Merge branch 'bugfix/security_check_order_in_startup_v5.0' into 'release/v5.0'

fix(startup): flip the security configuration check order (v5.0)

See merge request espressif/esp-idf!26362
This commit is contained in:
Aditya Patwardhan 2023-10-10 17:10:28 +08:00
commit bcd5292435

View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2015-2023 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -353,6 +353,15 @@ static void do_core_init(void)
#endif
#endif
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
esp_flash_encryption_init_checks();
#endif
#if defined(CONFIG_SECURE_BOOT) || defined(CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT)
// Note: in some configs this may read flash, so placed after flash init
esp_secure_boot_init_checks();
#endif
#if CONFIG_SECURE_DISABLE_ROM_DL_MODE
err = esp_efuse_disable_rom_download_mode();
assert(err == ESP_OK && "Failed to disable ROM download mode");
@ -367,15 +376,6 @@ static void do_core_init(void)
esp_efuse_disable_basic_rom_console();
#endif
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
esp_flash_encryption_init_checks();
#endif
#if defined(CONFIG_SECURE_BOOT) || defined(CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT)
// Note: in some configs this may read flash, so placed after flash init
esp_secure_boot_init_checks();
#endif
#ifdef ROM_LOG_MODE
esp_efuse_set_rom_log_scheme(ROM_LOG_MODE);
#endif