Merge branch 'bugfix/remove_secure_boot_test_mode' into 'master'
remove secure boot test mode See merge request idf/esp-idf!5059
This commit is contained in:
commit
c9bf3a3b17
3 changed files with 3 additions and 23 deletions
|
@ -505,16 +505,5 @@ menu "Security features"
|
||||||
|
|
||||||
Only set this option in testing environments.
|
Only set this option in testing environments.
|
||||||
|
|
||||||
config SECURE_BOOT_TEST_MODE
|
|
||||||
bool "Secure boot test mode: don't permanently set any eFuses"
|
|
||||||
depends on SECURE_BOOT_INSECURE
|
|
||||||
default N
|
|
||||||
help
|
|
||||||
If this option is set, all permanent secure boot changes (via eFuse) are disabled.
|
|
||||||
|
|
||||||
Log output will state changes which would be applied, but they will not be.
|
|
||||||
|
|
||||||
This option is for testing purposes only - it completely disables secure boot protection.
|
|
||||||
|
|
||||||
endmenu # Potentially Insecure
|
endmenu # Potentially Insecure
|
||||||
endmenu # Security features
|
endmenu # Security features
|
||||||
|
|
|
@ -558,9 +558,10 @@ static void load_image(const esp_image_metadata_t* image_data)
|
||||||
err = esp_secure_boot_permanently_enable();
|
err = esp_secure_boot_permanently_enable();
|
||||||
if (err != ESP_OK) {
|
if (err != ESP_OK) {
|
||||||
ESP_LOGE(TAG, "FAILED TO ENABLE SECURE BOOT (%d).", err);
|
ESP_LOGE(TAG, "FAILED TO ENABLE SECURE BOOT (%d).", err);
|
||||||
/* Allow booting to continue, as the failure is probably
|
/* Panic here as secure boot is not properly enabled
|
||||||
due to user-configured EFUSEs for testing...
|
due to one of the reasons in above function
|
||||||
*/
|
*/
|
||||||
|
abort();
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
@ -97,11 +97,7 @@ static bool secure_boot_generate(uint32_t image_len){
|
||||||
/* Burn values written to the efuse write registers */
|
/* Burn values written to the efuse write registers */
|
||||||
static inline void burn_efuses()
|
static inline void burn_efuses()
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_SECURE_BOOT_TEST_MODE
|
|
||||||
ESP_LOGE(TAG, "SECURE BOOT TEST MODE. Not really burning any efuses! NOT SECURE");
|
|
||||||
#else
|
|
||||||
esp_efuse_burn_new_values();
|
esp_efuse_burn_new_values();
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
esp_err_t esp_secure_boot_generate_digest(void)
|
esp_err_t esp_secure_boot_generate_digest(void)
|
||||||
|
@ -183,7 +179,6 @@ esp_err_t esp_secure_boot_permanently_enable(void)
|
||||||
efuse_key_write_protected = true;
|
efuse_key_write_protected = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef CONFIG_SECURE_BOOT_TEST_MODE
|
|
||||||
if (!efuse_key_read_protected) {
|
if (!efuse_key_read_protected) {
|
||||||
ESP_LOGE(TAG, "Pre-loaded key is not read protected. Refusing to blow secure boot efuse.");
|
ESP_LOGE(TAG, "Pre-loaded key is not read protected. Refusing to blow secure boot efuse.");
|
||||||
return ESP_ERR_INVALID_STATE;
|
return ESP_ERR_INVALID_STATE;
|
||||||
|
@ -192,7 +187,6 @@ esp_err_t esp_secure_boot_permanently_enable(void)
|
||||||
ESP_LOGE(TAG, "Pre-loaded key is not write protected. Refusing to blow secure boot efuse.");
|
ESP_LOGE(TAG, "Pre-loaded key is not write protected. Refusing to blow secure boot efuse.");
|
||||||
return ESP_ERR_INVALID_STATE;
|
return ESP_ERR_INVALID_STATE;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
ESP_LOGI(TAG, "blowing secure boot efuse...");
|
ESP_LOGI(TAG, "blowing secure boot efuse...");
|
||||||
ESP_LOGD(TAG, "before updating, EFUSE_BLK0_RDATA6 %x", REG_READ(EFUSE_BLK0_RDATA6_REG));
|
ESP_LOGD(TAG, "before updating, EFUSE_BLK0_RDATA6 %x", REG_READ(EFUSE_BLK0_RDATA6_REG));
|
||||||
|
@ -221,11 +215,7 @@ esp_err_t esp_secure_boot_permanently_enable(void)
|
||||||
ESP_LOGI(TAG, "secure boot is now enabled for bootloader image");
|
ESP_LOGI(TAG, "secure boot is now enabled for bootloader image");
|
||||||
return ESP_OK;
|
return ESP_OK;
|
||||||
} else {
|
} else {
|
||||||
#ifdef CONFIG_SECURE_BOOT_TEST_MODE
|
|
||||||
ESP_LOGE(TAG, "secure boot not enabled due to test mode");
|
|
||||||
#else
|
|
||||||
ESP_LOGE(TAG, "secure boot not enabled for bootloader image, EFUSE_RD_ABS_DONE_0 is probably write protected!");
|
ESP_LOGE(TAG, "secure boot not enabled for bootloader image, EFUSE_RD_ABS_DONE_0 is probably write protected!");
|
||||||
#endif
|
|
||||||
return ESP_ERR_INVALID_STATE;
|
return ESP_ERR_INVALID_STATE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue