1 /*
2 * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7 #include <strings.h>
8 #include "esp_flash_encrypt.h"
9 #include "esp_secure_boot.h"
10 #include "esp_efuse.h"
11 #include "esp_efuse_table.h"
12 #include "esp_log.h"
13 #include "sdkconfig.h"
14
15 static __attribute__((unused)) const char *TAG = "secure_boot";
16
esp_secure_boot_enable_secure_features(void)17 esp_err_t esp_secure_boot_enable_secure_features(void)
18 {
19 #ifdef CONFIG_SECURE_BOOT_V1_ENABLED
20 ESP_LOGI(TAG, "Read & write protecting new key...");
21 esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_BLK2);
22 esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_BLK2);
23
24
25 esp_efuse_write_field_bit(ESP_EFUSE_ABS_DONE_0);
26
27 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
28 ESP_LOGI(TAG, "Disable JTAG...");
29 esp_efuse_write_field_bit(ESP_EFUSE_DISABLE_JTAG);
30 #else
31 ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
32 #endif
33
34 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
35 ESP_LOGI(TAG, "Disable ROM BASIC interpreter fallback...");
36 esp_efuse_write_field_bit(ESP_EFUSE_CONSOLE_DEBUG_DISABLE);
37 #else
38 ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
39 #endif
40 #endif // CONFIG_SECURE_BOOT_V1_ENABLED
41
42
43
44 #ifdef CONFIG_SECURE_BOOT_V2_ENABLED
45 esp_err_t err;
46 err = esp_efuse_write_field_bit(ESP_EFUSE_ABS_DONE_1);
47 if (err != ESP_OK) {
48 ESP_LOGE(TAG, "Blowing secure boot efuse...failed.");
49 return err;
50 }
51
52 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
53 ESP_LOGI(TAG, "Disable JTAG...");
54 err = esp_efuse_write_field_bit(ESP_EFUSE_DISABLE_JTAG);
55 if (err != ESP_OK) {
56 ESP_LOGE(TAG, "Disable JTAG...failed.");
57 return err;
58 }
59 #else
60 ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
61 #endif
62
63 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
64 ESP_LOGI(TAG, "Disable ROM BASIC interpreter fallback...");
65 err = esp_efuse_write_field_bit(ESP_EFUSE_CONSOLE_DEBUG_DISABLE);
66 if (err != ESP_OK) {
67 ESP_LOGE(TAG, "Disable ROM BASIC interpreter fallback...failed.");
68 return err;
69 }
70 #else
71 ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
72 #endif
73
74 #ifdef CONFIG_SECURE_DISABLE_ROM_DL_MODE
75 ESP_LOGI(TAG, "Disable ROM Download mode...");
76 err = esp_efuse_disable_rom_download_mode();
77 if (err != ESP_OK) {
78 ESP_LOGE(TAG, "Could not disable ROM Download mode...");
79 return err;
80 }
81 #else
82 ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
83 #endif
84
85 #ifndef CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS
86 bool rd_dis_now = true;
87 #ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
88 /* If flash encryption is not enabled yet then don't read-disable efuses yet, do it later in the boot
89 when Flash Encryption is being enabled */
90 rd_dis_now = esp_flash_encryption_enabled();
91 #endif
92 if (rd_dis_now) {
93 ESP_LOGI(TAG, "Prevent read disabling of additional efuses...");
94 err = esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_EFUSE_RD_DISABLE);
95 if (err != ESP_OK) {
96 ESP_LOGE(TAG, "Prevent read disabling of additional efuses...failed.");
97 return err;
98 }
99 }
100 #else
101 ESP_LOGW(TAG, "Allowing read disabling of additional efuses - SECURITY COMPROMISED");
102 #endif
103 #endif // CONFIG_SECURE_BOOT_V2_ENABLED
104
105
106 return ESP_OK;
107 }
108