efuse: Fix load_efuses_from_flash when FE is on

esp_efuse_utility_load_efuses_from_flash() read emul_efuse as an encrypted partition, but that is not correct, this partition was never encrypted. Need to read it as not encrypted partition. Fxed the case: If FE is already on then EFUSE VIRT mode can work with it. Closes https://github.com/espressif/esp-idf/issues/10929
2023-03-16 16:47:53 +08:00 · 2023-03-16 16:47:53 +08:00 · 76291d0095
commit 76291d0095
--- a/components/bootloader_support/bootloader_flash/src/bootloader_flash.c
+++ b/components/bootloader_support/bootloader_flash/src/bootloader_flash.c
@ -10,6 +10,7 @@
 #include <esp_flash_encrypt.h>
 #include "sdkconfig.h"
 #include "soc/soc_caps.h"
+#include "hal/efuse_hal.h"

 #if CONFIG_IDF_TARGET_ESP32
 #   include "soc/spi_struct.h"
@ -29,7 +30,7 @@
 #include "esp_rom_spiflash.h"

 #ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
-#define ENCRYPTION_IS_VIRTUAL 1
+#define ENCRYPTION_IS_VIRTUAL (!efuse_hal_flash_encryption_enabled())
 #else
 #define ENCRYPTION_IS_VIRTUAL 0
 #endif
--- a/components/bootloader_support/src/flash_encrypt.c
+++ b/components/bootloader_support/src/flash_encrypt.c
@ -11,6 +11,7 @@
 #include "esp_efuse_table.h"
 #include "esp_flash_encrypt.h"
 #include "esp_secure_boot.h"
+#include "hal/efuse_hal.h"

 #if CONFIG_IDF_TARGET_ESP32
 #define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
@ -81,15 +82,14 @@ void esp_flash_encryption_init_checks()
 */
 bool IRAM_ATTR esp_flash_encryption_enabled(void)
 {
-    uint32_t flash_crypt_cnt = 0;
 #ifndef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
-    flash_crypt_cnt = efuse_ll_get_flash_crypt_cnt();
+    return efuse_hal_flash_encryption_enabled();
 #else
+    uint32_t flash_crypt_cnt = 0;
 #if CONFIG_IDF_TARGET_ESP32
    esp_efuse_read_field_blob(ESP_EFUSE_FLASH_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_FLASH_CRYPT_CNT[0]->bit_count);
 #else
    esp_efuse_read_field_blob(ESP_EFUSE_SPI_BOOT_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_SPI_BOOT_CRYPT_CNT[0]->bit_count);
-#endif
 #endif
    /* __builtin_parity is in flash, so we calculate parity inline */
    bool enabled = false;
@ -100,6 +100,7 @@ bool IRAM_ATTR esp_flash_encryption_enabled(void)
        flash_crypt_cnt >>= 1;
    }
    return enabled;
+#endif // CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
 }

 void esp_flash_write_protect_crypt_cnt(void)
--- a/components/efuse/src/esp_efuse_utility.c
+++ b/components/efuse/src/esp_efuse_utility.c
@ -439,7 +439,7 @@ bool esp_efuse_utility_load_efuses_from_flash(void)
    }
    uint32_t efuses_in_flash[sizeof(virt_blocks)];

-    esp_err_t err = bootloader_flash_read(esp_efuse_flash_offset, &efuses_in_flash, sizeof(efuses_in_flash), true);
+    esp_err_t err = bootloader_flash_read(esp_efuse_flash_offset, &efuses_in_flash, sizeof(efuses_in_flash), false);
    if (err != ESP_OK) {
        ESP_EARLY_LOGE(TAG, "Can not read eFuse partition from flash (err=0x%x)", err);
        abort();
--- a/components/hal/efuse_hal.c
+++ b/components/hal/efuse_hal.c
@ -23,3 +23,16 @@ IRAM_ATTR uint32_t efuse_hal_chip_revision(void)
 {
    return efuse_hal_get_major_chip_version() * 100 + efuse_hal_get_minor_chip_version();
 }
+
+IRAM_ATTR bool efuse_hal_flash_encryption_enabled(void)
+{
+    uint32_t flash_crypt_cnt = efuse_ll_get_flash_crypt_cnt();
+    bool enabled = false;
+    while (flash_crypt_cnt) {
+        if (flash_crypt_cnt & 1) {
+            enabled = !enabled;
+        }
+        flash_crypt_cnt >>= 1;
+    }
+    return enabled;
+}
--- a/components/hal/include/hal/efuse_hal.h
+++ b/components/hal/include/hal/efuse_hal.h
@ -26,6 +26,15 @@ void efuse_hal_get_mac(uint8_t *mac);
 */
 uint32_t efuse_hal_chip_revision(void);

+/**
+ * @brief Is flash encryption currently enabled in hardware?
+ *
+ * Flash encryption is enabled if the FLASH_CRYPT_CNT efuse has an odd number of bits set.
+ *
+ * @return true if flash encryption is enabled.
+ */
+bool efuse_hal_flash_encryption_enabled(void);
+
 /**
 * @brief Returns major chip version
 */
--- a/docs/en/api-reference/system/efuse.rst
+++ b/docs/en/api-reference/system/efuse.rst
@ -411,6 +411,11 @@ During startup, the eFuses are copied to RAM. All eFuse operations (read and wri
 In addition to the :ref:`CONFIG_EFUSE_VIRTUAL` option there is :ref:`CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH` option that adds a feature to keep eFuses in flash memory. To use this mode the partition_table should have the `efuse` partition. partition.csv: ``"efuse_em, data, efuse,   ,   0x2000,"``.
 During startup, the eFuses are copied from flash or, in case if flash is empty, from real eFuse to RAM and then update flash. This option allows keeping eFuses after reboots (possible to test secure_boot and flash_encryption features with this option).

+Flash Encryption Testing
+""""""""""""""""""""""""
+
+Flash Encryption (FE) is a hardware feature that requires the physical burning of eFuses: key and FLASH_CRYPT_CNT. If FE is not actually enabled then enabling the :ref:`CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH` option just gives testing possibilities and does not encrypt anything in the flash, even though the logs say encryption happens. The :cpp:func:`bootloader_flash_write` is adapted for this purpose. But if FE is already enabled on the chip and you run an application or bootloader created with the :ref:`CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH` option then the flash encryption/decryption operations will work properly (data are encrypted as it is written into an encrypted flash partition and decrypted when they are read from an encrypted partition).
+
 espefuse.py
 ^^^^^^^^^^^