[crypto/alert] Connect alert management to cryptolib

The cryptolib resets the alert manager's CSRs upon init and reads the
registers upon execution of any API.
In case an alert was raised, the cryptolib now returns a fatal error.

Important is that init is only called at startup where the init function
can be provided the priviledge of setting registers.
The cryptolib requires read access to the alert manager range of
addresses during function but no write access.

This protects the cryptolib to provide a bad status in case even a
recoverable alert is raised.

Signed-off-by: Siemen Dhooghe <sdhooghe@google.com>

Author: siemen11

sw/device/lib/crypto/impl/BUILD

@@ -279,6 +279,7 @@ cc_library(
         "//hw/top_earlgrey/ip_autogen/clkmgr:clkmgr_c_regs",
         "//hw/top_earlgrey/sw/autogen:top_earlgrey",
         "//sw/device/lib/base:hardened_memory",
+        "//sw/device/lib/crypto/drivers:alert",
         "//sw/device/lib/crypto/drivers:rv_core_ibex",
     ],
 )

sw/device/lib/crypto/impl/config.c

@@ -5,6 +5,7 @@
 #include "sw/device/lib/crypto/include/config.h"
 
 #include "sw/device/lib/base/hardened.h"
+#include "sw/device/lib/crypto/drivers/alert.h"
 #include "sw/device/lib/crypto/drivers/rv_core_ibex.h"
 
 #include "clkmgr_regs.h"
@@ -40,9 +41,16 @@ otcrypto_status_t otcrypto_security_config_check(
 otcrypto_status_t otcrypto_init(otcrypto_key_security_level_t security_level) {
   (void)security_level;
 
+  HARDENED_TRY(init_alert_registers());
+
   return OTCRYPTO_OK;
 }
 
 otcrypto_status_t otcrypto_eval_exit(otcrypto_status_t status) {
+  if (read_alert_registers()) {
+    return OTCRYPTO_FATAL_ERR;
+  }
+  HARDENED_CHECK_EQ(launder32(read_alert_registers()), 0);
+
   return status;
 }