lowRISC · pamaury · Jul 24, 2025 · Nov 23, 2024
@@ -14,12 +14,10 @@ extern "C" {
 #define MODULE_ID MAKE_MODULE_ID('j', 'p', 'd')
 
 /**
- * Provisioning data imported onto the device in CP.
+ * Provisioning data imported onto the device during CP.
  */
 // clang-format off
 #define STRUCT_MANUF_CP_PROVISIONING_DATA(field, string) \
-    field(device_id, uint32_t, 8) \
-    field(manuf_state, uint32_t, 8) \
     field(wafer_auth_secret, uint32_t, 8) \
     field(test_unlock_token_hash, uint64_t, 2) \
     field(test_exit_token_hash, uint64_t, 2)
@@ -28,6 +26,31 @@ UJSON_SERDE_STRUCT(ManufCpProvisioningData, \
                    STRUCT_MANUF_CP_PROVISIONING_DATA);
 // clang-format on
 
+/**
+ * Provisioning data exported off the device during CP.
+ */
+// clang-format off
+#define STRUCT_MANUF_CP_PROVISIONING_DATA_OUT(field, string) \
+    field(cp_device_id, uint32_t, 4)
+UJSON_SERDE_STRUCT(ManufCpProvisioningDataOut, \
+                   manuf_cp_provisioning_data_out_t, \
+                   STRUCT_MANUF_CP_PROVISIONING_DATA_OUT);
+// clang-format on
+
+/**
+ * Test factory data imported onto the device prior to CP initialize stage.
+ */
+// clang-format off
+#define STRUCT_MANUF_CP_TEST_DATA(field, string) \
+    field(lot_name, uint32_t) \
+    field(wafer_number, uint32_t) \
+    field(wafer_x_coord, uint32_t) \
+    field(wafer_y_coord, uint32_t)
+UJSON_SERDE_STRUCT(ManufCpTestData, \
+                   manuf_cp_test_data_t, \
+                   STRUCT_MANUF_CP_TEST_DATA);
+// clang-format on
+
 /**
  * Provisioning data imported onto the device in FT during individualization.
  */

diff --git a/sw/device/silicon_creator/manuf/base/BUILD b/sw/device/silicon_creator/manuf/base/BUILD
@@ -72,7 +72,6 @@ opentitan_binary(
         "//sw/device/lib/testing/test_framework:ottf_test_config",
         "//sw/device/lib/testing/test_framework:status",
         "//sw/device/lib/testing/test_framework:ujson_ottf",
-        "//sw/device/silicon_creator/manuf/data/ast:fake",
         "//sw/device/silicon_creator/manuf/lib:flash_info_fields",
         "//sw/device/silicon_creator/manuf/lib:individualize",
         "//sw/device/silicon_creator/manuf/lib:otp_fields",
@@ -169,7 +168,7 @@ opentitan_test(
         test_cmd = """
             --provisioning-sram-elf={sram_cp_provision}
             --test-sram-elf={sram_cp_provision_functest}
-        """ + CP_PROVISIONING_INPUTS,
+        """,
         test_harness = "//sw/host/tests/manuf/cp_provision_functest",
     ),
 )

@@ -58,18 +58,17 @@ EARLGREY_SKUS = {
     },
 } | EXT_EARLGREY_SKUS
 
-_DEVICE_ID_AND_TEST_TOKENS = """
-  --device-id="0x11111111_22222222_33333333_44444444_55555555_66666666_77777777_88888888"
+_TEST_TOKENS = """
   --test-unlock-token="0x11111111_11111111_11111111_11111111"
   --test-exit-token="0x11111111_11111111_11111111_11111111"
 """
 
-CP_PROVISIONING_INPUTS = _DEVICE_ID_AND_TEST_TOKENS + """
-  --manuf-state="0x00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000000"
+CP_PROVISIONING_INPUTS = _TEST_TOKENS + """
   --wafer-auth-secret="0x00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000000"
 """
 
-FT_PROVISIONING_INPUTS = _DEVICE_ID_AND_TEST_TOKENS + """
+FT_PROVISIONING_INPUTS = _TEST_TOKENS + """
+  --device-id="0x11111111_22222222_33333333_44444444_55555555_66666666_77777777_88888888"
   --target-mission-mode-lc-state="prod"
   --rma-unlock-token="0x01234567_89abcdef_01234567_89abcdef"
   --rom-ext-measurement="0x11111111_11111111_11111111_11111111_11111111_11111111_11111111_11111111"

@@ -21,7 +21,6 @@
 #include "sw/device/lib/testing/test_framework/ottf_test_config.h"
 #include "sw/device/lib/testing/test_framework/ujson_ottf.h"
 #include "sw/device/silicon_creator/manuf/base/flash_info_permissions.h"
-#include "sw/device/silicon_creator/manuf/data/ast/calibration_values.h"
 #include "sw/device/silicon_creator/manuf/lib/flash_info_fields.h"
 #include "sw/device/silicon_creator/manuf/lib/individualize.h"
 #include "sw/device/silicon_creator/manuf/lib/otp_fields.h"
@@ -38,6 +37,8 @@ static dif_pinmux_t pinmux;
 static dif_flash_ctrl_state_t flash_ctrl_state;
 static dif_lc_ctrl_t lc_ctrl;
 
+static uint32_t ast_cfg_data[kFlashInfoAstCalibrationDataSizeIn32BitWords];
+
 /**
  * Initializes all DIF handles used in this SRAM program.
  */
@@ -61,99 +62,106 @@ static void manually_init_ast(uint32_t *data) {
   }
 }
 
-static status_t flash_info_page_0_erase(void) {
-  uint32_t byte_address = 0;
-  // DeviceId and ManufState are located on the same flash info page.
-  TRY(flash_ctrl_testutils_info_region_setup_properties(
-      &flash_ctrl_state, kFlashInfoFieldDeviceId.page,
-      kFlashInfoFieldDeviceId.bank, kFlashInfoFieldDeviceId.partition,
-      kFlashInfoPage0Permissions, &byte_address));
-  TRY(flash_ctrl_testutils_erase_page(&flash_ctrl_state, byte_address,
-                                      kFlashInfoFieldDeviceId.partition,
-                                      kDifFlashCtrlPartitionTypeInfo));
-  return OK_STATUS();
-}
-
-static status_t flash_info_page_0_write(
-    manuf_cp_provisioning_data_t *provisioning_data) {
-  uint32_t byte_address = 0;
+static status_t flash_info_page_0_read_and_validate(
+    manuf_cp_provisioning_data_out_t *console_out) {
   TRY(flash_ctrl_testutils_info_region_setup_properties(
-      &flash_ctrl_state, kFlashInfoFieldDeviceId.page,
-      kFlashInfoFieldDeviceId.bank, kFlashInfoFieldDeviceId.partition,
-      kFlashInfoPage0Permissions, &byte_address));
-
-  // Write DeviceId.
-  TRY(flash_ctrl_testutils_write(
-      &flash_ctrl_state, byte_address, kFlashInfoFieldDeviceId.partition,
-      provisioning_data->device_id, kDifFlashCtrlPartitionTypeInfo,
-      kHwCfgDeviceIdSizeIn32BitWords));
-
-  // Write ManufState (on same page as DeviceId).
-  TRY(flash_ctrl_testutils_write(
-      &flash_ctrl_state, byte_address + kFlashInfoFieldManufState.byte_offset,
-      kFlashInfoFieldManufState.partition, provisioning_data->manuf_state,
-      kDifFlashCtrlPartitionTypeInfo, kHwCfgManufStateSizeIn32BitWords));
-
-  // Write AST calibration values (on same page as DeviceId).
-  TRY(flash_ctrl_testutils_write(
-      &flash_ctrl_state,
-      byte_address + kFlashInfoFieldAstCalibrationData.byte_offset,
-      kFlashInfoFieldAstCalibrationData.partition, ast_cfg_data,
-      kDifFlashCtrlPartitionTypeInfo,
+      &flash_ctrl_state, kFlashInfoFieldCpDeviceId.page,
+      kFlashInfoFieldCpDeviceId.bank, kFlashInfoFieldCpDeviceId.partition,
+      kFlashInfoPage0Permissions, /*offset=*/NULL));
+
+  // Read (wafer) lot name.
+  uint32_t lot_name = 0;
+  static_assert(kFlashInfoFieldLotNameSizeIn32BitWords == 1,
+                "Lot name should fit in <32bits.");
+  TRY(manuf_flash_info_field_read(&flash_ctrl_state, kFlashInfoFieldLotName,
+                                  &lot_name,
+                                  kFlashInfoFieldLotNameSizeIn32BitWords));
+
+  // Read wafer number.
+  uint32_t wafer_number = 0;
+  static_assert(kFlashInfoFieldWaferNumberSizeIn32BitWords == 1,
+                "Wafer number should fit in <32bits.");
+  TRY(manuf_flash_info_field_read(&flash_ctrl_state, kFlashInfoFieldWaferNumber,
+                                  &wafer_number,
+                                  kFlashInfoFieldWaferNumberSizeIn32BitWords));
+
+  // Read wafer X coord.
+  uint32_t wafer_x_coord = 0;
+  static_assert(kFlashInfoFieldWaferXCoordSizeIn32BitWords == 1,
+                "Wafer X coordinate value should fit in <32bits.");
+  TRY(manuf_flash_info_field_read(&flash_ctrl_state, kFlashInfoFieldWaferXCoord,
+                                  &wafer_x_coord,
+                                  kFlashInfoFieldWaferXCoordSizeIn32BitWords));
+
+  // Read wafer Y coord.
+  uint32_t wafer_y_coord = 0;
+  static_assert(kFlashInfoFieldWaferYCoordSizeIn32BitWords == 1,
+                "Wafer Y coordinate value should fit in <32bits.");
+  TRY(manuf_flash_info_field_read(&flash_ctrl_state, kFlashInfoFieldWaferYCoord,
+                                  &wafer_y_coord,
+                                  kFlashInfoFieldWaferYCoordSizeIn32BitWords));
+
+  // Read AST calibration values into RAM.
+  TRY(manuf_flash_info_field_read(
+      &flash_ctrl_state, kFlashInfoFieldAstCalibrationData, ast_cfg_data,
       kFlashInfoAstCalibrationDataSizeIn32BitWords));
 
-  return OK_STATUS();
-}
+  // Encode CP device ID.
+  // HW origin portion of CP device.
+  // "0x00024001" encodes:
+  //   - a SiliconCreator ID of "0x4001" for "Nuvoton", and
+  //   - a Product ID of "0x0002" for Earlgrey A1 silicon.
+  console_out->cp_device_id[0] = 0x00024001u;
+  // Device Identification Number portion of CP device ID.
+  uint32_t year = (lot_name >> 24) & 0xf;
+  uint32_t week = (lot_name >> 16) & 0xff;
+  uint32_t lot_number = lot_name & 0xfff;
+  console_out->cp_device_id[1] =
+      (wafer_number << 24) | (lot_number << 12) | (week << 4) | year;
+  console_out->cp_device_id[2] = (wafer_y_coord << 12) | wafer_x_coord;
+  // Reserved word; set to 0.
+  console_out->cp_device_id[3] = 0;
+
+  // Write CP device ID.
+  TRY(manuf_flash_info_field_write(&flash_ctrl_state, kFlashInfoFieldCpDeviceId,
+                                   console_out->cp_device_id,
+                                   kFlashInfoFieldCpDeviceIdSizeIn32BitWords,
+                                   /*erase_page_before_write=*/false));
 
-static status_t wafer_auth_secret_flash_info_page_erase(void) {
-  uint32_t byte_address = 0;
-  TRY(flash_ctrl_testutils_info_region_setup_properties(
-      &flash_ctrl_state, kFlashInfoFieldWaferAuthSecret.page,
-      kFlashInfoFieldWaferAuthSecret.bank,
-      kFlashInfoFieldWaferAuthSecret.partition, kFlashInfoPage3WritePermissions,
-      &byte_address));
-  TRY(flash_ctrl_testutils_erase_page(&flash_ctrl_state, byte_address,
-                                      kFlashInfoFieldWaferAuthSecret.partition,
-                                      kDifFlashCtrlPartitionTypeInfo));
   return OK_STATUS();
 }
 
 static status_t wafer_auth_secret_flash_info_page_write(
-    manuf_cp_provisioning_data_t *provisioning_data) {
+    manuf_cp_provisioning_data_t *console_in) {
   uint32_t byte_address = 0;
   TRY(flash_ctrl_testutils_info_region_setup_properties(
       &flash_ctrl_state, kFlashInfoFieldWaferAuthSecret.page,
       kFlashInfoFieldWaferAuthSecret.bank,
       kFlashInfoFieldWaferAuthSecret.partition, kFlashInfoPage3WritePermissions,
       &byte_address));
-  TRY(flash_ctrl_testutils_write(
-      &flash_ctrl_state, byte_address, kFlashInfoFieldWaferAuthSecret.partition,
-      provisioning_data->manuf_state, kDifFlashCtrlPartitionTypeInfo,
-      kFlashInfoWaferAuthSecretSizeIn32BitWords));
+  TRY(manuf_flash_info_field_write(
+      &flash_ctrl_state, kFlashInfoFieldWaferAuthSecret,
+      console_in->wafer_auth_secret,
+      kFlashInfoFieldWaferAuthSecretSizeIn32BitWords,
+      /*erase_page_before_write=*/true));
   return OK_STATUS();
 }
 
 static status_t print_inputs_to_console(
-    manuf_cp_provisioning_data_t *provisioning_data) {
+    manuf_cp_provisioning_data_t *console_in) {
   uint32_t high;
   uint32_t low;
 
-  LOG_INFO("Device ID:");
-  for (size_t i = 0; i < kHwCfgDeviceIdSizeIn32BitWords; ++i) {
-    LOG_INFO("0x%08x", provisioning_data->device_id[i]);
-  }
   LOG_INFO("Test Unlock Token Hash:");
-  for (size_t i = 0; i < ARRAYSIZE(provisioning_data->test_unlock_token_hash);
-       ++i) {
-    high = provisioning_data->test_unlock_token_hash[i] >> 32;
-    low = provisioning_data->test_unlock_token_hash[i] & 0xffffffff;
+  for (size_t i = 0; i < ARRAYSIZE(console_in->test_unlock_token_hash); ++i) {
+    high = console_in->test_unlock_token_hash[i] >> 32;
+    low = console_in->test_unlock_token_hash[i] & 0xffffffff;
     LOG_INFO("0x%08x%08x", high, low);
   }
   LOG_INFO("Test Exit Token Hash:");
-  for (size_t i = 0; i < ARRAYSIZE(provisioning_data->test_exit_token_hash);
-       ++i) {
-    high = provisioning_data->test_exit_token_hash[i] >> 32;
-    low = provisioning_data->test_exit_token_hash[i] & 0xffffffff;
+  for (size_t i = 0; i < ARRAYSIZE(console_in->test_exit_token_hash); ++i) {
+    high = console_in->test_exit_token_hash[i] >> 32;
+    low = console_in->test_exit_token_hash[i] & 0xffffffff;
     LOG_INFO("0x%08x%08x", high, low);
   }
   return OK_STATUS();
@@ -162,33 +170,46 @@ static status_t print_inputs_to_console(
 /**
  * Provision flash info pages 0 and 3, and OTP Secret0 partition.
  */
-static status_t provision(ujson_t *uj) {
+static status_t provision(ujson_t *uj,
+                          manuf_cp_provisioning_data_out_t *console_out) {
+  // Wait for input console data.
   LOG_INFO("Waiting for CP provisioning data ...");
-  manuf_cp_provisioning_data_t provisioning_data;
-  TRY(ujson_deserialize_manuf_cp_provisioning_data_t(uj, &provisioning_data));
-  TRY(print_inputs_to_console(&provisioning_data));
-  TRY(flash_ctrl_testutils_wait_for_init(&flash_ctrl_state));
-  TRY(flash_info_page_0_erase());
-  TRY(wafer_auth_secret_flash_info_page_erase());
-  TRY(flash_info_page_0_write(&provisioning_data));
-  TRY(wafer_auth_secret_flash_info_page_write(&provisioning_data));
-  TRY(manuf_individualize_device_secret0(&lc_ctrl, &otp_ctrl,
-                                         &provisioning_data));
-  LOG_INFO("CP provisioning done.");
+  manuf_cp_provisioning_data_t console_in;
+  TRY(ujson_deserialize_manuf_cp_provisioning_data_t(uj, &console_in));
+  TRY(print_inputs_to_console(&console_in));
+
+  // Provision flash info page 3 (wafer authentication secret).
+  TRY(wafer_auth_secret_flash_info_page_write(&console_in));
+
+  // Burn test tokens into OTP.
+  TRY(manuf_individualize_device_secret0(&lc_ctrl, &otp_ctrl, &console_in));
+
+  // Send data back to host.
+  LOG_INFO("Exporting CP device ID ...");
+  RESP_OK(ujson_serialize_manuf_cp_provisioning_data_out_t, uj, console_out);
+
   return OK_STATUS();
 }
 
 bool test_main(void) {
-  // Initialize AST, DIF handles, pinmux, and UART.
-  manually_init_ast(ast_cfg_data);
+  // Initialize DIF handles, pinmux, and console.
   CHECK_STATUS_OK(peripheral_handles_init());
   pinmux_testutils_init(&pinmux);
   ottf_console_init();
   ujson_t uj = ujson_ottf_console();
+
+  // Extract factory data from flash info page 0.
+  manuf_cp_provisioning_data_out_t console_out;
+  CHECK_STATUS_OK(flash_ctrl_testutils_wait_for_init(&flash_ctrl_state));
+  CHECK_STATUS_OK(flash_info_page_0_read_and_validate(&console_out));
+
+  // Initialize AST.
+  manually_init_ast(ast_cfg_data);
   LOG_INFO("AST manually configured.");
 
   // Perform CP provisioning operations.
-  CHECK_STATUS_OK(provision(&uj));
+  CHECK_STATUS_OK(provision(&uj, &console_out));
 
+  LOG_INFO("CP provisioning done.");
   return true;
 }