1 /*
2  * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  */
6 
7 #include <strings.h>
8 #include "esp_flash_encrypt.h"
9 #include "esp_secure_boot.h"
10 #include "esp_efuse.h"
11 #include "esp_efuse_table.h"
12 #include "esp_log.h"
13 #include "sdkconfig.h"
14 
15 static __attribute__((unused)) const char *TAG = "secure_boot";
16 
esp_secure_boot_enable_secure_features(void)17 esp_err_t esp_secure_boot_enable_secure_features(void)
18 {
19 #ifdef CONFIG_SECURE_BOOT_V1_ENABLED
20     ESP_LOGI(TAG, "Read & write protecting new key...");
21     esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_BLK2);
22     esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_BLK2);
23 
24 
25     esp_efuse_write_field_bit(ESP_EFUSE_ABS_DONE_0);
26 
27 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
28     ESP_LOGI(TAG, "Disable JTAG...");
29     esp_efuse_write_field_bit(ESP_EFUSE_DISABLE_JTAG);
30 #else
31     ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
32 #endif
33 
34 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
35     ESP_LOGI(TAG, "Disable ROM BASIC interpreter fallback...");
36     esp_efuse_write_field_bit(ESP_EFUSE_CONSOLE_DEBUG_DISABLE);
37 #else
38     ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
39 #endif
40 #endif // CONFIG_SECURE_BOOT_V1_ENABLED
41 
42 
43 
44 #ifdef CONFIG_SECURE_BOOT_V2_ENABLED
45     esp_err_t err;
46     err = esp_efuse_write_field_bit(ESP_EFUSE_ABS_DONE_1);
47     if (err != ESP_OK) {
48         ESP_LOGE(TAG, "Blowing secure boot efuse...failed.");
49         return err;
50     }
51 
52 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
53     ESP_LOGI(TAG, "Disable JTAG...");
54     err = esp_efuse_write_field_bit(ESP_EFUSE_DISABLE_JTAG);
55     if (err != ESP_OK) {
56         ESP_LOGE(TAG, "Disable JTAG...failed.");
57         return err;
58     }
59 #else
60     ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
61 #endif
62 
63 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
64     ESP_LOGI(TAG, "Disable ROM BASIC interpreter fallback...");
65     err = esp_efuse_write_field_bit(ESP_EFUSE_CONSOLE_DEBUG_DISABLE);
66     if (err != ESP_OK) {
67         ESP_LOGE(TAG, "Disable ROM BASIC interpreter fallback...failed.");
68         return err;
69     }
70 #else
71     ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
72 #endif
73 
74 #ifdef CONFIG_SECURE_DISABLE_ROM_DL_MODE
75     ESP_LOGI(TAG, "Disable ROM Download mode...");
76     err = esp_efuse_disable_rom_download_mode();
77     if (err != ESP_OK) {
78         ESP_LOGE(TAG, "Could not disable ROM Download mode...");
79         return err;
80     }
81 #else
82     ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
83 #endif
84 
85 #ifndef CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS
86     bool rd_dis_now = true;
87 #ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
88     /* If flash encryption is not enabled yet then don't read-disable efuses yet, do it later in the boot
89        when Flash Encryption is being enabled */
90     rd_dis_now = esp_flash_encryption_enabled();
91 #endif
92     if (rd_dis_now) {
93         ESP_LOGI(TAG, "Prevent read disabling of additional efuses...");
94         err = esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_EFUSE_RD_DISABLE);
95         if (err != ESP_OK) {
96             ESP_LOGE(TAG, "Prevent read disabling of additional efuses...failed.");
97             return err;
98         }
99     }
100 #else
101     ESP_LOGW(TAG, "Allowing read disabling of additional efuses - SECURITY COMPROMISED");
102 #endif
103 #endif // CONFIG_SECURE_BOOT_V2_ENABLED
104 
105 
106     return ESP_OK;
107 }
108