alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

bootloader_support(esp32c2): Fix esp_secure_boot_cfg_verify_release_mode API

Browse Source 
When FE and SB keys are set then:
- 128 low bits are read protected
- 128 hi bits are readable
This commit is contained in:
KonstantinKondrashov 2023-01-24 18:16:19 +08:00
parent 086766d83b
commit 73d756d073
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/bootloader_support/src/secure_boot.c
View File

@ -363,7 +363,11 @@ bool esp_secure_boot_cfg_verify_release_mode(void)
}
#endif
++num_keys;
#if SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
secure = !esp_efuse_read_field_bit(ESP_EFUSE_RD_DIS_KEY0_HI);
#else
secure = !esp_efuse_get_key_dis_read(block);
#endif // !SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
result &= secure;
if (!secure) {
ESP_LOGE(TAG, "Secure boot key in BLOCK%d must NOT be read-protected (can not be used)", block);