alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

bootloader: Adds a check that app is run under FE

Browse Source
This commit is contained in:
KonstantinKondrashov 2021-02-11 21:19:29 +08:00
parent 31e565c3d5
commit 11a2f2acd3
2 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
components/bootloader/Kconfig.projbuild
View File

@ -794,5 +794,16 @@ menu "Security features"
It is also possible to enable secure download mode at runtime by calling It is also possible to enable secure download mode at runtime by calling
esp_efuse_enable_rom_secure_download_mode() esp_efuse_enable_rom_secure_download_mode()
config SECURE_FLASH_CHECK_ENC_EN_IN_APP
bool "Check Flash Encryption enabled on app startup"
depends on SECURE_FLASH_ENC_ENABLED
default y
help
If set (default), in an app during startup code,
there is a check of the flash encryption eFuse bit is on
(as the bootloader should already have set it).
The app requires this bit is on to continue work otherwise abort.
If not set, the app does not care if the flash encryption eFuse bit is set or not.
endmenu # Security features endmenu # Security features

15
components/bootloader_support/src/flash_encrypt.c
View File

@ -23,13 +23,7 @@
#if CONFIG_IDF_TARGET_ESP32 #if CONFIG_IDF_TARGET_ESP32
#define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT #define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT #define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32S2 #else
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32S3
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32C3
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT #define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT #define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#endif #endif
@ -41,6 +35,13 @@ void esp_flash_encryption_init_checks()
{ {
esp_flash_enc_mode_t mode; esp_flash_enc_mode_t mode;
#ifdef CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP
if (!esp_flash_encryption_enabled()) {
ESP_LOGE(TAG, "Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on");
abort();
}
#endif
// First check is: if Release mode flash encryption & secure boot are enabled then // First check is: if Release mode flash encryption & secure boot are enabled then
// FLASH_CRYPT_CNT *must* be write protected. This will have happened automatically // FLASH_CRYPT_CNT *must* be write protected. This will have happened automatically
// if bootloader is IDF V4.0 or newer but may not have happened for previous ESP-IDF bootloaders. // if bootloader is IDF V4.0 or newer but may not have happened for previous ESP-IDF bootloaders.