[ot] scripts/opentitan: otptool.py: add a new option to reset the content of a partition.

Signed-off-by: Emmanuel Blot <eblot@rivosinc.com>

Author: rivos-eblot

docs/opentitan/otptool.md

@@ -8,9 +8,9 @@ controller virtual device.
 ````text
 usage: otptool.py [-h] [-j HJSON] [-m VMEM] [-l SV] [-o C] [-r RAW]
                   [-k {auto,otp,fuz}] [-e BITS] [-c INT] [-i INT] [-w] [-n]
-                  [-s] [-E] [-D] [-U] [--clear-bit CLEAR_BIT]
-                  [--set-bit SET_BIT] [--toggle-bit TOGGLE_BIT] [-L | -P | -R]
-                  [-v] [-d]
+                  [-s] [-E] [-D] [-U] [--empty PARTITION]
+                  [--clear-bit CLEAR_BIT] [--set-bit SET_BIT]
+                  [--toggle-bit TOGGLE_BIT] [-L | -P | -R] [-v] [-d]
 
 QEMU OT tool to manage OTP files.
 
@@ -40,7 +40,9 @@ Commands:
   -s, --show            show the OTP content
   -E, --ecc-recover     attempt to recover errors with ECC
   -D, --digest          check the OTP HW partition digest
-  -U, --update          force-update QEMU OTP raw file after ECC recovery
+  -U, --update          update RAW file after ECC recovery or bit changes
+  --empty PARTITION     reset the content of a whole partition, including its
+                        digest if any
   --clear-bit CLEAR_BIT
                         clear a bit at specified location
   --set-bit SET_BIT     set a bit at specified location
@@ -150,6 +152,10 @@ Fuse RAW images only use the v1 type.
   contain long sequence of bytes. If repeated, the empty long fields are also printed in full, as
   a sequence of empty bytes.
 
+* `--empty` reset a whole parition, including its digest if any and ECC bits. This option is only
+  intended for test purposes. This flag may be repeated. Partition(s) can be specified either by
+  their index or their name.
+
 * `--clear-bit` clears the specified bit in the OTP data. This flag may be repeated. This option is
   only intended to corrupt the OTP content so that HW & SW behavior may be exercised should such
   a condition exists. See [Bit position syntax](#bit-syntax) for how to specify a bit.

scripts/opentitan/ot/otp/image.py

@@ -303,6 +303,42 @@ def toggle_bits(self, bitdefs: Sequence[tuple[int, int]]) -> None:
         """
         self._change_bits(bitdefs, None)
 
+    def empty_partition(self, partition: Union[int, str]) -> None:
+        """Empty the whole content of a partition, including its digest if any,
+           and its ECC bits if any.
+
+           :param partition: the partition to empty, either specified as an
+                             index or as the partition name
+        """
+        part = None
+        partix = None
+        if isinstance(partition, int):
+            try:
+                part = self._partitions[partition]
+                partix = partition
+            except IndexError:
+                pass
+        elif isinstance(partition, str):
+            partname = partition.lower()
+            try:
+                partix, part = {(i, p) for i, p in enumerate(self._partitions)
+                                if p.__class__.__name__[:-4].lower() ==
+                                partname}.pop()
+            except KeyError:
+                pass
+        if not part:
+            raise ValueError(f"Unknown partition '{partition}'")
+        part.empty()
+        if not part.is_empty:
+            raise RuntimeError(f"Unable to empty partition '{partition}'")
+        content = BytesIO()
+        part.save(content)
+        data = content.getvalue()
+        length = len(data)
+        offset = self._part_offsets[partix]
+        self._data[offset:offset+length] = data
+        self._ecc[offset // 2:(offset+length)//2] = bytes(length//2)
+
     @staticmethod
     def bit_parity(data: int) -> int:
         """Compute the bit parity of an integer, i.e. reduce the vector to a

scripts/opentitan/ot/otp/partition.py

@@ -59,6 +59,13 @@ def is_locked(self) -> bool:
         return (self.has_digest and self._digest_bytes and
                 self._digest_bytes != bytes(self.DIGEST_SIZE))
 
+    @property
+    def is_empty(self) -> bool:
+        """Report if the partition is empty."""
+        if self._digest_bytes and sum(self._digest_bytes):
+            return False
+        return sum(self._data) == 0
+
     def __repr__(self) -> str:
         return repr(self.__dict__)
 
@@ -72,6 +79,15 @@ def load(self, bfp: BinaryIO) -> None:
             self._digest_bytes = digest
         self._data = data
 
+    def save(self, bfp: BinaryIO) -> None:
+        """Save the content of the partition to a binary stream."""
+        pos = bfp.tell()
+        bfp.write(self._data)
+        bfp.write(self._digest_bytes)
+        size = bfp.tell() - pos
+        if size != self.size:
+            raise RuntimeError(f"Failed to save partition {self.name} content")
+
     def verify(self, digest_iv: int, digest_constant: int) -> Optional[bool]:
         """Verify if the digest matches the content of the partition, if any.
         """
@@ -179,6 +195,12 @@ def emit(fmt, *args):
             emit('%-48s %s %s', f'{pname}:DIGEST', soff,
                  hexlify(self._digest_bytes).decode())
 
+    def empty(self) -> None:
+        """Empty the partition, including its digest if any."""
+        self._data = bytes(len(self._data))
+        if self.has_digest:
+            self._digest_bytes = bytes(self.DIGEST_SIZE)
+
 
 class OtpLifecycleExtension(OtpLifecycle, OtpPartitionDecoder):
     """Decoder for Lifecyle bytes sequences.

scripts/opentitan/otptool.py

@@ -73,6 +73,10 @@ def main():
         commands.add_argument('-U', '--update', action='store_true',
                               help='update RAW file after ECC recovery or bit '
                                    'changes')
+        commands.add_argument('--empty', metavar='PARTITION', action='append',
+                              default=[],
+                              help='reset the content of a whole partition, '
+                                   'including its digest if any')
         commands.add_argument('--clear-bit', action='append', default=[],
                               help='clear a bit at specified location')
         commands.add_argument('--set-bit', action='append',  default=[],
@@ -136,6 +140,8 @@ def main():
                 argparser.error('Cannot decode OTP values without an OTP map')
             if args.digest:
                 argparser.error('Cannot verify OTP digests without an OTP map')
+            if args.empty:
+                argparser.error('Cannot empty OTP partition without an OTP map')
         else:
             otpmap = OtpMap()
             otpmap.load(args.otp_map)
@@ -187,6 +193,9 @@ def main():
                 if args.show:
                     argparser.error('Showing content of non-OpenTitan image is '
                                     'not supported')
+            if args.empty:
+                for part in args.empty:
+                    otp.empty_partition(part)
             if args.iv:
                 otp.set_digest_iv(args.iv)
             if args.constant: