Accueil Explorer Aide
Connexion
RT-Thread-packages
/
esp-idf
miroir de https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

Update to compatible crc & SBv2 enable check api's

Supreet Deshpande il y a 5 ans
Parent
d72350c0ce
commit
7d57165922
3 fichiers modifiés avec 5 ajouts et 16 suppressions
Vue séparée Afficher les stats Diff
  1. 1 12
      components/bootloader_support/src/esp32/secure_boot.c
  2. 3 3
      components/bootloader_support/src/esp32s2/secure_boot.c
  3. 1 1
      components/esptool_py/esptool

+ 1 - 12
components/bootloader_support/src/esp32/secure_boot.c
Voir le fichier 

@@ -319,7 +319,7 @@ esp_err_t esp_secure_boot_v2_permanently_enable(const esp_image_metadata_t *imag
 
     uint32_t dis_reg = REG_READ(EFUSE_BLK0_RDATA0_REG);
 
     bool efuse_key_read_protected = dis_reg & EFUSE_RD_DIS_BLK2;
 
     bool efuse_key_write_protected = dis_reg & EFUSE_WR_DIS_BLK2;
 
-    if (efuse_key_write_protected == false 
+    if (efuse_key_write_protected == false
 
         && efuse_key_read_protected == false
 
         && REG_READ(EFUSE_BLK2_RDATA0_REG) == 0
 
         && REG_READ(EFUSE_BLK2_RDATA1_REG) == 0
 
@@ -392,17 +392,6 @@ esp_err_t esp_secure_boot_v2_permanently_enable(const esp_image_metadata_t *imag
 
     ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
 
 #endif
 
 
-#ifdef CONFIG_SECURE_DISABLE_ROM_DL_MODE
 
-    ESP_LOGI(TAG, "Disable ROM Download mode...");
 
-    esp_err_t err = esp_efuse_disable_rom_download_mode();
 
-    if (err != ESP_OK) {
 
-        ESP_LOGE(TAG, "Could not disable ROM Download mode...");
 
-        return ESP_FAIL;
 
-    }
 
-#else
 
-    ESP_LOGW(TAG, "Not disabling ROM Download mode - SECURITY COMPROMISED");
 
-#endif
 
-
 
 #ifndef CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS
 
     bool rd_dis_now = true;
 
 #ifdef CONFIG_SECURE_FLASH_ENC_ENABLED

+ 3 - 3
components/bootloader_support/src/esp32s2/secure_boot.c
Voir le fichier 

@@ -21,7 +21,7 @@
 
 #include "bootloader_sha.h"
 
 #include "bootloader_utility.h"
 
 
-#include "esp_rom_crc.h"
 
+#include "esp32s2/rom/crc.h"
 
 #include "esp_efuse.h"
 
 #include "esp_efuse_table.h"
 
 
@@ -40,7 +40,7 @@ static const char *TAG = "secure_boot_v2";
 
 /* A signature block is valid when it has correct magic byte, crc and image digest. */
 
 static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *block, int block_num, const uint8_t *image_digest)
 
 {
 
-    uint32_t crc = esp_rom_crc32_le(0, (uint8_t *)block, CRC_SIGN_BLOCK_LEN);
 
+    uint32_t crc = crc32_le(0, (uint8_t *)block, CRC_SIGN_BLOCK_LEN);
 
     if (block->magic_byte != SIG_BLOCK_MAGIC_BYTE) {
 
         // All signature blocks have been parsed, no new signature block present.
 
         ESP_LOGD(TAG, "Signature block(%d) invalid/absent.", block_num);
 
@@ -318,7 +318,7 @@ esp_err_t esp_secure_boot_v2_permanently_enable(const esp_image_metadata_t *imag
 
     assert(ets_efuse_secure_boot_aggressive_revoke_enabled());
 
 #endif
 
 
-    assert(esp_rom_efuse_is_secure_boot_enabled());
 
+    assert(ets_efuse_secure_boot_enabled());
 
     ESP_LOGI(TAG, "Secure boot permanently enabled");
 
 
     return ESP_OK;

+ 1 - 1
components/esptool_py/esptool
Voir le fichier 

@@ -1 +1 @@
 
-Subproject commit 5eada56341f3a74c3e09eef3b1266f1072145059
 
+Subproject commit 10225816df4c9c1b078e677e8a75a87778786ad1