Merge branch 'bugfix/disable_coding_scheme_security_features_v3.1' into 'release/v3.1'
bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme (v3.1) See merge request idf/esp-idf!3421
This commit is contained in:
commit
7930cfdba9
|
@ -62,6 +62,11 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
|
|||
|
||||
static esp_err_t initialise_flash_encryption(void)
|
||||
{
|
||||
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||
ESP_LOGE(TAG, "Flash Encryption is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
/* Before first flash encryption pass, need to initialise key & crypto config */
|
||||
|
||||
/* Generate key */
|
||||
|
|
|
@ -110,6 +110,11 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
|
|||
return ESP_OK;
|
||||
}
|
||||
|
||||
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||
ESP_LOGE(TAG, "Secure Boot is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
/* Verify the bootloader */
|
||||
esp_image_metadata_t bootloader_data = { 0 };
|
||||
err = esp_image_verify_bootloader_data(&bootloader_data);
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit fd8c25d2160505fb9d5abbe56f85116a136afb05
|
||||
Subproject commit 59b8dd8bfe3927dc11ffc06603fa082cb0f523bb
|
Loading…
Reference in a new issue