[rtl] Harden lockstep enable against FI

Currently, the dual-core lockstep FI mitigation is enabled/disabled
using a single bit.
For transient bit-flips, this is not problematic, as one bit-flip
into this signal and one bit into the Ibex is required to threaten
the security of the system.

However, a permanent stuck-at-0 fault could disable the lockstep
completely by targeting this signal. Then, only a single, additional
fault (transient or permanent) is required.

This PR enhances the FI resilience of the Ibex lockstep by encoding
this single bit into a ibex_mubi_t signal, i.e., a 4-bit multi-bit
signal.

Signed-off-by: Pascal Nasahl <[email protected]>

rtl/ibex_lockstep.sv

@@ -123,19 +123,22 @@ module ibex_lockstep import ibex_pkg::*; #(
   logic [LockstepOffsetW-1:0] rst_shadow_cnt_d, rst_shadow_cnt_q, rst_shadow_cnt_incr;
   // Internally generated resets cause IMPERFECTSCH warnings
   /* verilator lint_off IMPERFECTSCH */
-  logic                       rst_shadow_set_d, rst_shadow_set_q;
-  logic                       rst_shadow_n, enable_cmp_q;
+  ibex_mubi_t                 rst_shadow_set_d, rst_shadow_set_q;
+  logic                       rst_shadow_n;
+  ibex_mubi_t                 enable_cmp_q;
   /* verilator lint_on IMPERFECTSCH */
 
   assign rst_shadow_cnt_incr = rst_shadow_cnt_q + 1'b1;
 
-  assign rst_shadow_set_d = (rst_shadow_cnt_q == LockstepOffsetW'(LockstepOffset - 1));
-  assign rst_shadow_cnt_d = rst_shadow_set_d ? rst_shadow_cnt_q : rst_shadow_cnt_incr;
+  assign rst_shadow_set_d =
+    (rst_shadow_cnt_q == LockstepOffsetW'(LockstepOffset - 1)) ? IbexMuBiOn : IbexMuBiOff;
+  assign rst_shadow_cnt_d =
+    (rst_shadow_set_d == IbexMuBiOn) ? rst_shadow_cnt_q : rst_shadow_cnt_incr;
 
   always_ff @(posedge clk_i or negedge rst_ni) begin
     if (!rst_ni) begin
       rst_shadow_cnt_q <= '0;
-      enable_cmp_q     <= '0;
+      enable_cmp_q     <= IbexMuBiOff;
     end else begin
       rst_shadow_cnt_q <= rst_shadow_cnt_d;
       enable_cmp_q     <= rst_shadow_set_q;
@@ -145,8 +148,8 @@ module ibex_lockstep import ibex_pkg::*; #(
   // The primitives below are used to place size-only constraints in order to prevent
   // synthesis optimizations and preserve anchor points for constraining backend tools.
   prim_flop #(
-    .Width(1),
-    .ResetValue(1'b0)
+    .Width(IbexMuBiWidth),
+    .ResetValue(IbexMuBiOff)
   ) u_prim_rst_shadow_set_flop (
     .clk_i (clk_i),
     .rst_ni(rst_ni),
@@ -157,7 +160,7 @@ module ibex_lockstep import ibex_pkg::*; #(
   prim_clock_mux2 #(
     .NoFpgaBufG(1'b1)
   ) u_prim_rst_shadow_n_mux2 (
-    .clk0_i(rst_shadow_set_q),
+    .clk0_i(rst_shadow_set_q[0]),
     .clk1_i(scan_rst_ni),
     .sel_i (test_en_i),
     .clk_o (rst_shadow_n)
@@ -458,7 +461,8 @@ module ibex_lockstep import ibex_pkg::*; #(
 
   logic outputs_mismatch;
 
-  assign outputs_mismatch       = enable_cmp_q & (shadow_outputs_q != core_outputs_q[0]);
+  assign outputs_mismatch = 
+    (enable_cmp_q == IbexMuBiOn) & (shadow_outputs_q != core_outputs_q[0]);
   assign alert_major_internal_o = outputs_mismatch | shadow_alert_major_internal;
   assign alert_major_bus_o      = shadow_alert_major_bus;
   assign alert_minor_o          = shadow_alert_minor;

rtl/ibex_pkg.sv

@@ -655,7 +655,9 @@ package ibex_pkg;
 
   // Mult-bit signal used for security hardening. For non-secure implementation all bits other than
   // the bottom bit are ignored.
-  typedef logic [3:0] ibex_mubi_t;
+  parameter int IbexMuBiWidth = 4;
+
+  typedef logic [IbexMuBiWidth-1:0] ibex_mubi_t;
 
   // Note that if adjusting these parameters it is assumed the bottom bit is set for On and unset
   // for Off. This allows the use of IbexMuBiOn/IbexMuBiOff to work for both secure and non-secure