0rw0x0ERR_CODE_TEST

Setting this field will set the bit number for which an error will be forced in the hardware. This bit number is that same one found in the ERR_CODE register. The action of writing this register will force an error pulse. The sole purpose of this register is to test that any error properly propagates to either an interrupt or an alert.


entropy_src.MAIN_SM_STATE @ 0xe0

Main state machine state debug register

Reset default = 0xf5, mask 0x1ff
31302928272625242322212019181716
 
1514131211109876543210
  MAIN_SM_STATE
BitsTypeResetNameDescription
8:0ro0xf5MAIN_SM_STATE

This is the state of the ENTROPY_SRC main state machine. See the RTL file entropy_src_main_sm for the meaning of the values.