Software APIs
individualize.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_INDIVIDUALIZE_H_
6 #define OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_INDIVIDUALIZE_H_
7 
8 #include "sw/device/lib/base/status.h"
9 #include "sw/device/lib/dif/dif_flash_ctrl.h"
10 #include "sw/device/lib/dif/dif_lc_ctrl.h"
11 #include "sw/device/lib/dif/dif_otp_ctrl.h"
12 #include "sw/device/lib/testing/json/provisioning_data.h"
13 
14 /**
15  * Provision the HW_CFG0/1 OTP partition.
16  *
17  * The HW_CFG0/1 partition contains:
18  * - Unique device identifier (DeviceId), which is a public value used to
19  * identify the device during manufacturing.
20  * - Manufacturing state information generated by the manufacturer.
21  * - Various digital logic configuration settings.
22  *
23  * Preconditions:
24  * - ManufState is pre-populated in the appropriate flash info page.
25  * - If DeviceId is already written to flash, the device ID provided must match.
26  * If the DeviceId slot in flash is all 0s, then the provided DeviceId will be
27  * what is written to OTP.
28  *
29  * Note: The test will skip all programming steps and succeed if the HW_CFG0/1
30  * paritions are already locked. This is to facilitate test re-runs.
31  *
32  * The caller should reset the device after calling this function and call
33  * `manuf_individualize_device_hw_cfg_check()` afterwards to confirm that the
34  * OTP partition was successfully locked.
35  *
36  * @param flash_state Flash controller handle and state.
37  * @param otp_ctrl OTP controller instance.
38  * @param flash_info_page_0_permissions Access permissions to set on flash info
39  * page 0 (which temporarily holds
40  * device_id and manuf_state).
41  * @param device_id DeviceId to check exists in flash, or inject in into OTP if
42  * running in a test environment.
43  * @return OK_STATUS on success.
44  */
45 status_t manuf_individualize_device_hw_cfg(
46  dif_flash_ctrl_state_t *flash_state, const dif_otp_ctrl_t *otp_ctrl,
47  dif_flash_ctrl_region_properties_t flash_info_page_0_permissions,
48  uint32_t *device_id);
49 
50 /**
51  * Checks the HW_CFG0/1 OTP partition end state.
52  *
53  * @param otp_ctrl OTP controller interface.
54  * @return OK_STATUS if the HW_CFG0/1 partitions are locked.
55  */
56 status_t manuf_individualize_device_hw_cfg_check(
57  const dif_otp_ctrl_t *otp_ctrl);
58 
59 /**
60  * Configures the SECRET0 OTP partition.
61  *
62  * The SECRET0 partition contains the test unlock and exit tokens.
63  *
64  * Preconditions:
65  * - Device is in TEST_UNLOCKED lifecycle stage.
66  *
67  * Note: The test will skip all programming steps and succeed if the SECRET0
68  * parition is already locked. This is to facilitate test re-runs.
69  *
70  * The caller should reset the device after calling this function and call
71  * `manuf_individualize_device_secret0_check()` afterwards to confirm that the
72  * OTP partition was successfully locked.
73  *
74  * @param lc_ctrl Lifecycle controller instance.
75  * @param otp_ctrl OTP controller instance.
76  * @param provisioning_data Struct with test unlock/exit tokens to provision.
77  * @return OK_STATUS if the SECRET0 partition is locked.
78  */
79 status_t manuf_individualize_device_secret0(
80  const dif_lc_ctrl_t *lc_ctrl, const dif_otp_ctrl_t *otp_ctrl,
81  const manuf_cp_provisioning_data_t *provisioning_data);
82 
83 /**
84  * Checks the SECRET0 OTP partition end state.
85  *
86  * @param otp_ctrl OTP controller interface.
87  * @return OK_STATUS if the SECRET0 partition is locked.
88  */
89 status_t manuf_individualize_device_secret0_check(
90  const dif_otp_ctrl_t *otp_ctrl);
91 
92 #endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_MANUF_LIB_INDIVIDUALIZE_H_
Return to OpenTitan Documentation