bootloader: Enable early boot RNG entropy source

This reverts commit ceb85669702f01f3e30ddfcdd841dfe64e1a597c.
This commit is contained in:
Angus Gratton 2017-01-04 15:36:04 +11:00
parent 83442526e0
commit 3922ce47b2
10 changed files with 569 additions and 30 deletions

View File

@ -25,6 +25,7 @@
#include "rom/rtc.h"
#include "rom/uart.h"
#include "rom/gpio.h"
#include "rom/secure_boot.h"
#include "soc/soc.h"
#include "soc/cpu.h"
@ -42,7 +43,7 @@
#include "esp_flash_encrypt.h"
#include "esp_flash_partitions.h"
#include "bootloader_flash.h"
#include "bootloader_random.h"
#include "bootloader_config.h"
#include "rtc.h"
@ -259,6 +260,9 @@ void bootloader_main()
REG_CLR_BIT( TIMG_WDTCONFIG0_REG(0), TIMG_WDT_FLASHBOOT_MOD_EN );
SPIUnlock();
ESP_LOGI(TAG, "Enabling RNG early entropy source...");
bootloader_random_enable();
if(esp_image_load_header(0x1000, true, &fhdr) != ESP_OK) {
ESP_LOGE(TAG, "failed to load bootloader header!");
return;
@ -370,6 +374,9 @@ void bootloader_main()
}
#endif
ESP_LOGI(TAG, "Disabling RNG early entropy source...");
bootloader_random_disable();
// copy loaded segments to RAM, set up caches for mapped segments, and start application
ESP_LOGI(TAG, "Loading app partition at offset %08x", load_part_pos);
unpack_load_app(&load_part_pos);

View File

@ -16,6 +16,30 @@
#include <stddef.h>
/**
* @brief Enable early entropy source for RNG
*
* Uses the SAR ADC to feed entropy into the HWRNG. The ADC is put
* into a test mode that reads the 1.1V internal reference source and
* feeds the LSB of data into the HWRNG.
*
* Can also be used from app code early during operation, if entropy
* is required before WiFi stack is initialised. Call this function
* from app code only if WiFi/BT are not yet enabled and I2S and SAR
* ADC are not in use.
*
* Call bootloader_random_disable() when done.
*/
void bootloader_random_enable(void);
/**
* @brief Disable early entropy source for RNG
*
* Disables SAR ADC source and resets the I2S hardware.
*
*/
void bootloader_random_disable(void);
/**
* @brief Fill buffer with 'length' random bytes
*

View File

@ -12,37 +12,45 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#include "bootloader_random.h"
#include "soc/cpu.h"
#include "soc/wdev_reg.h"
#include "soc/rtc_cntl_reg.h"
#include "soc/sens_reg.h"
#include "soc/syscon_reg.h"
#include "soc/dport_reg.h"
#include "soc/i2s_reg.h"
#include "esp_log.h"
#ifndef BOOTLOADER_BUILD
#include "esp_system.h"
#endif
const char *TAG = "boot_rng";
void bootloader_fill_random(void *buffer, size_t length)
{
uint8_t *buffer_bytes = (uint8_t *)buffer;
uint32_t random;
/* TODO: enable HW RNG clock
Until this clock is enabled, this is not secure
*/
#ifdef BOOTLOADER_BUILD
uint32_t start, now;
#endif
for (int i = 0; i < length; i++) {
if (i == 0 || i % 4 == 0) { /* redundant check is for a compiler warning */
#ifdef BOOTLOADER_BUILD
/* HW RNG generates 32 bits entropy per 16 APB cycles,
in bootloader CPU clock == APB clock.
/* in bootloader with ADC feeding HWRNG, we accumulate 1
bit of entropy per 40 APB cycles (==80 CPU cycles.)
We are being conservative here and waiting at least
that long, as loop shift overhead, etc will add more
cycles.
To avoid reading the entire RNG hardware state out
as-is, we repeatedly read the RNG register and XOR all
values.
*/
asm volatile("nop; nop; nop; nop;");
asm volatile("nop; nop; nop; nop;");
asm volatile("nop; nop; nop; nop;");
asm volatile("nop; nop; nop; nop;");
random = REG_READ(WDEV_RND_REG);
RSR(CCOUNT, start);
do {
random ^= REG_READ(WDEV_RND_REG);
RSR(CCOUNT, now);
} while(now - start < 80*32*2); /* extra factor of 2 is precautionary */
#else
random = esp_random();
#endif
@ -51,3 +59,77 @@ void bootloader_fill_random(void *buffer, size_t length)
buffer_bytes[i] = random >> ((i % 4) * 8);
}
}
void bootloader_random_enable(void)
{
/* Enable SAR ADC in test mode to feed ADC readings of the 1.1V
reference via I2S into the RNG entropy input.
Note: I2S requires the PLL to be running, so the call to rtc_set_cpu_freq(CPU_80M)
in early bootloader startup must have been made.
*/
SET_PERI_REG_BITS(RTC_CNTL_TEST_MUX_REG, RTC_CNTL_DTEST_RTC, 2, RTC_CNTL_DTEST_RTC_S);
SET_PERI_REG_MASK(RTC_CNTL_TEST_MUX_REG, RTC_CNTL_ENT_RTC);
SET_PERI_REG_MASK(SENS_SAR_START_FORCE_REG, SENS_SAR2_EN_TEST);
SET_PERI_REG_MASK(DPORT_PERIP_CLK_EN_REG, DPORT_I2S0_CLK_EN);
CLEAR_PERI_REG_MASK(SENS_SAR_START_FORCE_REG, SENS_ULP_CP_FORCE_START_TOP);
CLEAR_PERI_REG_MASK(SENS_SAR_START_FORCE_REG, SENS_ULP_CP_START_TOP);
// Test pattern configuration byte 0xAD:
//--[7:4] channel_sel: 10-->en_test
//--[3:2] bit_width : 3-->12bit
//--[1:0] atten : 1-->3dB attenuation
WRITE_PERI_REG(SYSCON_SARADC_SAR2_PATT_TAB1_REG, 0xADADADAD);
WRITE_PERI_REG(SYSCON_SARADC_SAR2_PATT_TAB2_REG, 0xADADADAD);
WRITE_PERI_REG(SYSCON_SARADC_SAR2_PATT_TAB3_REG, 0xADADADAD);
WRITE_PERI_REG(SYSCON_SARADC_SAR2_PATT_TAB4_REG, 0xADADADAD);
SET_PERI_REG_BITS(SENS_SAR_MEAS_WAIT2_REG, SENS_FORCE_XPD_SAR, 3, SENS_FORCE_XPD_SAR_S);
SET_PERI_REG_MASK(SENS_SAR_READ_CTRL_REG, SENS_SAR1_DIG_FORCE);
SET_PERI_REG_MASK(SENS_SAR_READ_CTRL2_REG, SENS_SAR2_DIG_FORCE);
SET_PERI_REG_MASK(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_SAR2_MUX);
SET_PERI_REG_BITS(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_SAR_CLK_DIV, 4, SYSCON_SARADC_SAR_CLK_DIV_S);
SET_PERI_REG_BITS(SYSCON_SARADC_FSM_REG, SYSCON_SARADC_RSTB_WAIT, 8, SYSCON_SARADC_RSTB_WAIT_S); /* was 1 */
SET_PERI_REG_BITS(SYSCON_SARADC_FSM_REG, SYSCON_SARADC_START_WAIT, 10, SYSCON_SARADC_START_WAIT_S);
SET_PERI_REG_BITS(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_WORK_MODE, 0, SYSCON_SARADC_WORK_MODE_S);
SET_PERI_REG_MASK(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_SAR_SEL);
CLEAR_PERI_REG_MASK(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_DATA_SAR_SEL);
SET_PERI_REG_BITS(I2S_SAMPLE_RATE_CONF_REG(0), I2S_RX_BCK_DIV_NUM, 20, I2S_RX_BCK_DIV_NUM_S);
SET_PERI_REG_MASK(SYSCON_SARADC_CTRL_REG,SYSCON_SARADC_DATA_TO_I2S);
CLEAR_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_CAMERA_EN);
SET_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_LCD_EN);
SET_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_DATA_ENABLE);
SET_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_DATA_ENABLE_TEST_EN);
SET_PERI_REG_MASK(I2S_CONF_REG(0), I2S_RX_START);
}
void bootloader_random_disable(void)
{
/* Disable i2s clock */
CLEAR_PERI_REG_MASK(DPORT_PERIP_CLK_EN_REG, DPORT_I2S0_CLK_EN);
/* Reset some i2s configuration (possibly redundant as we reset entire
I2S peripheral further down). */
CLEAR_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_CAMERA_EN);
CLEAR_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_LCD_EN);
CLEAR_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_DATA_ENABLE_TEST_EN);
CLEAR_PERI_REG_MASK(I2S_CONF2_REG(0), I2S_DATA_ENABLE);
CLEAR_PERI_REG_MASK(I2S_CONF_REG(0), I2S_RX_START);
/* Restore SYSCON mode registers */
CLEAR_PERI_REG_MASK(SENS_SAR_READ_CTRL_REG, SENS_SAR1_DIG_FORCE);
CLEAR_PERI_REG_MASK(SENS_SAR_READ_CTRL2_REG, SENS_SAR2_DIG_FORCE);
CLEAR_PERI_REG_MASK(SYSCON_SARADC_CTRL_REG, SYSCON_SARADC_SAR2_MUX | SYSCON_SARADC_SAR_SEL);
/* Restore SAR ADC mode */
CLEAR_PERI_REG_MASK(SENS_SAR_START_FORCE_REG, SENS_SAR2_EN_TEST);
/* Reset i2s peripheral */
SET_PERI_REG_MASK(DPORT_PERIP_RST_EN_REG, DPORT_I2S0_RST);
CLEAR_PERI_REG_MASK(DPORT_PERIP_RST_EN_REG, DPORT_I2S0_RST);
}

View File

@ -78,12 +78,19 @@ static esp_err_t initialise_flash_encryption(void)
&& REG_READ(EFUSE_BLK1_RDATA5_REG) == 0
&& REG_READ(EFUSE_BLK1_RDATA6_REG) == 0
&& REG_READ(EFUSE_BLK1_RDATA7_REG) == 0) {
ESP_LOGI(TAG, "Generating new flash encryption key...");
uint32_t buf[8];
bootloader_fill_random(buf, sizeof(buf));
for (int i = 0; i < 8; i++) {
ESP_LOGV(TAG, "EFUSE_BLK1_WDATA%d_REG = 0x%08x", i, buf[i]);
REG_WRITE(EFUSE_BLK1_WDATA0_REG + 4*i, buf[i]);
}
bzero(buf, sizeof(buf));
esp_efuse_burn_new_values();
/* On-device key generation is temporarily disabled, until
* RNG operation during bootloader is qualified.
* See docs/security/flash-encryption.rst for details. */
ESP_LOGE(TAG, "On-device key generation is not yet available.");
return ESP_ERR_NOT_SUPPORTED;
ESP_LOGI(TAG, "Read & write protecting new key...");
REG_WRITE(EFUSE_BLK0_WDATA0_REG, EFUSE_WR_DIS_BLK1 | EFUSE_RD_DIS_BLK1);
esp_efuse_burn_new_values();
} else {
if(!(efuse_key_read_protected && efuse_key_write_protected)) {

View File

@ -130,12 +130,21 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
&& REG_READ(EFUSE_BLK2_RDATA5_REG) == 0
&& REG_READ(EFUSE_BLK2_RDATA6_REG) == 0
&& REG_READ(EFUSE_BLK2_RDATA7_REG) == 0) {
ESP_LOGI(TAG, "Generating new secure boot key...");
uint32_t buf[8];
bootloader_fill_random(buf, sizeof(buf));
for (int i = 0; i < 8; i++) {
ESP_LOGV(TAG, "EFUSE_BLK2_WDATA%d_REG = 0x%08x", i, buf[i]);
REG_WRITE(EFUSE_BLK2_WDATA0_REG + 4*i, buf[i]);
}
bzero(buf, sizeof(buf));
burn_efuses();
ESP_LOGI(TAG, "Read & write protecting new key...");
REG_WRITE(EFUSE_BLK0_WDATA0_REG, EFUSE_WR_DIS_BLK2 | EFUSE_RD_DIS_BLK2);
burn_efuses();
efuse_key_read_protected = true;
efuse_key_write_protected = true;
/* On-device key generation is temporarily disabled, until
* RNG operation during bootloader is qualified.
* See docs/security/secure-boot.rst for details. */
ESP_LOGE(TAG, "On-device key generation is not yet available.");
return ESP_ERR_NOT_SUPPORTED;
} else {
ESP_LOGW(TAG, "Using pre-loaded secure boot key in EFUSE block 2");
}

View File

@ -158,6 +158,7 @@
#define DR_REG_RTCMEM0_BASE 0x3ff61000
#define DR_REG_RTCMEM1_BASE 0x3ff62000
#define DR_REG_RTCMEM2_BASE 0x3ff63000
#define DR_REG_SYSCON_BASE 0x3ff66000
#define DR_REG_HINF_BASE 0x3ff4B000
#define DR_REG_UHCI1_BASE 0x3ff4C000
#define DR_REG_I2S_BASE 0x3ff4F000

View File

@ -0,0 +1,294 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SOC_SYSCON_REG_H_
#define _SOC_SYSCON_REG_H_
#include "soc.h"
#define SYSCON_SYSCLK_CONF_REG (DR_REG_SYSCON_BASE + 0x0)
/* SYSCON_QUICK_CLK_CHNG : R/W ;bitpos:[13] ;default: 1'b1 ; */
/*description: */
#define SYSCON_QUICK_CLK_CHNG (BIT(13))
#define SYSCON_QUICK_CLK_CHNG_M (BIT(13))
#define SYSCON_QUICK_CLK_CHNG_V 0x1
#define SYSCON_QUICK_CLK_CHNG_S 13
/* SYSCON_RST_TICK_CNT : R/W ;bitpos:[12] ;default: 1'b0 ; */
/*description: */
#define SYSCON_RST_TICK_CNT (BIT(12))
#define SYSCON_RST_TICK_CNT_M (BIT(12))
#define SYSCON_RST_TICK_CNT_V 0x1
#define SYSCON_RST_TICK_CNT_S 12
/* SYSCON_CLK_EN : R/W ;bitpos:[11] ;default: 1'b0 ; */
/*description: */
#define SYSCON_CLK_EN (BIT(11))
#define SYSCON_CLK_EN_M (BIT(11))
#define SYSCON_CLK_EN_V 0x1
#define SYSCON_CLK_EN_S 11
/* SYSCON_CLK_320M_EN : R/W ;bitpos:[10] ;default: 1'b0 ; */
/*description: */
#define SYSCON_CLK_320M_EN (BIT(10))
#define SYSCON_CLK_320M_EN_M (BIT(10))
#define SYSCON_CLK_320M_EN_V 0x1
#define SYSCON_CLK_320M_EN_S 10
/* SYSCON_PRE_DIV_CNT : R/W ;bitpos:[9:0] ;default: 10'h0 ; */
/*description: */
#define SYSCON_PRE_DIV_CNT 0x000003FF
#define SYSCON_PRE_DIV_CNT_M ((SYSCON_PRE_DIV_CNT_V)<<(SYSCON_PRE_DIV_CNT_S))
#define SYSCON_PRE_DIV_CNT_V 0x3FF
#define SYSCON_PRE_DIV_CNT_S 0
#define SYSCON_XTAL_TICK_CONF_REG (DR_REG_SYSCON_BASE + 0x4)
/* SYSCON_XTAL_TICK_NUM : R/W ;bitpos:[7:0] ;default: 8'd39 ; */
/*description: */
#define SYSCON_XTAL_TICK_NUM 0x000000FF
#define SYSCON_XTAL_TICK_NUM_M ((SYSCON_XTAL_TICK_NUM_V)<<(SYSCON_XTAL_TICK_NUM_S))
#define SYSCON_XTAL_TICK_NUM_V 0xFF
#define SYSCON_XTAL_TICK_NUM_S 0
#define SYSCON_PLL_TICK_CONF_REG (DR_REG_SYSCON_BASE + 0x8)
/* SYSCON_PLL_TICK_NUM : R/W ;bitpos:[7:0] ;default: 8'd79 ; */
/*description: */
#define SYSCON_PLL_TICK_NUM 0x000000FF
#define SYSCON_PLL_TICK_NUM_M ((SYSCON_PLL_TICK_NUM_V)<<(SYSCON_PLL_TICK_NUM_S))
#define SYSCON_PLL_TICK_NUM_V 0xFF
#define SYSCON_PLL_TICK_NUM_S 0
#define SYSCON_CK8M_TICK_CONF_REG (DR_REG_SYSCON_BASE + 0xC)
/* SYSCON_CK8M_TICK_NUM : R/W ;bitpos:[7:0] ;default: 8'd11 ; */
/*description: */
#define SYSCON_CK8M_TICK_NUM 0x000000FF
#define SYSCON_CK8M_TICK_NUM_M ((SYSCON_CK8M_TICK_NUM_V)<<(SYSCON_CK8M_TICK_NUM_S))
#define SYSCON_CK8M_TICK_NUM_V 0xFF
#define SYSCON_CK8M_TICK_NUM_S 0
#define SYSCON_SARADC_CTRL_REG (DR_REG_SYSCON_BASE + 0x10)
/* SYSCON_SARADC_DATA_TO_I2S : R/W ;bitpos:[26] ;default: 1'b0 ; */
/*description: 1: I2S input data is from SAR ADC (for DMA) 0: I2S input data
is from GPIO matrix*/
#define SYSCON_SARADC_DATA_TO_I2S (BIT(26))
#define SYSCON_SARADC_DATA_TO_I2S_M (BIT(26))
#define SYSCON_SARADC_DATA_TO_I2S_V 0x1
#define SYSCON_SARADC_DATA_TO_I2S_S 26
/* SYSCON_SARADC_DATA_SAR_SEL : R/W ;bitpos:[25] ;default: 1'b0 ; */
/*description: 1: sar_sel will be coded by the MSB of the 16-bit output data
in this case the resolution should not be larger than 11 bits.*/
#define SYSCON_SARADC_DATA_SAR_SEL (BIT(25))
#define SYSCON_SARADC_DATA_SAR_SEL_M (BIT(25))
#define SYSCON_SARADC_DATA_SAR_SEL_V 0x1
#define SYSCON_SARADC_DATA_SAR_SEL_S 25
/* SYSCON_SARADC_SAR2_PATT_P_CLEAR : R/W ;bitpos:[24] ;default: 1'd0 ; */
/*description: clear the pointer of pattern table for DIG ADC2 CTRL*/
#define SYSCON_SARADC_SAR2_PATT_P_CLEAR (BIT(24))
#define SYSCON_SARADC_SAR2_PATT_P_CLEAR_M (BIT(24))
#define SYSCON_SARADC_SAR2_PATT_P_CLEAR_V 0x1
#define SYSCON_SARADC_SAR2_PATT_P_CLEAR_S 24
/* SYSCON_SARADC_SAR1_PATT_P_CLEAR : R/W ;bitpos:[23] ;default: 1'd0 ; */
/*description: clear the pointer of pattern table for DIG ADC1 CTRL*/
#define SYSCON_SARADC_SAR1_PATT_P_CLEAR (BIT(23))
#define SYSCON_SARADC_SAR1_PATT_P_CLEAR_M (BIT(23))
#define SYSCON_SARADC_SAR1_PATT_P_CLEAR_V 0x1
#define SYSCON_SARADC_SAR1_PATT_P_CLEAR_S 23
/* SYSCON_SARADC_SAR2_PATT_LEN : R/W ;bitpos:[22:19] ;default: 4'd15 ; */
/*description: 0 ~ 15 means length 1 ~ 16*/
#define SYSCON_SARADC_SAR2_PATT_LEN 0x0000000F
#define SYSCON_SARADC_SAR2_PATT_LEN_M ((SYSCON_SARADC_SAR2_PATT_LEN_V)<<(SYSCON_SARADC_SAR2_PATT_LEN_S))
#define SYSCON_SARADC_SAR2_PATT_LEN_V 0xF
#define SYSCON_SARADC_SAR2_PATT_LEN_S 19
/* SYSCON_SARADC_SAR1_PATT_LEN : R/W ;bitpos:[18:15] ;default: 4'd15 ; */
/*description: 0 ~ 15 means length 1 ~ 16*/
#define SYSCON_SARADC_SAR1_PATT_LEN 0x0000000F
#define SYSCON_SARADC_SAR1_PATT_LEN_M ((SYSCON_SARADC_SAR1_PATT_LEN_V)<<(SYSCON_SARADC_SAR1_PATT_LEN_S))
#define SYSCON_SARADC_SAR1_PATT_LEN_V 0xF
#define SYSCON_SARADC_SAR1_PATT_LEN_S 15
/* SYSCON_SARADC_SAR_CLK_DIV : R/W ;bitpos:[14:7] ;default: 8'd4 ; */
/*description: SAR clock divider*/
#define SYSCON_SARADC_SAR_CLK_DIV 0x000000FF
#define SYSCON_SARADC_SAR_CLK_DIV_M ((SYSCON_SARADC_SAR_CLK_DIV_V)<<(SYSCON_SARADC_SAR_CLK_DIV_S))
#define SYSCON_SARADC_SAR_CLK_DIV_V 0xFF
#define SYSCON_SARADC_SAR_CLK_DIV_S 7
/* SYSCON_SARADC_SAR_CLK_GATED : R/W ;bitpos:[6] ;default: 1'b1 ; */
/*description: */
#define SYSCON_SARADC_SAR_CLK_GATED (BIT(6))
#define SYSCON_SARADC_SAR_CLK_GATED_M (BIT(6))
#define SYSCON_SARADC_SAR_CLK_GATED_V 0x1
#define SYSCON_SARADC_SAR_CLK_GATED_S 6
/* SYSCON_SARADC_SAR_SEL : R/W ;bitpos:[5] ;default: 1'd0 ; */
/*description: 0: SAR1 1: SAR2 only work for single SAR mode*/
#define SYSCON_SARADC_SAR_SEL (BIT(5))
#define SYSCON_SARADC_SAR_SEL_M (BIT(5))
#define SYSCON_SARADC_SAR_SEL_V 0x1
#define SYSCON_SARADC_SAR_SEL_S 5
/* SYSCON_SARADC_WORK_MODE : R/W ;bitpos:[4:3] ;default: 2'd0 ; */
/*description: 0: single mode 1: double mode 2: alternate mode*/
#define SYSCON_SARADC_WORK_MODE 0x00000003
#define SYSCON_SARADC_WORK_MODE_M ((SYSCON_SARADC_WORK_MODE_V)<<(SYSCON_SARADC_WORK_MODE_S))
#define SYSCON_SARADC_WORK_MODE_V 0x3
#define SYSCON_SARADC_WORK_MODE_S 3
/* SYSCON_SARADC_SAR2_MUX : R/W ;bitpos:[2] ;default: 1'd0 ; */
/*description: 1: SAR ADC2 is controlled by DIG ADC2 CTRL 0: SAR ADC2 is controlled
by PWDET CTRL*/
#define SYSCON_SARADC_SAR2_MUX (BIT(2))
#define SYSCON_SARADC_SAR2_MUX_M (BIT(2))
#define SYSCON_SARADC_SAR2_MUX_V 0x1
#define SYSCON_SARADC_SAR2_MUX_S 2
/* SYSCON_SARADC_START : R/W ;bitpos:[1] ;default: 1'd0 ; */
/*description: */
#define SYSCON_SARADC_START (BIT(1))
#define SYSCON_SARADC_START_M (BIT(1))
#define SYSCON_SARADC_START_V 0x1
#define SYSCON_SARADC_START_S 1
/* SYSCON_SARADC_START_FORCE : R/W ;bitpos:[0] ;default: 1'd0 ; */
/*description: */
#define SYSCON_SARADC_START_FORCE (BIT(0))
#define SYSCON_SARADC_START_FORCE_M (BIT(0))
#define SYSCON_SARADC_START_FORCE_V 0x1
#define SYSCON_SARADC_START_FORCE_S 0
#define SYSCON_SARADC_CTRL2_REG (DR_REG_SYSCON_BASE + 0x14)
/* SYSCON_SARADC_SAR2_INV : R/W ;bitpos:[10] ;default: 1'd0 ; */
/*description: 1: data to DIG ADC2 CTRL is inverted otherwise not*/
#define SYSCON_SARADC_SAR2_INV (BIT(10))
#define SYSCON_SARADC_SAR2_INV_M (BIT(10))
#define SYSCON_SARADC_SAR2_INV_V 0x1
#define SYSCON_SARADC_SAR2_INV_S 10
/* SYSCON_SARADC_SAR1_INV : R/W ;bitpos:[9] ;default: 1'd0 ; */
/*description: 1: data to DIG ADC1 CTRL is inverted otherwise not*/
#define SYSCON_SARADC_SAR1_INV (BIT(9))
#define SYSCON_SARADC_SAR1_INV_M (BIT(9))
#define SYSCON_SARADC_SAR1_INV_V 0x1
#define SYSCON_SARADC_SAR1_INV_S 9
/* SYSCON_SARADC_MAX_MEAS_NUM : R/W ;bitpos:[8:1] ;default: 8'd255 ; */
/*description: max conversion number*/
#define SYSCON_SARADC_MAX_MEAS_NUM 0x000000FF
#define SYSCON_SARADC_MAX_MEAS_NUM_M ((SYSCON_SARADC_MAX_MEAS_NUM_V)<<(SYSCON_SARADC_MAX_MEAS_NUM_S))
#define SYSCON_SARADC_MAX_MEAS_NUM_V 0xFF
#define SYSCON_SARADC_MAX_MEAS_NUM_S 1
/* SYSCON_SARADC_MEAS_NUM_LIMIT : R/W ;bitpos:[0] ;default: 1'd0 ; */
/*description: */
#define SYSCON_SARADC_MEAS_NUM_LIMIT (BIT(0))
#define SYSCON_SARADC_MEAS_NUM_LIMIT_M (BIT(0))
#define SYSCON_SARADC_MEAS_NUM_LIMIT_V 0x1
#define SYSCON_SARADC_MEAS_NUM_LIMIT_S 0
#define SYSCON_SARADC_FSM_REG (DR_REG_SYSCON_BASE + 0x18)
/* SYSCON_SARADC_SAMPLE_CYCLE : R/W ;bitpos:[31:24] ;default: 8'd2 ; */
/*description: sample cycles*/
#define SYSCON_SARADC_SAMPLE_CYCLE 0x000000FF
#define SYSCON_SARADC_SAMPLE_CYCLE_M ((SYSCON_SARADC_SAMPLE_CYCLE_V)<<(SYSCON_SARADC_SAMPLE_CYCLE_S))
#define SYSCON_SARADC_SAMPLE_CYCLE_V 0xFF
#define SYSCON_SARADC_SAMPLE_CYCLE_S 24
/* SYSCON_SARADC_START_WAIT : R/W ;bitpos:[23:16] ;default: 8'd8 ; */
/*description: */
#define SYSCON_SARADC_START_WAIT 0x000000FF
#define SYSCON_SARADC_START_WAIT_M ((SYSCON_SARADC_START_WAIT_V)<<(SYSCON_SARADC_START_WAIT_S))
#define SYSCON_SARADC_START_WAIT_V 0xFF
#define SYSCON_SARADC_START_WAIT_S 16
/* SYSCON_SARADC_STANDBY_WAIT : R/W ;bitpos:[15:8] ;default: 8'd255 ; */
/*description: */
#define SYSCON_SARADC_STANDBY_WAIT 0x000000FF
#define SYSCON_SARADC_STANDBY_WAIT_M ((SYSCON_SARADC_STANDBY_WAIT_V)<<(SYSCON_SARADC_STANDBY_WAIT_S))
#define SYSCON_SARADC_STANDBY_WAIT_V 0xFF
#define SYSCON_SARADC_STANDBY_WAIT_S 8
/* SYSCON_SARADC_RSTB_WAIT : R/W ;bitpos:[7:0] ;default: 8'd8 ; */
/*description: */
#define SYSCON_SARADC_RSTB_WAIT 0x000000FF
#define SYSCON_SARADC_RSTB_WAIT_M ((SYSCON_SARADC_RSTB_WAIT_V)<<(SYSCON_SARADC_RSTB_WAIT_S))
#define SYSCON_SARADC_RSTB_WAIT_V 0xFF
#define SYSCON_SARADC_RSTB_WAIT_S 0
#define SYSCON_SARADC_SAR1_PATT_TAB1_REG (DR_REG_SYSCON_BASE + 0x1C)
/* SYSCON_SARADC_SAR1_PATT_TAB1 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: item 0 ~ 3 for pattern table 1 (each item one byte)*/
#define SYSCON_SARADC_SAR1_PATT_TAB1 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB1_M ((SYSCON_SARADC_SAR1_PATT_TAB1_V)<<(SYSCON_SARADC_SAR1_PATT_TAB1_S))
#define SYSCON_SARADC_SAR1_PATT_TAB1_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB1_S 0
#define SYSCON_SARADC_SAR1_PATT_TAB2_REG (DR_REG_SYSCON_BASE + 0x20)
/* SYSCON_SARADC_SAR1_PATT_TAB2 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 4 ~ 7 for pattern table 1 (each item one byte)*/
#define SYSCON_SARADC_SAR1_PATT_TAB2 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB2_M ((SYSCON_SARADC_SAR1_PATT_TAB2_V)<<(SYSCON_SARADC_SAR1_PATT_TAB2_S))
#define SYSCON_SARADC_SAR1_PATT_TAB2_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB2_S 0
#define SYSCON_SARADC_SAR1_PATT_TAB3_REG (DR_REG_SYSCON_BASE + 0x24)
/* SYSCON_SARADC_SAR1_PATT_TAB3 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 8 ~ 11 for pattern table 1 (each item one byte)*/
#define SYSCON_SARADC_SAR1_PATT_TAB3 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB3_M ((SYSCON_SARADC_SAR1_PATT_TAB3_V)<<(SYSCON_SARADC_SAR1_PATT_TAB3_S))
#define SYSCON_SARADC_SAR1_PATT_TAB3_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB3_S 0
#define SYSCON_SARADC_SAR1_PATT_TAB4_REG (DR_REG_SYSCON_BASE + 0x28)
/* SYSCON_SARADC_SAR1_PATT_TAB4 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 12 ~ 15 for pattern table 1 (each item one byte)*/
#define SYSCON_SARADC_SAR1_PATT_TAB4 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB4_M ((SYSCON_SARADC_SAR1_PATT_TAB4_V)<<(SYSCON_SARADC_SAR1_PATT_TAB4_S))
#define SYSCON_SARADC_SAR1_PATT_TAB4_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR1_PATT_TAB4_S 0
#define SYSCON_SARADC_SAR2_PATT_TAB1_REG (DR_REG_SYSCON_BASE + 0x2C)
/* SYSCON_SARADC_SAR2_PATT_TAB1 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: item 0 ~ 3 for pattern table 2 (each item one byte)*/
#define SYSCON_SARADC_SAR2_PATT_TAB1 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB1_M ((SYSCON_SARADC_SAR2_PATT_TAB1_V)<<(SYSCON_SARADC_SAR2_PATT_TAB1_S))
#define SYSCON_SARADC_SAR2_PATT_TAB1_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB1_S 0
#define SYSCON_SARADC_SAR2_PATT_TAB2_REG (DR_REG_SYSCON_BASE + 0x30)
/* SYSCON_SARADC_SAR2_PATT_TAB2 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 4 ~ 7 for pattern table 2 (each item one byte)*/
#define SYSCON_SARADC_SAR2_PATT_TAB2 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB2_M ((SYSCON_SARADC_SAR2_PATT_TAB2_V)<<(SYSCON_SARADC_SAR2_PATT_TAB2_S))
#define SYSCON_SARADC_SAR2_PATT_TAB2_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB2_S 0
#define SYSCON_SARADC_SAR2_PATT_TAB3_REG (DR_REG_SYSCON_BASE + 0x34)
/* SYSCON_SARADC_SAR2_PATT_TAB3 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 8 ~ 11 for pattern table 2 (each item one byte)*/
#define SYSCON_SARADC_SAR2_PATT_TAB3 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB3_M ((SYSCON_SARADC_SAR2_PATT_TAB3_V)<<(SYSCON_SARADC_SAR2_PATT_TAB3_S))
#define SYSCON_SARADC_SAR2_PATT_TAB3_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB3_S 0
#define SYSCON_SARADC_SAR2_PATT_TAB4_REG (DR_REG_SYSCON_BASE + 0x38)
/* SYSCON_SARADC_SAR2_PATT_TAB4 : R/W ;bitpos:[31:0] ;default: 32'hf0f0f0f ; */
/*description: Item 12 ~ 15 for pattern table 2 (each item one byte)*/
#define SYSCON_SARADC_SAR2_PATT_TAB4 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB4_M ((SYSCON_SARADC_SAR2_PATT_TAB4_V)<<(SYSCON_SARADC_SAR2_PATT_TAB4_S))
#define SYSCON_SARADC_SAR2_PATT_TAB4_V 0xFFFFFFFF
#define SYSCON_SARADC_SAR2_PATT_TAB4_S 0
#define SYSCON_APLL_TICK_CONF_REG (DR_REG_SYSCON_BASE + 0x3C)
/* SYSCON_APLL_TICK_NUM : R/W ;bitpos:[7:0] ;default: 8'd99 ; */
/*description: */
#define SYSCON_APLL_TICK_NUM 0x000000FF
#define SYSCON_APLL_TICK_NUM_M ((SYSCON_APLL_TICK_NUM_V)<<(SYSCON_APLL_TICK_NUM_S))
#define SYSCON_APLL_TICK_NUM_V 0xFF
#define SYSCON_APLL_TICK_NUM_S 0
#define SYSCON_DATE_REG (DR_REG_SYSCON_BASE + 0x7C)
/* SYSCON_DATE : R/W ;bitpos:[31:0] ;default: 32'h16042000 ; */
/*description: */
#define SYSCON_DATE 0xFFFFFFFF
#define SYSCON_DATE_M ((SYSCON_DATE_V)<<(SYSCON_DATE_S))
#define SYSCON_DATE_V 0xFFFFFFFF
#define SYSCON_DATE_S 0
#endif /*_SOC_SYSCON_REG_H_ */

View File

@ -0,0 +1,120 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SOC_SYSCON_STRUCT_H_
#define _SOC_SYSCON_STRUCT_H_
typedef struct {
union {
struct {
volatile uint32_t pre_div: 10;
volatile uint32_t clk_320m_en: 1;
volatile uint32_t clk_en: 1;
volatile uint32_t rst_tick: 1;
volatile uint32_t quick_clk_chng: 1;
volatile uint32_t reserved14: 18;
};
volatile uint32_t val;
}clk_conf;
union {
struct {
volatile uint32_t xtal_tick: 8;
volatile uint32_t reserved8: 24;
};
volatile uint32_t val;
}xtal_tick_conf;
union {
struct {
volatile uint32_t pll_tick: 8;
volatile uint32_t reserved8: 24;
};
volatile uint32_t val;
}pll_tick_conf;
union {
struct {
volatile uint32_t ck8m_tick: 8;
volatile uint32_t reserved8: 24;
};
volatile uint32_t val;
}ck8m_tick_conf;
union {
struct {
volatile uint32_t start_force: 1;
volatile uint32_t start: 1;
volatile uint32_t sar2_mux: 1; /*1: SAR ADC2 is controlled by DIG ADC2 CTRL 0: SAR ADC2 is controlled by PWDET CTRL*/
volatile uint32_t work_mode: 2; /*0: single mode 1: double mode 2: alternate mode*/
volatile uint32_t sar_sel: 1; /*0: SAR1 1: SAR2 only work for single SAR mode*/
volatile uint32_t sar_clk_gated: 1;
volatile uint32_t sar_clk_div: 8; /*SAR clock divider*/
volatile uint32_t sar1_patt_len: 4; /*0 ~ 15 means length 1 ~ 16*/
volatile uint32_t sar2_patt_len: 4; /*0 ~ 15 means length 1 ~ 16*/
volatile uint32_t sar1_patt_p_clear: 1; /*clear the pointer of pattern table for DIG ADC1 CTRL*/
volatile uint32_t sar2_patt_p_clear: 1; /*clear the pointer of pattern table for DIG ADC2 CTRL*/
volatile uint32_t data_sar_sel: 1; /*1: sar_sel will be coded by the MSB of the 16-bit output data in this case the resolution should not be larger than 11 bits.*/
volatile uint32_t data_to_i2s: 1; /*1: I2S input data is from SAR ADC (for DMA) 0: I2S input data is from GPIO matrix*/
volatile uint32_t reserved27: 5;
};
volatile uint32_t val;
}saradc_ctrl;
union {
struct {
volatile uint32_t meas_num_limit: 1;
volatile uint32_t max_meas_num: 8; /*max conversion number*/
volatile uint32_t sar1_inv: 1; /*1: data to DIG ADC1 CTRL is inverted otherwise not*/
volatile uint32_t sar2_inv: 1; /*1: data to DIG ADC2 CTRL is inverted otherwise not*/
volatile uint32_t reserved11: 21;
};
volatile uint32_t val;
}saradc_ctrl2;
union {
struct {
volatile uint32_t rstb_wait: 8;
volatile uint32_t standby_wait: 8;
volatile uint32_t start_wait: 8;
volatile uint32_t sample_cycle: 8; /*sample cycles*/
};
volatile uint32_t val;
}saradc_fsm;
volatile uint32_t saradc_sar1_patt_tab1; /*item 0 ~ 3 for pattern table 1 (each item one byte)*/
volatile uint32_t saradc_sar1_patt_tab2; /*Item 4 ~ 7 for pattern table 1 (each item one byte)*/
volatile uint32_t saradc_sar1_patt_tab3; /*Item 8 ~ 11 for pattern table 1 (each item one byte)*/
volatile uint32_t saradc_sar1_patt_tab4; /*Item 12 ~ 15 for pattern table 1 (each item one byte)*/
volatile uint32_t saradc_sar2_patt_tab1; /*item 0 ~ 3 for pattern table 2 (each item one byte)*/
volatile uint32_t saradc_sar2_patt_tab2; /*Item 4 ~ 7 for pattern table 2 (each item one byte)*/
volatile uint32_t saradc_sar2_patt_tab3; /*Item 8 ~ 11 for pattern table 2 (each item one byte)*/
volatile uint32_t saradc_sar2_patt_tab4; /*Item 12 ~ 15 for pattern table 2 (each item one byte)*/
union {
struct {
volatile uint32_t apll_tick: 8;
volatile uint32_t reserved8: 24;
};
volatile uint32_t val;
}apll_tick_conf;
volatile uint32_t reserved_40;
volatile uint32_t reserved_44;
volatile uint32_t reserved_48;
volatile uint32_t reserved_4c;
volatile uint32_t reserved_50;
volatile uint32_t reserved_54;
volatile uint32_t reserved_58;
volatile uint32_t reserved_5c;
volatile uint32_t reserved_60;
volatile uint32_t reserved_64;
volatile uint32_t reserved_68;
volatile uint32_t reserved_6c;
volatile uint32_t reserved_70;
volatile uint32_t reserved_74;
volatile uint32_t reserved_78;
volatile uint32_t date; /**/
} syscon_dev_t;
#endif /* _SOC_SYSCON_STRUCT_H_ */

View File

@ -7,9 +7,6 @@ Flash Encryption is separate from the `Secure Boot` feature, and you can use fla
**IMPORTANT: Enabling flash encryption limits your options for further updates of your ESP32. Make sure to read this document (including `Limitations of Flash Encryption` and understand the implications of enabling flash encryption.**
**IMPORTANT: Flash Encryption feature is currently enabled for development use only, with a key generated on the host. The recommended production configuration, where the flash encryption key is generated by the device on first boot, is currently disabled while final testing is done. This documentation refers to flash encryption keys being generated on first boot, however for now it is necessary to follow the additional steps shown under `Precalculated Flash Encryption Key`.**
Background
----------

View File

@ -5,8 +5,6 @@ Secure Boot is a feature for ensuring only your code can run on the chip. Data l
Secure Boot is separate from the `Flash Encryption` feature, and you can use secure boot without encrypting the flash contents. However we recommend using both features together for a secure environment.
**IMPORTANT: Secure Boot feature is currently enabled for development use only, with a key generated on the host. The recommended production configuration, where the secure boot key is generated by the device on first boot, is currently disabled while final testing is done. This documentation refers to "One-Time Flashable" mode (where keys are generated on the device), but for now only the `Re-Flashable Software Bootloader` mode is available.**
Background
----------