首頁 探索 說明
登入
RT-Thread-packages
/
esp-idf
镜像来自 https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
複刻 0
Files 問題管理 0 Wiki
目錄樹: 1ca82de638
分支列表 標籤列表
esp-idf
/
components
/
bootloader
/
src
/
main
/
flash_encrypt.c

flash_encrypt.c 6.1 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188 
  1. // Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. #include <string.h>
    16. 

  16. 

  17. #include "esp_types.h"
    18. 

  18. #include "esp_attr.h"
    19. 

  19. #include "esp_log.h"
    20. 

  20. #include "esp_err.h"
    21. 

  21. 

  22. #include "rom/cache.h"
    23. 

  23. #include "rom/ets_sys.h"
    24. 

  24. #include "rom/spi_flash.h"
    25. 

  25. 

  26. #include "soc/dport_reg.h"
    27. 

  27. #include "soc/io_mux_reg.h"
    28. 

  28. #include "soc/efuse_reg.h"
    29. 

  29. #include "soc/rtc_cntl_reg.h"
    30. 

  30. 

  31. #include "sdkconfig.h"
    32. 

  32. 

  33. #include "bootloader_config.h"
    34. 

  34. #include "esp_image_format.h"
    35. 

  35. 

  36. static const char* TAG = "flash_encrypt";
    37. 

  37. 

  38. /**
    39. 

  39.  *  @function :     bitcount
    40. 

  40.  *  @description:   calculate bit 1 in flash_crypt_cnt
    41. 

  41.  *                  if it's even number, need encrypt flash data, and burn efuse
    42. 

  42.  *
    43. 

  43.  *  @inputs:        n     flash_crypt_cnt               
    44. 

  44.  *  @return:        number of 1 in flash_crypt_cnt
    45. 

  45.  *                  
    46. 

  46.  */
    47. 

  47. int bitcount(int n){
    48. 

  48.    int count = 0;  
    49. 

  49.    while (n > 0) {   
    50. 

  50.        count += n & 1;  
    51. 

  51.        n >>= 1;  
    52. 

  52.    }   
    53. 

  53.    return count;
    54. 

  54. 

  55. }
    56. 

  56. /**
    57. 

  57.  *  @function :     flash_encrypt_write
    58. 

  58.  *  @description:   write encrypted data in flash
    59. 

  59.  *
    60. 

  60.  *  @inputs:        pos     address in flash
    61. 

  61.  *                  len    size of data need encrypt                
    62. 

  62.  *  @return:        return true, if the write flash success
    63. 

  63.  *                  
    64. 

  64.  */
    65. 

  65. bool flash_encrypt_write(uint32_t pos, uint32_t len)
    66. 

  66. {
    67. 

  67.    SpiFlashOpResult spiRet;    
    68. 

  68.    uint32_t buf[1024];
    69. 

  69.    int i = 0;
    70. 

  70.    Cache_Read_Disable(0);  
    71. 

  71.    for (i = 0;i<((len-1)/0x1000 + 1);i++) {
    72. 

  72.        spiRet = SPIRead(pos, buf, SPI_SEC_SIZE);     
    73. 

  73.        if (spiRet != SPI_FLASH_RESULT_OK) {   
    74. 

  74.            Cache_Read_Enable(0); 
    75. 

  75.            ESP_LOGE(TAG, SPI_ERROR_LOG);
    76. 

  76.            return false;    
    77. 

  77.        }    
    78. 

  78.        spiRet = SPIEraseSector(pos/SPI_SEC_SIZE);    
    79. 

  79.        if (spiRet != SPI_FLASH_RESULT_OK) { 
    80. 

  80.            Cache_Read_Enable(0);
    81. 

  81.            ESP_LOGE(TAG, SPI_ERROR_LOG);
    82. 

  82.            return false;      
    83. 

  83.        }
    84. 

  84.        spiRet = SPI_Encrypt_Write(pos, buf, SPI_SEC_SIZE);
    85. 

  85.        if (spiRet != SPI_FLASH_RESULT_OK) {    
    86. 

  86.            Cache_Read_Enable(0); 
    87. 

  87.            ESP_LOGE(TAG, SPI_ERROR_LOG);
    88. 

  88.            return false;       
    89. 

  89.        }   
    90. 

  90.        pos += SPI_SEC_SIZE;
    91. 

  91.    }
    92. 

  92.    Cache_Read_Enable(0); 
    93. 

  93.    return true;
    94. 

  94. }
    95. 

  95. 

  96. 

  97. /**
    98. 

  98.  *  @function :     flash_encrypt
    99. 

  99.  *  @description:   encrypt 2nd boot ,partition table ,factory bin ��test bin (if use)��ota bin
    100. 

  100.  *                  ��OTA info sector.
    101. 

  101.  *
    102. 

  102.  *  @inputs:        bs     bootloader state structure used to save the data
    103. 

  103.  *
    104. 

  104.  *  @return:        return true, if the encrypt flash success
    105. 

  105.  *
    106. 

  106.  */
    107. 

  107. bool flash_encrypt(bootloader_state_t *bs)
    108. 

  108. {
    109. 

  109.     esp_err_t err;
    110. 

  110.     uint32_t image_len = 0;
    111. 

  111.     uint32_t flash_crypt_cnt = REG_GET_FIELD(EFUSE_BLK0_RDATA0_REG, EFUSE_FLASH_CRYPT_CNT);
    112. 

  112.     uint8_t count = bitcount(flash_crypt_cnt);
    113. 

  113.     ESP_LOGD(TAG, "flash encrypt cnt %x, bitcount %d", flash_crypt_cnt, count);
    114. 

  114. 

  115.     if ((count % 2) == 0) {
    116. 

  116.         /* encrypt iv and abstract */
    117. 

  117.         if (false == flash_encrypt_write(0, SPI_SEC_SIZE)) {
    118. 

  118.             ESP_LOGE(TAG, "encrypt iv and abstract error");
    119. 

  119.             return false;
    120. 

  120.         }
    121. 

  121. 

  122.         /* encrypt bootloader image */
    123. 

  123.         err = esp_image_basic_verify(0x1000, &image_len);
    124. 

  124.         if(err == ESP_OK && image_len != 0) {
    125. 

  125.             if (false == flash_encrypt_write(0x1000, image_len)) {
    126. 

  126.                 ESP_LOGE(TAG, "encrypt 2nd boot error");
    127. 

  127.                 return false;
    128. 

  128.             }
    129. 

  129.         } else {
    130. 

  130.             ESP_LOGE(TAG, "2nd boot len error");
    131. 

  131.             return false;
    132. 

  132.         }
    133. 

  133. 

  134.         /* encrypt partition table */
    135. 

  135.         if (false ==  flash_encrypt_write(ESP_PARTITION_TABLE_ADDR, SPI_SEC_SIZE)) {
    136. 

  136.             ESP_LOGE(TAG, "encrypt partition table error");
    137. 

  137.             return false;
    138. 

  138.         }
    139. 

  139. 

  140.         /* encrypt write factory bin  */
    141. 

  141.         if(bs->factory.offset != 0 && bs->factory.size != 0) {
    142. 

  142.             ESP_LOGD(TAG, "have factory bin");
    143. 

  143.             if (false ==  flash_encrypt_write(bs->factory.offset, bs->factory.size)) {
    144. 

  144.                 ESP_LOGE(TAG, "encrypt factory bin error");
    145. 

  145.                 return false;
    146. 

  146.             }
    147. 

  147.         }
    148. 

  148. 

  149.         /* encrypt write test bin  */
    150. 

  150.         if(bs->test.offset != 0 && bs->test.size != 0) {
    151. 

  151.             ESP_LOGD(TAG, "have test bin");
    152. 

  152.             if (false ==  flash_encrypt_write(bs->test.offset, bs->test.size)) {
    153. 

  153.                 ESP_LOGE(TAG, "encrypt test bin error");
    154. 

  154.                 return false;
    155. 

  155.             }
    156. 

  156.         }
    157. 

  157. 

  158.         /* encrypt write ota bin  */
    159. 

  159.         for (int i = 0; i < 16; i++) {
    160. 

  160.             if(bs->ota[i].offset != 0 && bs->ota[i].size != 0) {
    161. 

  161.                 ESP_LOGD(TAG, "have ota[%d] bin",i);
    162. 

  162.                 if (false == flash_encrypt_write(bs->ota[i].offset, bs->ota[i].size)) {
    163. 

  163.                     ESP_LOGE(TAG, "encrypt ota bin error");
    164. 

  164.                     return false;
    165. 

  165.                 }
    166. 

  166.             }
    167. 

  167.         }
    168. 

  168. 

  169.         /* encrypt write ota info bin  */
    170. 

  170.         if (false == flash_encrypt_write(bs->ota_info.offset, 2*SPI_SEC_SIZE)) {
    171. 

  171.             ESP_LOGE(TAG, "encrypt ota info error");
    172. 

  172.             return false;
    173. 

  173.         }
    174. 

  174. 

  175.         REG_SET_FIELD(EFUSE_BLK0_WDATA0_REG, EFUSE_FLASH_CRYPT_CNT, 0x04);
    176. 

  176.         REG_WRITE(EFUSE_CONF_REG, 0x5A5A);  /* efuse_pgm_op_ena, force no rd/wr disable */
    177. 

  177.         REG_WRITE(EFUSE_CMD_REG,  0x02);    /* efuse_pgm_cmd */
    178. 

  178.         while (REG_READ(EFUSE_CMD_REG));    /* wait for efuse_pagm_cmd=0 */
    179. 

  179.         ESP_LOGW(TAG, "burn  flash_crypt_cnt");
    180. 

  180.         REG_WRITE(EFUSE_CONF_REG, 0x5AA5);  /* efuse_read_op_ena, release force */
    181. 

  181.         REG_WRITE(EFUSE_CMD_REG,  0x01);    /* efuse_read_cmd */
    182. 

  182.         while (REG_READ(EFUSE_CMD_REG));    /* wait for efuse_read_cmd=0 */
    183. 

  183.         return true;
    184. 

  184.     } else {
    185. 

  185.         ESP_LOGI(TAG, "flash already encrypted.");
    186. 

  186.         return true;
    187. 

  187.     }
    188. 

  188. }
    189.