1 /*
2  * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  */
6 
7 #include <sys/param.h>
8 #include "sdkconfig.h"
9 #include "esp_log.h"
10 #include "assert.h"
11 #include "esp_efuse_utility.h"
12 #include "soc/efuse_periph.h"
13 #include "hal/efuse_hal.h"
14 
15 static const char *TAG = "efuse";
16 
17 #ifdef CONFIG_EFUSE_VIRTUAL
18 extern uint32_t virt_blocks[EFUSE_BLK_MAX][COUNT_EFUSE_REG_PER_BLOCK];
19 #endif // CONFIG_EFUSE_VIRTUAL
20 
21 /*Range addresses to read blocks*/
22 const esp_efuse_range_addr_t range_read_addr_blocks[] = {
23     {EFUSE_RD_WR_DIS_REG,       EFUSE_RD_REPEAT_DATA4_REG},      // range address of EFUSE_BLK0  REPEAT
24     {EFUSE_RD_MAC_SYS_0_REG, EFUSE_RD_MAC_SYS_5_REG},      // range address of EFUSE_BLK1  MAC_8M
25     {EFUSE_RD_SYS_PART1_DATA0_REG,    EFUSE_RD_SYS_PART1_DATA7_REG},         // range address of EFUSE_BLK2  SYS_DATA
26     {EFUSE_RD_USR_DATA0_REG,    EFUSE_RD_USR_DATA7_REG},         // range address of EFUSE_BLK3  USR_DATA
27     {EFUSE_RD_KEY0_DATA0_REG,   EFUSE_RD_KEY0_DATA7_REG},        // range address of EFUSE_BLK4  KEY0
28     {EFUSE_RD_KEY1_DATA0_REG,   EFUSE_RD_KEY1_DATA7_REG},        // range address of EFUSE_BLK5  KEY1
29     {EFUSE_RD_KEY2_DATA0_REG,   EFUSE_RD_KEY2_DATA7_REG},        // range address of EFUSE_BLK6  KEY2
30     {EFUSE_RD_KEY3_DATA0_REG,   EFUSE_RD_KEY3_DATA7_REG},        // range address of EFUSE_BLK7  KEY3
31     {EFUSE_RD_KEY4_DATA0_REG,   EFUSE_RD_KEY4_DATA7_REG},        // range address of EFUSE_BLK8  KEY4
32     {EFUSE_RD_KEY5_DATA0_REG,   EFUSE_RD_KEY5_DATA7_REG},        // range address of EFUSE_BLK9  KEY5
33     {EFUSE_RD_SYS_PART2_DATA0_REG,   EFUSE_RD_SYS_PART2_DATA7_REG}         // range address of EFUSE_BLK10 KEY6
34 };
35 
36 static uint32_t write_mass_blocks[EFUSE_BLK_MAX][COUNT_EFUSE_REG_PER_BLOCK] = { 0 };
37 
38 /*Range addresses to write blocks (it is not real regs, it is buffer) */
39 const esp_efuse_range_addr_t range_write_addr_blocks[] = {
40     {(uint32_t) &write_mass_blocks[EFUSE_BLK0][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK0][5]},
41     {(uint32_t) &write_mass_blocks[EFUSE_BLK1][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK1][5]},
42     {(uint32_t) &write_mass_blocks[EFUSE_BLK2][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK2][7]},
43     {(uint32_t) &write_mass_blocks[EFUSE_BLK3][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK3][7]},
44     {(uint32_t) &write_mass_blocks[EFUSE_BLK4][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK4][7]},
45     {(uint32_t) &write_mass_blocks[EFUSE_BLK5][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK5][7]},
46     {(uint32_t) &write_mass_blocks[EFUSE_BLK6][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK6][7]},
47     {(uint32_t) &write_mass_blocks[EFUSE_BLK7][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK7][7]},
48     {(uint32_t) &write_mass_blocks[EFUSE_BLK8][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK8][7]},
49     {(uint32_t) &write_mass_blocks[EFUSE_BLK9][0],  (uint32_t) &write_mass_blocks[EFUSE_BLK9][7]},
50     {(uint32_t) &write_mass_blocks[EFUSE_BLK10][0], (uint32_t) &write_mass_blocks[EFUSE_BLK10][7]},
51 };
52 
53 #ifndef CONFIG_EFUSE_VIRTUAL
54 // Update Efuse timing configuration
esp_efuse_set_timing(void)55 static esp_err_t esp_efuse_set_timing(void)
56 {
57     // efuse clock is fixed.
58     // An argument (0) is for compatibility and will be ignored.
59     efuse_hal_set_timing(0);
60     return ESP_OK;
61 }
62 #endif // ifndef CONFIG_EFUSE_VIRTUAL
63 
64 // Efuse read operation: copies data from physical efuses to efuse read registers.
esp_efuse_utility_clear_program_registers(void)65 void esp_efuse_utility_clear_program_registers(void)
66 {
67     efuse_hal_read();
68     efuse_hal_clear_program_registers();
69 }
70 
esp_efuse_utility_check_errors(void)71 esp_err_t esp_efuse_utility_check_errors(void)
72 {
73     return ESP_OK;
74 }
75 
76 // Burn values written to the efuse write registers
esp_efuse_utility_burn_chip(void)77 esp_err_t esp_efuse_utility_burn_chip(void)
78 {
79     esp_err_t error = ESP_OK;
80 #ifdef CONFIG_EFUSE_VIRTUAL
81     ESP_LOGW(TAG, "Virtual efuses enabled: Not really burning eFuses");
82     for (int num_block = EFUSE_BLK_MAX - 1; num_block >= EFUSE_BLK0; num_block--) {
83         int subblock = 0;
84         for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
85             virt_blocks[num_block][subblock++] |= REG_READ(addr_wr_block);
86         }
87     }
88 #ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
89     esp_efuse_utility_write_efuses_to_flash();
90 #endif
91 #else // CONFIG_EFUSE_VIRTUAL
92     if (esp_efuse_set_timing() != ESP_OK) {
93         ESP_LOGE(TAG, "Efuse fields are not burnt");
94     } else {
95         // Permanently update values written to the efuse write registers
96         // It is necessary to process blocks in the order from MAX-> EFUSE_BLK0, because EFUSE_BLK0 has protection bits for other blocks.
97         for (int num_block = EFUSE_BLK_MAX - 1; num_block >= EFUSE_BLK0; num_block--) {
98             bool need_burn_block = false;
99             for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
100                 if (REG_READ(addr_wr_block) != 0) {
101                     need_burn_block = true;
102                     break;
103                 }
104             }
105             if (!need_burn_block) {
106                 continue;
107             }
108             if (error) {
109                 // It is done for a use case: BLOCK2 (Flash encryption key) could have an error (incorrect written data)
110                 // in this case we can not burn any data into BLOCK0 because it might set read/write protections of BLOCK2.
111                 ESP_LOGE(TAG, "BLOCK%d can not be burned because a previous block got an error, skipped.", num_block);
112                 continue;
113             }
114             efuse_hal_clear_program_registers();
115             if (esp_efuse_get_coding_scheme(num_block) == EFUSE_CODING_SCHEME_RS) {
116                 uint8_t block_rs[12];
117                 efuse_hal_rs_calculate((void *)range_write_addr_blocks[num_block].start, block_rs);
118 #pragma GCC diagnostic push
119 #pragma GCC diagnostic ignored "-Wstringop-overflow"
120 #pragma GCC diagnostic ignored "-Warray-bounds"
121                 memcpy((void *)EFUSE_PGM_CHECK_VALUE0_REG, block_rs, sizeof(block_rs));
122 #pragma GCC diagnostic pop
123             }
124             unsigned r_data_len = (range_read_addr_blocks[num_block].end - range_read_addr_blocks[num_block].start) + sizeof(uint32_t);
125             unsigned data_len = (range_write_addr_blocks[num_block].end - range_write_addr_blocks[num_block].start) + sizeof(uint32_t);
126             memcpy((void *)EFUSE_PGM_DATA0_REG, (void *)range_write_addr_blocks[num_block].start, data_len);
127 
128             uint32_t backup_write_data[8 + 3]; // 8 words are data and 3 words are RS coding data
129 #pragma GCC diagnostic push
130 #if     __GNUC__ >= 11
131 #pragma GCC diagnostic ignored "-Wstringop-overread"
132 #endif
133 #pragma GCC diagnostic ignored "-Warray-bounds"
134             memcpy(backup_write_data, (void *)EFUSE_PGM_DATA0_REG, sizeof(backup_write_data));
135 #pragma GCC diagnostic pop
136             int repeat_burn_op = 1;
137             bool correct_written_data;
138             bool coding_error_before = efuse_hal_is_coding_error_in_block(num_block);
139             if (coding_error_before) {
140                 ESP_LOGW(TAG, "BLOCK%d already has a coding error", num_block);
141             }
142             bool coding_error_occurred;
143 
144             do {
145                 ESP_LOGI(TAG, "BURN BLOCK%d", num_block);
146                 efuse_hal_program(num_block); // BURN a block
147 
148                 bool coding_error_after;
149                 for (unsigned i = 0; i < 5; i++) {
150                     efuse_hal_read();
151                     coding_error_after = efuse_hal_is_coding_error_in_block(num_block);
152                     if (coding_error_after == true) {
153                         break;
154                     }
155                 }
156                 coding_error_occurred = (coding_error_before != coding_error_after) && coding_error_before == false;
157                 if (coding_error_occurred) {
158                     ESP_LOGW(TAG, "BLOCK%d got a coding error", num_block);
159                 }
160 
161                 correct_written_data = esp_efuse_utility_is_correct_written_data(num_block, r_data_len);
162                 if (!correct_written_data || coding_error_occurred) {
163                     ESP_LOGW(TAG, "BLOCK%d: next retry to fix an error [%d/3]...", num_block, repeat_burn_op);
164 #pragma GCC diagnostic push
165 #pragma GCC diagnostic ignored "-Wstringop-overflow"
166 #pragma GCC diagnostic ignored "-Warray-bounds"
167                     memcpy((void *)EFUSE_PGM_DATA0_REG, (void *)backup_write_data, sizeof(backup_write_data));
168 #pragma GCC diagnostic pop
169                 }
170 
171             } while ((!correct_written_data || coding_error_occurred) && repeat_burn_op++ < 3);
172 
173             if (coding_error_occurred) {
174                 ESP_LOGW(TAG, "Coding error was not fixed");
175                 if (num_block == 0) {
176                     ESP_LOGE(TAG, "BLOCK0 got a coding error, which might be critical for security");
177                     error = ESP_FAIL;
178                 }
179             }
180             if (!correct_written_data) {
181                 ESP_LOGE(TAG, "Written data are incorrect");
182                 error = ESP_FAIL;
183             }
184         }
185     }
186 #endif // CONFIG_EFUSE_VIRTUAL
187     esp_efuse_utility_reset();
188     return error;
189 }
190 
191 // After esp_efuse_write.. functions EFUSE_BLKx_WDATAx_REG were filled is not coded values.
192 // This function reads EFUSE_BLKx_WDATAx_REG registers, and checks possible to write these data with RS coding scheme.
193 // The RS coding scheme does not require data changes for the encoded data. esp32s2 has special registers for this.
194 // They will be filled during the burn operation.
esp_efuse_utility_apply_new_coding_scheme()195 esp_err_t esp_efuse_utility_apply_new_coding_scheme()
196 {
197     // start with EFUSE_BLK1. EFUSE_BLK0 - always uses EFUSE_CODING_SCHEME_NONE.
198     for (int num_block = EFUSE_BLK1; num_block < EFUSE_BLK_MAX; num_block++) {
199         if (esp_efuse_get_coding_scheme(num_block) == EFUSE_CODING_SCHEME_RS) {
200             for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
201                 if (REG_READ(addr_wr_block)) {
202                     int num_reg = 0;
203                     for (uint32_t addr_rd_block = range_read_addr_blocks[num_block].start; addr_rd_block <= range_read_addr_blocks[num_block].end; addr_rd_block += 4, ++num_reg) {
204                         if (esp_efuse_utility_read_reg(num_block, num_reg)) {
205                             ESP_LOGE(TAG, "Bits are not empty. Write operation is forbidden.");
206                             return ESP_ERR_CODING;
207                         }
208                     }
209                     break;
210                 }
211             }
212         }
213     }
214     return ESP_OK;
215 }
216