[kmac/dv] Extend DV to cover sideload key becoming invalid in all states

[vogelpi]

Description

Factored out from #22794 and #16855. We should extend DV to cover the sideload key becoming invalid during operation in all possible states.

@andreaskurth and I discussed that this is not ultra critical (thus M5 rather than M4) but that it's still relevant because KEYMGR may clear sideload keys anytime it enters the invalid state / during an escalation. We should make sure this is covered sufficiently in DV to verify that KMAC does the right thing in this case.

[vogelpi]

It would be good to get more coverage for this. But in the grand scheme, it's probably more like a V3 issue? To discuss with @andreaskurth when he is back (he implemented the RTL changes and previous DV for this).

[johngt]

@vogelpi has already highlighted that this should not gate M5 as it is more of a V3 item, so should possibly move to M7. Labelling for triage

[moidx]

Moving to M7 as a V3 issue.

[vogelpi]

I noted that due to the PR which led us opening this issue ( #22794) the FSM coverage dropped from ~94% to 76%. With this issue here in mind, this drop can be explained. For reference:

• Regression result BEFORE merging #22794 https://reports.opentitan.org/hw/ip/kmac_masked/dv/2024.05.03_05.09.46/report.html
• Regression results AFTER merging #22794 https://reports.opentitan.org/hw/ip/kmac_masked/dv/2024.05.06_04.54.17/report.html

[vogelpi]

@nasahlpa prepared a PR to cover most of the state transitions here: #24724.

There are some transitions which are not covered yet as outlined in this issue: #24741.