bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme
This commit is contained in:
parent
541e02a7e3
commit
d7615df616
2 changed files with 10 additions and 0 deletions
|
@ -62,6 +62,11 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
|
||||||
|
|
||||||
static esp_err_t initialise_flash_encryption(void)
|
static esp_err_t initialise_flash_encryption(void)
|
||||||
{
|
{
|
||||||
|
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||||
|
ESP_LOGE(TAG, "Flash Encryption is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||||
|
return ESP_ERR_NOT_SUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
/* Before first flash encryption pass, need to initialise key & crypto config */
|
/* Before first flash encryption pass, need to initialise key & crypto config */
|
||||||
|
|
||||||
/* Generate key */
|
/* Generate key */
|
||||||
|
|
|
@ -110,6 +110,11 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
|
||||||
return ESP_OK;
|
return ESP_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
|
||||||
|
ESP_LOGE(TAG, "Secure Boot is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
|
||||||
|
return ESP_ERR_NOT_SUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
/* Verify the bootloader */
|
/* Verify the bootloader */
|
||||||
esp_image_metadata_t bootloader_data = { 0 };
|
esp_image_metadata_t bootloader_data = { 0 };
|
||||||
err = esp_image_verify_bootloader_data(&bootloader_data);
|
err = esp_image_verify_bootloader_data(&bootloader_data);
|
||||||
|
|
Loading…
Reference in a new issue