Skip to content

Commit

Permalink
User/dev/ekarabulut/normcheck shuf (#23)
Browse files Browse the repository at this point in the history 
* added randomness without shuffling enable control

* added shuffling enable

* connected randomness at the top level

* fixed lint checker error

* MICROSOFT AUTOMATED PIPELINE: Stamp 'user/dev/ekarabulut/normcheck_shuf' with updated timestamp and hash after successful run

---------

Co-authored-by: Emre Karabulut <“ekarabulut@microsoft.com”>
Co-authored-by: Emre Karabulut <ekarabulut@microsoft.com>
  • Loading branch information
@ekarabu
3 people authored Oct 31, 2024
1 parent 1f84699 commit 66bcccf
Show file tree
Hide file tree
Showing 7 changed files with 453 additions and 151 deletions.
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_hash
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
b7a9e1c8a62a99338ac4f080636de0e3920d3876368e5fc942000a11764ff6de6cbb3165eeb4de0707aa78cd3a52a7b0
652da59cbe9bd7714060f932a157f9abe1599397d3e352c528684cd045d0628c8102a57adb9d24713f1184ea41e26688
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_timestamp
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1729808326
1730319977
4 changes: 4 additions & 0 deletions src/mldsa_top/rtl/mldsa_top.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -650,6 +650,10 @@ norm_check_inst

.mode(normcheck_mode),
.norm_check_enable(normcheck_enable),

.shuffling_enable(1'b1), // This signal can be controlled by the controller
.randomness(rand_bits[5:0]),

.norm_check_ready(),
.norm_check_done(normcheck_done),

Expand Down
83 changes: 58 additions & 25 deletions src/norm_check/rtl/norm_check_ctrl.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,52 +36,81 @@ module norm_check_ctrl

input wire norm_check_enable,
input chk_norm_mode_t mode,

input wire [5:0] randomness,

input wire [MLDSA_MEM_ADDR_WIDTH-1:0] mem_base_addr,
output mem_if_t mem_rd_req,
output logic check_enable,
output logic norm_check_done
);


chk_read_state_e read_fsm_state_ps, read_fsm_state_ns;
logic [MLDSA_MEM_ADDR_WIDTH-1:0] mem_rd_addr;
logic [3:0] num_poly;
logic [MLDSA_MEM_ADDR_WIDTH-1:0] mem_rd_addr, locked_based_addr;

//Flags
logic incr_rd_addr;
logic last_poly_last_addr;
logic norm_check_busy;

//Read addr counter
logic [4:0] latched_out_randomness;
logic latched_in_randomness;
logic [4:0] increment_addr;
logic [6:0] neutral_cnt;

always_ff @(posedge clk or negedge reset_n) begin
if (!reset_n)
mem_rd_addr <= 'h0;
else if (zeroize)
mem_rd_addr <= 'h0;
else if (norm_check_enable)
mem_rd_addr <= mem_base_addr;
else if (incr_rd_addr)
mem_rd_addr <= last_poly_last_addr ? 'h0 : mem_rd_addr + 'h1;
if (!reset_n) begin
latched_out_randomness <= 'h0;
latched_in_randomness <= 'h0;
increment_addr <= 'h0;
mem_rd_addr <= 'h0;
neutral_cnt <= 'h0;
locked_based_addr <= 'h0;
end
else if (zeroize) begin
latched_out_randomness <= 'h0;
latched_in_randomness <= 'h0;
increment_addr <= 'h0;
mem_rd_addr <= 'h0;
neutral_cnt <= 'h0;
locked_based_addr <= 'h0;
end
else begin
if (norm_check_enable) begin
latched_out_randomness <= randomness[5:1];
latched_in_randomness <= randomness[0];
increment_addr <= randomness[5:1];
mem_rd_addr <= {{(MLDSA_MEM_ADDR_WIDTH-6){1'b0}}, randomness};
neutral_cnt <= 'h0;
locked_based_addr <= mem_base_addr;
end
else if (incr_rd_addr) begin
latched_in_randomness <= latched_in_randomness;
latched_out_randomness <= latched_out_randomness;
increment_addr <= increment_addr;
mem_rd_addr <= {mem_rd_addr[MLDSA_MEM_ADDR_WIDTH-1:6], increment_addr, latched_in_randomness};
neutral_cnt <= neutral_cnt + 'h1;
end
else if (~incr_rd_addr) begin
latched_in_randomness <= randomness[0];
latched_out_randomness <= latched_out_randomness;
increment_addr <= increment_addr + 'h1;
mem_rd_addr <= {mem_rd_addr[MLDSA_MEM_ADDR_WIDTH-1:1], ~latched_in_randomness};
neutral_cnt <= neutral_cnt + 'h1;
end
end
end

//Addr assignment
always_comb begin
mem_rd_req.addr = mem_rd_addr;
mem_rd_req.addr = mem_rd_addr+locked_based_addr;

mem_rd_req.rd_wr_en = (read_fsm_state_ps == CHK_RD_MEM) ? RW_READ : RW_IDLE;
end

//Mode mux
always_comb begin
case(mode)
z_bound: num_poly = MLDSA_L;
r0_bound: num_poly = MLDSA_K;
ct0_bound: num_poly = MLDSA_K;
default: num_poly = 0;
endcase
mem_rd_req.rd_wr_en = ((read_fsm_state_ps == CHK_RD_MEM) | (read_fsm_state_ps == CHK_WAIT)) ? RW_READ : RW_IDLE;
end

//Last addr flag
always_comb last_poly_last_addr = (mem_rd_req.addr == (mem_base_addr + ((MLDSA_N/4))-1));
always_comb last_poly_last_addr = (neutral_cnt == ((MLDSA_N/4))-1);

//Ctrl flags
always_comb begin
Expand All @@ -108,6 +137,10 @@ module norm_check_ctrl
read_fsm_state_ns = norm_check_enable ? CHK_RD_MEM : CHK_IDLE;
end
CHK_RD_MEM: begin
read_fsm_state_ns = last_poly_last_addr ? CHK_DONE : CHK_WAIT;
incr_rd_addr = 'b0;
end
CHK_WAIT: begin
read_fsm_state_ns = last_poly_last_addr ? CHK_DONE : CHK_RD_MEM;
incr_rd_addr = 'b1;
end
Expand All @@ -121,6 +154,6 @@ module norm_check_ctrl
endcase
end

always_comb check_enable = (read_fsm_state_ps == CHK_RD_MEM);
always_comb check_enable = (read_fsm_state_ps == CHK_RD_MEM) | (read_fsm_state_ps == CHK_WAIT);

endmodule
2 changes: 1 addition & 1 deletion src/norm_check/rtl/norm_check_defines_pkg.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ package norm_check_defines_pkg;
parameter z_bound = 2'h0, r0_bound = 2'h1, ct0_bound = 2'h2;
typedef logic [1:0] chk_norm_mode_t;

typedef enum logic [1:0] {CHK_IDLE, CHK_RD_MEM, CHK_DONE} chk_read_state_e;
typedef enum logic [1:0] {CHK_IDLE, CHK_RD_MEM, CHK_WAIT, CHK_DONE} chk_read_state_e;
endpackage

`endif
33 changes: 25 additions & 8 deletions src/norm_check/rtl/norm_check_top.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
// TODO: see if this needs any changes

// TODO: embed z and r0 checks in decompose?
// TODO: ct0 needs shuffling countermeasure - confirm with Emre
// TODO: need a restart input (other than zeroize)

module norm_check_top
Expand All @@ -42,6 +41,10 @@ module norm_check_top

input wire norm_check_enable,
input chk_norm_mode_t mode,

input wire shuffling_enable,
input wire [5:0] randomness,

input wire [MLDSA_MEM_ADDR_WIDTH-1:0] mem_base_addr,
output mem_if_t mem_rd_req,
input [4*REG_SIZE-1:0] mem_rd_data,
Expand All @@ -50,10 +53,17 @@ module norm_check_top
output logic norm_check_done
);

logic [3:0] check_a_invalid, check_b_invalid;
logic [3:0] check_a_invalid;
logic check_enable, check_enable_reg;
logic norm_check_done_int;
logic latched_shuffling_enable;
logic randomness_enable;
logic [5:0] controller_randomness;


assign randomness_enable = latched_shuffling_enable | shuffling_enable;
assign controller_randomness = randomness_enable ? randomness: '0;

generate
for (genvar i = 0; i < 4; i++) begin
norm_check check_inst (
Expand Down Expand Up @@ -87,16 +97,22 @@ module norm_check_top
//Give one cycle for HLC to capture invalid flag
always_ff @(posedge clk or negedge reset_n) begin
if (!reset_n) begin
norm_check_ready <= 'b0;
check_enable_reg <= 'b0;
norm_check_ready <= 'b0;
check_enable_reg <= 'b0;
latched_shuffling_enable <= 'b0;
end
else if (zeroize) begin
norm_check_ready <= 'b0;
check_enable_reg <= 'b0;
norm_check_ready <= 'b0;
check_enable_reg <= 'b0;
latched_shuffling_enable <= 'b0;
end
else begin
norm_check_ready <= norm_check_done;
check_enable_reg <= check_enable;
norm_check_ready <= norm_check_done;
check_enable_reg <= check_enable;
if (norm_check_enable)
latched_shuffling_enable <= shuffling_enable;
else if (norm_check_done)
latched_shuffling_enable <= 'b0;
end

end
Expand All @@ -107,6 +123,7 @@ module norm_check_top
.reset_n(reset_n),
.zeroize(zeroize),
.norm_check_enable(norm_check_enable),
.randomness(controller_randomness),
.mode(mode),
.mem_base_addr(mem_base_addr),
.mem_rd_req(mem_rd_req),
Expand Down
Loading

0 comments on commit 66bcccf

Please sign in to comment.