[rv_core_ibex] Switch single to multi-bit encoding for Lockstep Enable #20779
Assignees
Labels
Milestone
Comments
nasahlpa
added
Priority:P1
|
I agree, something like a MuBi4 or MuBi8 would be adequate for this enablement... I believe other places use MuBi8 for CSR-based enablement, so we could go with that. |
|
Thanks for the comment @msfschaffner. Yes, I think this should be fairly easy to implement - I'll work on it. |
|
I've provided a fix in PR#2129 in the Ibex repository. |
|
Closing as the fix is merged into Ibex, bringing the fix into OT is covered by #21128 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, a single bit controls whether the outputs of the main and shadow Ibex core are compared, i.e., a single bit is responsible for enabling / disabling the lockstep:
opentitan/hw/vendor/lowrisc_ibex/rtl/ibex_lockstep.sv
Line 461 in 0424151
Hence, a permanent stuck-at 0 fault could allow an adversary to reduce the FI resilience of Ibex.
I would suggest extending this signal to a multi-bit encoded signal.
FYI @vogelpi @msfschaffner @johannheyszl.
The text was updated successfully, but these errors were encountered: