esp-idf/components/bootloader_support
Anurag Kar ba2ff1876f Enable secure boot only after encrypting flash
This prevents a device from being bricked in case when both secure boot & flash encryption are enabled and encryption gets interrupted during first boot. After interruption, all partitions on the device need to be reflashed (including the bootloader).

List of changes:
* Secure boot key generation and bootloader digest generation logic, implemented inside function esp_secure_boot_permanently_enable(), has been pulled out into new API esp_secure_boot_generate_digest(). The enabling of R/W protection of secure boot key on EFUSE still happens inside esp_secure_boot_permanently_enable()
* Now esp_secure_boot_permanently_enable() is called only after flash encryption process completes
* esp_secure_boot_generate_digest() is called before flash encryption process starts
2019-05-06 11:34:12 +05:30
..
include Enable secure boot only after encrypting flash 2019-05-06 11:34:12 +05:30
include_bootloader bootloader: account for load address when mapping cache pages 2019-01-19 14:44:55 +08:00
src Enable secure boot only after encrypting flash 2019-05-06 11:34:12 +05:30
test bootloader: Add support efuse component 2019-02-28 07:31:29 +00:00
CMakeLists.txt bootloader: Add support efuse component 2019-02-28 07:31:29 +00:00
component.mk bootloader_support: exclude bootloader_init.c when building app 2018-10-02 01:20:04 +00:00
Makefile.projbuild Secure boot: Correctly re-sign if signing key changes, better error if missing 2016-12-01 23:49:12 -08:00
README.rst Refactor existing bootloader common functionality into bootloader_support component 2016-11-02 17:58:41 +11:00

Bootloader Support Component
============================

Overview
--------

"Bootloader support" contains APIs which are used by the bootloader but are also needed for the main app.

Code in this component needs to be aware of being executed in a bootloader environment (no RTOS available, BOOTLOADER_BUILD macro set) or in an esp-idf app environment (RTOS running, need locking support.)