mirror of
https://github.com/espressif/esp-idf.git
synced 2024-09-20 00:36:01 -04:00
Merge branch 'bugfix/disable_coding_scheme_security_features' into 'master'
bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme See merge request idf/esp-idf!3369
This commit is contained in:
commit
98b42a8b71
@ -54,6 +54,7 @@ SECTIONS
|
||||
*libbootloader_support.a:secure_boot_signatures.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libsoc.a:rtc_wdt.*(.literal .text .literal.* .text.*)
|
||||
*(.fini.literal)
|
||||
*(.fini)
|
||||
*(.gnu.version)
|
||||
|
@ -63,6 +63,11 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
|
||||
|
||||
static esp_err_t initialise_flash_encryption(void)
|
||||
{
|
||||
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||
ESP_LOGE(TAG, "Flash Encryption is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
/* Before first flash encryption pass, need to initialise key & crypto config */
|
||||
|
||||
/* Generate key */
|
||||
|
@ -111,6 +111,11 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||
ESP_LOGE(TAG, "Secure Boot is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
err = esp_image_verify_bootloader(&image_len);
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "bootloader image appears invalid! error %d", err);
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit fd8c25d2160505fb9d5abbe56f85116a136afb05
|
||||
Subproject commit 59b8dd8bfe3927dc11ffc06603fa082cb0f523bb
|
Loading…
Reference in New Issue
Block a user