Commit Graph

84 Commits

Author SHA1 Message Date
Mahavir Jain
d3b4acf7a0 fix(esp32h2): program use_hardware_k efuse bit for ECDSA key purpose
In ESP32-H2, the ECDSA peripheral by default uses the TRNG (hardware)
generated k value but it can be overridden to software supplied k.
This can happen through by overriding the `ECDSA_SOFTWARE_SET_K` bit
in the configuration register. Even though the HAL API is not exposed
for this but still it could be achieved by direct register
programming. And for this scenario, if sufficiently random k is not
supplied by the software then it could posses a security risk.

In this change, we are unconditionally programming the efuse
`ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K` bit during startup security
checks itself. Additionally, same is ensured in the `esp_efuse_write_key`
API as well. This always enforces the hardware k mode in the ECDSA
peripheral and ensures strongest possible security.
2023-11-17 07:13:53 +00:00
KonstantinKondrashov
b29f6d5a40 feat(efuse): Support eFuses and doc for ESP32P4 2023-09-12 17:58:17 +08:00
KonstantinKondrashov
3d695b9768 efuse: Prevent burning XTS_AES and ECDSA keys into BLOCK9 (BLOCK_KEY5)
eFuse module has a hardware bug.
It is related to ESP32-C3, C6, S3, H2 chips:
    - BLOCK9 (BLOCK_KEY5) can not be used by XTS_AES keys.
For H2 chips, the BLOCK9 (BLOCK_KEY5) can not be used by ECDSA keys.
S2 does not have such a hardware bug.
2023-04-04 18:45:48 +08:00
Zim Kalinowski
ee842a1386 Merge branch 'feature/fix_load_efuses_from_flash_when_real_fe_is_on' into 'master'
efuse(virtual mode): Fix load_efuses_from_flash when FE is on

Closes IDFGH-9580

See merge request espressif/esp-idf!22793
2023-03-28 17:32:11 +08:00
Sachin Parekh
d2940c5ff3 mbedtls: Add port layer for ECDSA peripheral 2023-03-24 10:43:40 +05:30
KonstantinKondrashov
88ef0d8aeb efuse: Fix load_efuses_from_flash when FE is on
esp_efuse_utility_load_efuses_from_flash() read emul_efuse
as an encrypted partition, but that is not correct,
this partition was never encrypted.
Need to read it as not encrypted partition.

Fxed the case: If FE is already on then EFUSE VIRT mode can work with it.

Closes https://github.com/espressif/esp-idf/issues/10929
2023-03-23 16:20:43 +08:00
Gustavo Henrique Nihei
3672144c9f efuse: Remove dependency on bootloader component headers
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2023-03-16 01:50:21 +08:00
Zim Kalinowski
0c090b7308 efuse: reenable and fix no-format warnings 2023-03-06 19:08:00 +01:00
Chip Weinberger
c7a12dd34b efuse: Add more logging for virtual efuses
Closes https://github.com/espressif/esp-idf/pull/10536
2023-02-16 00:10:08 +08:00
KonstantinKondrashov
1f9260d790 all: Apply new version logic (major * 100 + minor) 2022-11-03 08:36:23 +00:00
wuzhenghui
21663bd0b9 esp32c6: add efuse support 2022-09-26 20:32:13 +08:00
Jakob Hasse
33a3616635 refactor (bootloader_support, efuse)!: remove target-specific rom includes
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/

* Removed bootloader_reset_reason.h and
  bootloader_common_get_reset_reason() completely.
  Alternative in ROM component is available.

* made esp_efuse.h independent of target-specific rom header
2022-07-13 10:29:02 +08:00
KonstantinKondrashov
5ec9baff36 efuse: Checks errors of 4x coding scheme for BLOCK0 if so then abort 2022-06-09 17:49:03 +08:00
KonstantinKondrashov
505e18237a bootloader: Support Flash Encryption for ESP32-C2 2022-05-31 11:12:21 +00:00
Konstantin Kondrashov
df30b362a8 efuse: Validates data after burning and re-burnes it if necessary 2022-04-27 01:10:41 +08:00
KonstantinKondrashov
9605f3eb1a soc: Adds efuse hal
Replaced eFuse ROM funcs with hal layer
2022-02-24 22:20:09 +08:00
KonstantinKondrashov
ebdc52d4e2 efuse(esp32c2): Support eFuse key APIs 2022-02-01 17:30:31 +08:00
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
Cao Sen Miao
d397464fc4 spi_flash: refactor spi_flash.h to esp_rom_spiflash.h but keep the content in spi_flash.h 2021-12-30 14:12:31 +08:00
Cao Sen Miao
b0decda1e3 bootloader: move bootloader flash support to isolate folders 2021-12-30 14:05:12 +08:00
Mahavir Jain
9cecde6fb4 bootloader: add anti-FI checks around secure version in anti-rollback scheme 2021-11-24 11:37:27 +08:00
Gustavo Henrique Nihei
626d78c2e0 efuse: Add missing esp_rom_sys.h include file
This prevents the compiler error for the implicit declaration of
function "esp_rom_printf".

Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-11-12 17:35:59 -03:00
Cao Sen Miao
3934e24d22 ESP8684: add spi_flash, efuse, hw_support support 2021-11-06 17:33:44 +08:00
Wu Zheng Hui
1080e4f6a2 rename APB_CTRL ro SYS_CON
save
2021-09-16 20:57:57 +08:00
Angus Gratton
fcd193b024 docs: Use soc_caps instead of chip names for flash encryption docs
Clears the way for ESP32-S3 and future chips.
2021-07-14 16:57:31 +10:00
Konstantin Kondrashov
4c0cf40a39 efuse: Burn operation does not block reading 2021-06-18 11:52:47 +08:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Jan Brudný
1bac0d1e42 efuse: update copyright notice 2021-05-31 06:43:23 +02:00
Armando
c05fde2cbf efuse: revert ESP_LOG to ESP_EARLY_LOG in src/esp_efuse_utility.c
Closes https://github.com/espressif/esp-idf/issues/6660
2021-03-24 11:28:45 +00:00
Angus Gratton
d6f4d99d93 core system: Fix warnings in compilation when assertions are disabled
Adds a CI config for hello world that sets this, to catch future regressions
2021-03-03 10:26:57 +11:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
3ed226c362 efuse(esp32c3): Adds getting chip_revision and chip_pkg 2021-01-25 19:37:40 +08:00
Armando
f5f0461264 tmpsensor: add temp_sensor.h for c3 2021-01-25 04:51:40 +00:00
Michael (XIAO Xufeng)
d7d1dee208 system: reset dma when soft reset 2021-01-25 04:51:40 +00:00
Mahavir Jain
2cdc1fcdbf efuse: change prints to ESP_EARLY_LOG for function called from startup code 2021-01-22 18:00:03 +05:30
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00
Michael (XIAO Xufeng)
707b1bd9b1 efuse: revert EARLY_LOGD to LOGD
introduced in 5cc329b9d0
2020-12-30 12:37:44 +08:00
jiangguangming
867255bbab efuse: Add support ESP32-C3
Updated:
- CSV eFuse table
- Kconfig
- efuse_table_gen.py
- UTs
- espefuse.py

efuse/c3: Fix the burn order of BLOCKs (MAX->0)

efuse/c3: Support efuse API with keys, protection, purpose bits

tool/ci: Adds test_efuse_table_on_host for esp32s3 and esp32c3
2020-12-23 18:39:18 +08:00
Konstantin Kondrashov
4a487af43a efuse: Add new APIs for keys, purposes, wr/rd protection
- the batch mode can be called recursively
2020-12-04 10:42:57 +08:00
Wu Bo Wen
5cc329b9d0 driver/adc: support for esp32s2 adc calibration scheme V2
notice that the o_code is now pulled from efuse instead of automatically calibrated. This may influence other parts of the system.

Closes https://github.com/espressif/esp-idf/issues/5455
2020-12-03 20:08:59 +08:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
KonstantinKondrashov
f2c9c1e4ab efuse: Fix the order of writing in batch mode for esp32s2 and s3 2020-11-06 07:25:35 +00:00
KonstantinKondrashov
66b9b589cb efuse: Adds support for esp32-s2 chip 2020-10-14 16:26:51 +08:00
morris
61f89b97c6 bringup esp32-s3 on FPGA 2020-09-22 15:15:03 +08:00
Michael (XIAO Xufeng)
3b2e8648eb bootloader: create public bootloader_flash.h header
Move non-public functions into bootloader_flash_priv.h header
2020-09-19 10:52:02 +08:00
KonstantinKondrashov
2373f115fc efuse/esp32: Expands PKG_VER from 3 bit to 4 bits
Closes: IDF-1919
2020-09-17 07:44:37 +00:00
morris
458b14a8ea esp_rom: extract common efuse apis into esp_rom_efuse.h 2020-07-15 10:40:50 +08:00
Renz Christian Bagaporo
362d7b8f71 efuse: spelling fix 2020-06-19 18:40:10 +10:00
Angus Gratton
a5683f2263 Merge branch 'bugfix/efuse_logs' into 'master'
esp32/esp32s2: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization in startup code

Closes IDFGH-3367

See merge request espressif/esp-idf!8904
2020-06-16 13:47:02 +08:00
KonstantinKondrashov
5cfdf1aa70 efuse: Add some fields in efuse_table and update esp_efuse_get_pkg_ver()
Closes: IDF-1077
2020-06-08 22:35:08 +08:00