[ot] scripts/opentitan: otptool.py: add a new option to read Present constants from QEMU config file

Signed-off-by: Emmanuel Blot <eblot@rivosinc.com>

Author: rivos-eblot

docs/opentitan/otptool.md

@@ -7,8 +7,8 @@ controller virtual device.
 
 ````text
 usage: otptool.py [-h] [-j HJSON] [-m VMEM] [-l SV] [-o C] [-r RAW]
-                  [-k {auto,otp,fuz}] [-e BITS] [-c INT] [-i INT] [-w] [-n]
-                  [-s] [-E] [-D] [-U] [--empty PARTITION]
+                  [-k {auto,otp,fuz}] [-e BITS] [-C CONFIG] [-c INT] [-i INT]
+                  [-w] [-n] [-s] [-E] [-D] [-U] [--empty PARTITION]
                   [--clear-bit CLEAR_BIT] [--set-bit SET_BIT]
                   [--toggle-bit TOGGLE_BIT] [-L | -P | -R] [-v] [-d]
 
@@ -30,6 +30,8 @@ Parameters:
   -k {auto,otp,fuz}, --kind {auto,otp,fuz}
                         kind of content in VMEM input file, default: auto
   -e BITS, --ecc BITS   ECC bit count
+  -C CONFIG, --config CONFIG
+                        read Present constants from QEMU config file
   -c INT, --constant INT
                         finalization constant for Present scrambler
   -i INT, --iv INT      initialization vector for Present scrambler
@@ -87,12 +89,18 @@ Fuse RAW images only use the v1 type.
   `-D` to verify partition digests, and stored in the optional QEMU OTP RAW image file for use by
   the virtual OTP controller when used along with the `-r` option.
 
-* `-c` specify the register file, which is only useful to decode OTP content (see `-s` option).
-  This option is required when `-D` Present digest checking is used.
+* `-C` specify a QEMU [configuration file](otcfg.md) from which to read the Present constants that
+  are required for digest computation. It is a convenience switch to replace both `-i` and options.
+  See [`cfggen.py`](cfggen.md) tool to generate such a file.
+
+* `-c` specify the initialization constant for the Present scrambler used for partition digests.
+  This option is required when `-D` Present digest checking is used. See also `-i` option switch.
+  Override option `-C` if any.
 
 * `-D` performs a partition digest checks for all partitions with a defined digest. The Present
   constant should be defined to perform digest verification. They can be specified with the `-c` and
-  `-i` options switches, or when using a QEMU OTP RAW v2 file that stores these constants.
+  `-i` options switches, or when using a QEMU OTP RAW v2 file that stores these constants, or when
+  a QEMU configuration file is specified with the `-C` option.
 
 * `-d` only useful to debug the script, reports any Python traceback to the standard error stream.
 
@@ -101,6 +109,12 @@ Fuse RAW images only use the v1 type.
 * `-e` specify how many bits are used in the VMEM file to store ECC information. Note that ECC
   information is not stored in the QEMU RAW file for now.
 
+* `-i` specify the initialization vector for the Present scrambler used for partition digests.
+  This value is "usually" found within the `hw/ip/otp_ctrl/rtl/otp_ctrl_part_pkg.sv` OT file,
+  from the last entry of `RndCnstDigestIV` array, _i.e._ item 0. It is used along with option
+  `-D` to verify partition digests, and stored in the optional output OTP image file for use by
+  the virtual OTP controller when used along with the `-o` option. Override option `-C` if any.
+
 * `-j` specify the path to the HJSON OTP controller map file, usually stored in OT
   `hw/ip/otp_ctrl/data/otp_ctrl_mmap.hjson`. This file is required with many options when the OTP
   image file needs to be interpreted, such as digest verification, content dump, C file generation,
@@ -117,12 +131,6 @@ Fuse RAW images only use the v1 type.
   states. This option is not required to generate a RAW image file, but required when the `-L`
   option switch is used.
 
-* `-i` specify the initialization vector for the Present scrambler used for partition digests.
-  This value is "usually" found within the `hw/ip/otp_ctrl/rtl/otp_ctrl_part_pkg.sv` OT file,
-  from the last entry of `RndCnstDigestIV` array, _i.e._ item 0. It is used along with option
-  `-D` to verify partition digests, and stored in the optional output OTP image file for use by
-  the virtual OTP controller when used along with the `-o` option.
-
 * `-m` specify the input VMEM file that contains the OTP fuse content. See also the `-k` option.
 
 * `-n` tell the script not to attempt to decode the content of encoded fields, such as the hardened
@@ -170,8 +178,8 @@ Fuse RAW images only use the v1 type.
 
 #### Note
 
-Earlgrey OTP virtual device has not been updated to support Present scrambler, so neither `-C` nor
-`-I` option should be used to generate an Earlgrey-compatible RAW image.
+Earlgrey OTP virtual device has not been updated to support Present scrambler, so neither `-c` nor
+`-i` option should be used to generate an Earlgrey-compatible RAW image.
 
 ### Bit position specifier [#bit-syntax]
 
@@ -206,6 +214,12 @@ scripts/opentitan/otptool.py -m img_rma.24.vmem -r otp.raw \
     -i 0x0123456789abcdef -c 0x00112233445566778899aabbccddeeff
 ````
 
+Generate a QEMU RAW v2 image for the virtual OTP controller, here with an RMA OTP configuration,
+load Present constants from a QEMU configuration file.
+````sh
+scripts/opentitan/otptool.py -m img_rma.24.vmem -r otp.raw -i ot.cfg
+````
+
 Decode the content of an OTP VMEM file:
 ````sh
 scripts/opentitan/otptool.py -m img_rma.24.vmem -j otp_ctrl_mmap.hjson -s

scripts/opentitan/ot/otp/image.py

@@ -7,6 +7,7 @@
 """
 
 from binascii import unhexlify
+from configparser import ConfigParser, NoOptionError
 from io import BytesIO
 from logging import getLogger
 from re import match as re_match, sub as re_sub
@@ -52,6 +53,9 @@ class OtpImage:
          0x2d, 0x2e, 0x2f, 0x31, 0x32, 0x33, 0x34, 0x35)
     )
 
+    DEFAULT_OTP_DEVICE = 'ot-otp-dj'
+    """Default OTP device name in configuration file."""
+
     def __init__(self, ecc_bits: Optional[int] = None):
         self._log = getLogger('otp.img')
         self._header: dict[str, Any] = {}
@@ -202,6 +206,50 @@ def load_lifecycle(self, lcext: OtpLifecycleExtension) -> None:
             if part.name == 'LIFE_CYCLE':
                 part.set_decoder(lcext)
 
+    def load_config(self, cfp: TextIO, section: Optional[str] = None) -> None:
+        """Load Present constant from a QEMU configuration file.
+
+           :param cfp: the configuration stream
+           :param section: the section name where to find the constants,
+                           default to DEFAULT_OTP_DEVICE.
+        """
+        cfg = ConfigParser()
+        cfg.read_file(cfp)
+        if not section:
+            section = self.DEFAULT_OTP_DEVICE
+        sectnames = set()
+        for sectname in cfg.sections():
+            if not sectname.startswith('ot_device '):
+                continue
+            try:
+                devname = sectname.strip().split('"')[1]
+            except IndexError:
+                continue
+            if devname != section and not devname.startswith(f'{section}.'):
+                continue
+            sectnames.add(sectname)
+            self._log.info('Found OTP candidate section %s', devname)
+        if not sectnames:
+            raise ValueError(f"Cannot find OTP device section '{section}'")
+        # accept multiple sections with Present constants definitions as long
+        # as they do match
+        constants = set()
+        ivs = set()
+        for sectname in sectnames:
+            try:
+                constants.add(cfg.get(sectname, 'digest_const')
+                              .strip('"').lower())
+                ivs.add(cfg.get(sectname, 'digest_iv')
+                        .strip('"').lower())
+            except NoOptionError:
+                pass
+        if not constants or not ivs:
+            raise ValueError('Incomplete configuration file')
+        if len(constants) > 1 or len(ivs) > 1:
+            raise ValueError(f"Too many OTP device sections '{section}'")
+        self._digest_constant = HexInt.parse(constants.pop(), 16)
+        self._digest_iv = HexInt.parse(ivs.pop(), 16)
+
     # pylint: disable=invalid-name
     def set_digest_iv(self, iv: int) -> None:
         """Set the Present digest initialization 64-bit vector."""

scripts/opentitan/ot/util/misc.py

@@ -32,11 +32,13 @@ def __repr__(self) -> str:
         return f'0x{self:x}'
 
     @staticmethod
-    def parse(val: Optional[str]) -> Optional[int]:
+    def parse(val: Optional[str], base: Optional[int] = None) -> Optional[int]:
         """Simple helper to support hexadecimal integer in argument parser."""
         if val is None:
             return None
-        return int(val, val.startswith('0x') and 16 or 10)
+        if base is not None:
+            return HexInt(int(val, base))
+        return HexInt(int(val, val.startswith('0x') and 16 or 10))
 
 
 class EasyDict(dict):

scripts/opentitan/otptool.py

@@ -53,6 +53,8 @@ def main():
         params.add_argument('-e', '--ecc', type=int,
                             default=OtpImage.DEFAULT_ECC_BITS,
                             metavar='BITS', help='ECC bit count')
+        params.add_argument('-C', '--config', type=FileType('rt'),
+                            help='read Present constants from QEMU config file')
         params.add_argument('-c', '--constant', type=HexInt.parse,
                             metavar='INT',
                             help='finalization constant for Present scrambler')
@@ -196,6 +198,8 @@ def main():
             if args.empty:
                 for part in args.empty:
                     otp.empty_partition(part)
+            if args.config:
+                otp.load_config(args.config)
             if args.iv:
                 otp.set_digest_iv(args.iv)
             if args.constant: