esp-idf/components/bootloader_support/src/secure_boot.c

190 lines
6.9 KiB
C
Raw Normal View History

2021-05-09 22:35:07 -04:00
/*
* SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <strings.h>
#include "sdkconfig.h"
#include "esp_log.h"
#include "esp_efuse.h"
#include "esp_efuse_table.h"
#include "esp_secure_boot.h"
#ifndef BOOTLOADER_BUILD
static __attribute__((unused)) const char *TAG = "secure_boot";
#ifdef CONFIG_SECURE_BOOT
static void efuse_batch_write_begin(bool *need_fix)
{
if (*need_fix == false) {
esp_efuse_batch_write_begin();
}
*need_fix = true;
}
static void update_efuses(bool need_fix, esp_err_t err)
{
if (need_fix) {
if (err != ESP_OK) {
ESP_LOGE(TAG, "Can not be fixed (err=0x%x).", err);
esp_efuse_batch_write_cancel();
} else {
err = esp_efuse_batch_write_commit();
if (err != ESP_OK) {
ESP_LOGE(TAG, "Error programming eFuses (err=0x%x)", err);
return;
} else {
ESP_LOGI(TAG, "Fixed");
}
}
}
}
#ifdef CONFIG_SECURE_BOOT_V1_ENABLED
static esp_err_t secure_boot_v1_check(bool *need_fix)
{
esp_err_t err = ESP_OK;
esp_efuse_block_t block = EFUSE_BLK_SECURE_BOOT;
if (!esp_efuse_get_key_dis_read(block)) {
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "eFuse BLOCK%d should not be readable. Fixing..", block);
err = esp_efuse_set_key_dis_read(block);
}
if (!esp_efuse_get_key_dis_write(block)) {
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "eFuse BLOCK%d should not be writeable. Fixing..", block);
if (err == ESP_OK) {
err = esp_efuse_set_key_dis_write(block);
}
}
return err;
}
#elif SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS == 1 && CONFIG_SECURE_BOOT_V2_ENABLED
static esp_err_t secure_boot_v2_check(bool *need_fix)
{
esp_err_t err = ESP_OK;
esp_efuse_block_t block = EFUSE_BLK_SECURE_BOOT;
if (esp_efuse_get_key_dis_read(block)) {
ESP_LOGE(TAG, "eFuse BLOCK%d should be readable", block);
abort();
// This code is not achievable because the bootloader will not boot an app in this state.
// But we keep it here just in case (any unexpected behavior).
}
if (esp_efuse_block_is_empty(block)) {
ESP_LOGE(TAG, "eFuse BLOCK%d should not be empty", block);
abort();
// This code is not achievable because the bootloader will not boot an app in this state.
// But we keep it here just in case (any unexpected behavior).
}
if (!esp_efuse_get_key_dis_write(block)) {
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "eFuse BLOCK%d should not be writeable. Fixing..", block);
err = esp_efuse_set_key_dis_write(block);
}
return err;
}
#elif SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS > 1 && CONFIG_SECURE_BOOT_V2_ENABLED
static esp_err_t secure_boot_v2_check(bool *need_fix)
{
esp_err_t err = ESP_OK;
esp_efuse_purpose_t purpose[SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS] = {
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST0,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2,
};
for (unsigned i = 0; i < SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS; ++i) {
esp_efuse_block_t block;
if (esp_efuse_find_purpose(purpose[i], &block)) {
if (!esp_efuse_get_digest_revoke(i)) {
if (esp_efuse_get_key_dis_read(block)) {
ESP_LOGE(TAG, "eFuse BLOCK%d should be readable", block);
abort();
// This state is not expected unless the eFuses have been manually misconfigured.
}
if (esp_efuse_block_is_empty(block)) {
ESP_LOGE(TAG, "eFuse BLOCK%d should not be empty", block);
abort();
// This state is not expected unless the eFuses have been manually misconfigured.
}
if (!esp_efuse_get_key_dis_write(block)) {
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "eFuse BLOCK%d should not be writeable. Fixing..", block);
if (err == ESP_OK) {
err = esp_efuse_set_key_dis_write(block);
}
}
}
if (!esp_efuse_get_keypurpose_dis_write(block)) {
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "The KEY_PURPOSE_SECURE_BOOT_DIGEST%d should be write-protected. Fixing..", block);
if (err == ESP_OK) {
err = esp_efuse_set_keypurpose_dis_write(block);
}
}
} else {
if (!esp_efuse_get_digest_revoke(i)) {
#ifndef CONFIG_SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS
efuse_batch_write_begin(need_fix);
ESP_LOGW(TAG, "Unused SECURE_BOOT_DIGEST%d should be revoked. Fixing..", i);
if (err == ESP_OK) {
err = esp_efuse_set_digest_revoke(i);
}
#else
ESP_LOGW(TAG, "Unused SECURE_BOOT_DIGEST%d should be revoked. It will not be fixed due to the config", i);
#endif
}
}
}
return err;
}
#endif
#endif // CONFIG_SECURE_BOOT
#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
static void rsa_check_signature_on_update_check(void)
{
// We rely on the keys used to sign this app to verify the next app on OTA, so make sure there is at
// least one to avoid a stuck firmware
esp_image_sig_public_key_digests_t digests = { 0 };
esp_err_t err = esp_secure_boot_get_signature_blocks_for_running_app(false, &digests);
if (err != ESP_OK || digests.num_digests == 0) {
ESP_LOGE(TAG, "This app is not signed, but check signature on update is enabled in config. It won't be possible to verify any update.");
abort();
}
#if CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT && SECURE_BOOT_NUM_BLOCKS > 1
if (digests.num_digests > 1) {
ESP_LOGW(TAG, "App has %d signatures. Only the first position of signature blocks is used to verify any update", digests.num_digests);
}
#endif
}
#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
void esp_secure_boot_init_checks(void)
{
#ifdef CONFIG_SECURE_BOOT
if (esp_secure_boot_enabled()) {
bool need_fix = false;
#ifdef CONFIG_SECURE_BOOT_V1_ENABLED
esp_err_t err = secure_boot_v1_check(&need_fix);
#else
esp_err_t err = secure_boot_v2_check(&need_fix);
#endif
update_efuses(need_fix, err);
} else {
ESP_LOGE(TAG, "Mismatch in secure boot settings: the app config is enabled but eFuse not");
}
#endif // CONFIG_SECURE_BOOT
#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
rsa_check_signature_on_update_check();
#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
}
#endif // not BOOTLOADER_BUILD