User/dev/kupadhyayula/masking fixes (#49)

* added masked pwm intt opcode using pwm intt masked opcode in sequencer * Enable masking for pwm_intt op * Clean up * Revert vf change * Clean up * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/dev/kupadhyayula/masking_fixes' with updated timestamp and hash after successful run * PR suggestions * Rename param for clarity * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/dev/kupadhyayula/masking_fixes' with updated timestamp and hash after successful run * MICROSOFT AUTOMATED PIPELINE: Stamp 'user/dev/kupadhyayula/masking_fixes' with updated timestamp and hash after successful run --------- Co-authored-by: Nitsirks <[email protected]>
chipsalliance · Dec 4, 2024 · 31291aa · 31291aa
1 parent 0ae924c
commit 31291aa
Show file tree

Hide file tree

Showing 20 changed files with 950 additions and 297 deletions.
diff --git a/.github/workflow_metadata/pr_hash b/.github/workflow_metadata/pr_hash
@@ -1 +1 @@
-bfab9f4c3a310bcbb8961b11e0776fa1072ee2a0020b992aea2202c0064cb25d472c215728ec88edb81798012624560a
+148a6d381422de56ae26bc8c4288130b67b86f624ee2adb675b36c18e09bc5319f1cc53b9c3268c98892d594e9a28b44
diff --git a/.github/workflow_metadata/pr_timestamp b/.github/workflow_metadata/pr_timestamp
@@ -1 +1 @@
-1733249926
+1733339945
diff --git a/src/mldsa_top/rtl/mldsa_ctrl.sv b/src/mldsa_top/rtl/mldsa_ctrl.sv
@@ -305,6 +305,8 @@ always_comb mldsa_privkey_lock = '0;
 
   //shared aux functions
   logic [1:0] normcheck_enable;
+
+  logic [1:0][MLDSA_MEM_ADDR_WIDTH-1:0] ntt_temp_address;
 
   //Interrupts
   logic mldsa_status_done_d, mldsa_status_done_p;
@@ -1159,9 +1161,12 @@ always_comb mldsa_privkey_lock = '0;
 
   always_comb sampler_src_offset = {4'b0, msg_cnt}; //fixme
 
+  //passing a bit on the immediate field to mux between temp address locations
+  always_comb ntt_temp_address[0] = prim_instr.imm[0] ? MLDSA_TEMP3_BASE : MLDSA_TEMP0_BASE;
+
   //FIXME one interface here?
   always_comb ntt_mem_base_addr_o[0] = '{src_base_addr:prim_instr.operand1[MLDSA_MEM_ADDR_WIDTH-1:0],
-                                         interim_base_addr:prim_instr.operand2[MLDSA_MEM_ADDR_WIDTH-1:0],
+                                         interim_base_addr:ntt_temp_address[0],
                                          dest_base_addr:prim_instr.operand3[MLDSA_MEM_ADDR_WIDTH-1:0]};
 
   always_comb pwo_mem_base_addr_o[0] = '{pw_base_addr_b:prim_instr.operand1[MLDSA_MEM_ADDR_WIDTH-1:0], //FIXME PWO src
@@ -1456,10 +1461,12 @@ mldsa_seq_prim mldsa_seq_prim_inst
       ntt_shuffling_en_o[1] = sec_instr.opcode.shuffling_en;
     end
   end
+  //passing a bit on the immediate field to mux between temp address locations
+  always_comb ntt_temp_address[1] = sec_instr.imm[0] ? MLDSA_TEMP3_BASE : MLDSA_TEMP0_BASE;
 
   //FIXME one interface here?
   always_comb ntt_mem_base_addr_o[1] = '{src_base_addr:sec_instr.operand1[MLDSA_MEM_ADDR_WIDTH-1:0],
-                                         interim_base_addr:sec_instr.operand2[MLDSA_MEM_ADDR_WIDTH-1:0],
+                                         interim_base_addr:ntt_temp_address[1],
                                          dest_base_addr:sec_instr.operand3[MLDSA_MEM_ADDR_WIDTH-1:0]};
 
   always_comb pwo_mem_base_addr_o[1] = '{pw_base_addr_b:sec_instr.operand1[MLDSA_MEM_ADDR_WIDTH-1:0], //FIXME PWO src

diff --git a/src/mldsa_top/rtl/mldsa_ctrl_pkg.sv b/src/mldsa_top/rtl/mldsa_ctrl_pkg.sv
@@ -141,7 +141,8 @@ package mldsa_ctrl_pkg;
         MLDSA_PWM_SMPL,
         MLDSA_PWM_ACCUM_SMPL,
         MLDSA_PWA,
-        MLDSA_PWS
+        MLDSA_PWS,
+        MLDSA_PWM_INTT
     } mldsa_ntt_mode_e;
 
     typedef enum logic[3:0] {
@@ -201,6 +202,12 @@ package mldsa_ctrl_pkg;
     localparam mldsa_opcode_t MLDSA_UOP_PWM       = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWM,            masking_en:1'b0, shuffling_en:1'b1};
     localparam mldsa_opcode_t MLDSA_UOP_PWA       = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWA,            masking_en:1'b0, shuffling_en:1'b1};
     localparam mldsa_opcode_t MLDSA_UOP_PWS       = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWS,            masking_en:1'b0, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_NTT  = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_NTT,          masking_en:1'b1, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_INTT = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_INTT,         masking_en:1'b1, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_PWM  = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWM,          masking_en:1'b1, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_PWA  = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWA,          masking_en:1'b1, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_PWS  = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWS,          masking_en:1'b1, shuffling_en:1'b1};
+    localparam mldsa_opcode_t MLDSA_UOP_MASKED_PWM_INTT  = '{keccak_en: 1'b0, sampler_en:1'b0, ntt_en:1'b1, aux_en: 1'b0, mode:MLDSA_PWM_INTT,masking_en:1'b1, shuffling_en:1'b1};
     //Load Keccak with data but don't run it yet
     localparam mldsa_opcode_t MLDSA_UOP_LD_SHAKE256 = '{keccak_en: 1'b1, sampler_en:1'b0, ntt_en:1'b0, aux_en: 1'b0, mode:MLDSA_SHAKE256, masking_en:1'b0, shuffling_en:1'b0};
     localparam mldsa_opcode_t MLDSA_UOP_LD_SHAKE128 = '{keccak_en: 1'b1, sampler_en:1'b0, ntt_en:1'b0, aux_en: 1'b0, mode:MLDSA_SHAKE128, masking_en:1'b0, shuffling_en:1'b0};
@@ -434,10 +441,10 @@ package mldsa_ctrl_pkg;
     localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CHECK_C_VLD  = MLDSA_SIGN_INIT_S + 24;
     localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_VALID_S      = MLDSA_SIGN_CHECK_C_VLD + 1;
     localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CHECK_Y_VLD  = MLDSA_SIGN_VALID_S + 1;
-    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CLEAR_Y      = MLDSA_SIGN_VALID_S + 37;
-    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CHECK_W0_VLD = MLDSA_SIGN_VALID_S + 54;
-    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CLEAR_W0     = MLDSA_SIGN_VALID_S + 103;
-    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_GEN_S        = MLDSA_SIGN_VALID_S + 105;
+    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CLEAR_Y      = MLDSA_SIGN_VALID_S + 30;
+    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CHECK_W0_VLD = MLDSA_SIGN_VALID_S + 39;
+    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CLEAR_W0     = MLDSA_SIGN_VALID_S + 80;
+    localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_GEN_S        = MLDSA_SIGN_VALID_S + 82;
     localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_CLEAR_C      = MLDSA_SIGN_GEN_S + 1;
     localparam [MLDSA_PROG_ADDR_W-1 : 0] MLDSA_SIGN_GEN_E        = MLDSA_SIGN_GEN_S + 2;
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		bfab9f4c3a310bcbb8961b11e0776fa1072ee2a0020b992aea2202c0064cb25d472c215728ec88edb81798012624560a
		148a6d381422de56ae26bc8c4288130b67b86f624ee2adb675b36c18e09bc5319f1cc53b9c3268c98892d594e9a28b44