remove secure boot test mode

2024-10-05 20:47:46 -04:00 · 2019-05-23 14:13:08 +05:30 · 2019-05-23 14:13:08 +05:30 · 865b24144e
commit 865b24144e
parent c879aff6f5
3 changed files with 3 additions and 23 deletions
--- a/components/bootloader/Kconfig.projbuild
+++ b/components/bootloader/Kconfig.projbuild
@ -505,16 +505,5 @@ menu "Security features"

                Only set this option in testing environments.

-        config SECURE_BOOT_TEST_MODE
-            bool "Secure boot test mode: don't permanently set any eFuses"
-            depends on SECURE_BOOT_INSECURE
-            default N
-            help
-                If this option is set, all permanent secure boot changes (via eFuse) are disabled.
-
-                Log output will state changes which would be applied, but they will not be.
-
-                This option is for testing purposes only - it completely disables secure boot protection.
-
    endmenu  # Potentially Insecure
 endmenu  # Security features
--- a/components/bootloader_support/src/bootloader_utility.c
+++ b/components/bootloader_support/src/bootloader_utility.c
@ -560,9 +560,10 @@ static void load_image(const esp_image_metadata_t* image_data)
    err = esp_secure_boot_permanently_enable();
    if (err != ESP_OK) {
        ESP_LOGE(TAG, "FAILED TO ENABLE SECURE BOOT (%d).", err);
-        /* Allow booting to continue, as the failure is probably
-           due to user-configured EFUSEs for testing...
+        /* Panic here as secure boot is not properly enabled
+           due to one of the reasons in above function
        */
+        abort();
    }
 #endif

--- a/components/bootloader_support/src/esp32/secure_boot.c
+++ b/components/bootloader_support/src/esp32/secure_boot.c
@ -99,11 +99,7 @@ static bool secure_boot_generate(uint32_t image_len){
 /* Burn values written to the efuse write registers */
 static inline void burn_efuses()
 {
-#ifdef CONFIG_SECURE_BOOT_TEST_MODE
-    ESP_LOGE(TAG, "SECURE BOOT TEST MODE. Not really burning any efuses! NOT SECURE");
-#else
    esp_efuse_burn_new_values();
-#endif
 }

 esp_err_t esp_secure_boot_generate_digest(void)
@ -185,7 +181,6 @@ esp_err_t esp_secure_boot_permanently_enable(void)
        efuse_key_write_protected = true;
    }

-#ifndef CONFIG_SECURE_BOOT_TEST_MODE
    if (!efuse_key_read_protected) {
        ESP_LOGE(TAG, "Pre-loaded key is not read protected. Refusing to blow secure boot efuse.");
        return ESP_ERR_INVALID_STATE;
@ -194,7 +189,6 @@ esp_err_t esp_secure_boot_permanently_enable(void)
        ESP_LOGE(TAG, "Pre-loaded key is not write protected. Refusing to blow secure boot efuse.");
        return ESP_ERR_INVALID_STATE;
    }
-#endif

    ESP_LOGI(TAG, "blowing secure boot efuse...");
    ESP_LOGD(TAG, "before updating, EFUSE_BLK0_RDATA6 %x", REG_READ(EFUSE_BLK0_RDATA6_REG));
@ -223,11 +217,7 @@ esp_err_t esp_secure_boot_permanently_enable(void)
        ESP_LOGI(TAG, "secure boot is now enabled for bootloader image");
        return ESP_OK;
    } else {
-#ifdef CONFIG_SECURE_BOOT_TEST_MODE
-        ESP_LOGE(TAG, "secure boot not enabled due to test mode");
-#else
        ESP_LOGE(TAG, "secure boot not enabled for bootloader image, EFUSE_RD_ABS_DONE_0 is probably write protected!");
-#endif
        return ESP_ERR_INVALID_STATE;
    }
 }