mirror
/
esp-idf
kopia lustrzana https://github.com/espressif/esp-idf
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

bootloader: Adds a check that app is run under FE

pull/6718/head
KonstantinKondrashov 2021-02-11 21:19:29 +08:00
rodzic 31e565c3d5
commit 11a2f2acd3
2 zmienionych plików z 19 dodań i 7 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

11
components/bootloader/Kconfig.projbuild
Wyświetl plik

@ -794,5 +794,16 @@ menu "Security features"
It is also possible to enable secure download mode at runtime by calling
esp_efuse_enable_rom_secure_download_mode()
config SECURE_FLASH_CHECK_ENC_EN_IN_APP
bool "Check Flash Encryption enabled on app startup"
depends on SECURE_FLASH_ENC_ENABLED
default y
help
If set (default), in an app during startup code,
there is a check of the flash encryption eFuse bit is on
(as the bootloader should already have set it).
The app requires this bit is on to continue work otherwise abort.
If not set, the app does not care if the flash encryption eFuse bit is set or not.
endmenu # Security features

15
components/bootloader_support/src/flash_encrypt.c
Wyświetl plik

@ -23,13 +23,7 @@
#if CONFIG_IDF_TARGET_ESP32
#define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32S2
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32S3
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#elif CONFIG_IDF_TARGET_ESP32C3
#else
#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
#endif
@ -41,6 +35,13 @@ void esp_flash_encryption_init_checks()
{
esp_flash_enc_mode_t mode;
#ifdef CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP
if (!esp_flash_encryption_enabled()) {
ESP_LOGE(TAG, "Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on");
abort();
}
#endif
// First check is: if Release mode flash encryption & secure boot are enabled then
// FLASH_CRYPT_CNT *must* be write protected. This will have happened automatically
// if bootloader is IDF V4.0 or newer but may not have happened for previous ESP-IDF bootloaders.