1 // Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
7 // http://www.apache.org/licenses/LICENSE-2.0
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
18 #include "esp_types.h"
21 #include "rom/cache.h"
22 #include "rom/ets_sys.h"
23 #include "rom/secure_boot.h"
25 #include "soc/dport_reg.h"
26 #include "soc/io_mux_reg.h"
27 #include "soc/efuse_reg.h"
28 #include "soc/rtc_cntl_reg.h"
30 #include "sdkconfig.h"
32 #include "bootloader_flash.h"
33 #include "bootloader_random.h"
34 #include "esp_image_format.h"
35 #include "esp_secure_boot.h"
36 #include "esp_flash_encrypt.h"
37 #include "esp_efuse.h"
39 static const char* TAG
= "secure_boot";
42 * @function : secure_boot_generate
43 * @description: generate boot digest (aka "abstract") & iv
45 * @inputs: image_len - length of image to calculate digest for
47 static bool secure_boot_generate(uint32_t image_len
){
49 esp_secure_boot_iv_digest_t digest
;
50 const uint32_t *image
;
52 /* hardware secure boot engine only takes full blocks, so round up the
53 image length. The additional data should all be 0xFF.
55 if (image_len
% sizeof(digest
.iv
) != 0) {
56 image_len
= (image_len
/ sizeof(digest
.iv
) + 1) * sizeof(digest
.iv
);
58 ets_secure_boot_start();
59 ets_secure_boot_rd_iv((uint32_t *)digest
.iv
);
60 ets_secure_boot_hash(NULL
);
61 /* iv stored in sec 0 */
62 err
= bootloader_flash_erase_sector(0);
65 ESP_LOGE(TAG
, "SPI erase failed: 0x%x", err
);
69 /* generate digest from image contents */
70 image
= bootloader_mmap(ESP_BOOTLOADER_OFFSET
, image_len
);
72 ESP_LOGE(TAG
, "bootloader_mmap(0x1000, 0x%x) failed", image_len
);
75 for (int i
= 0; i
< image_len
; i
+= sizeof(digest
.iv
)) {
76 ets_secure_boot_hash(&image
[i
/sizeof(uint32_t)]);
78 bootloader_munmap(image
);
80 ets_secure_boot_obtain();
81 ets_secure_boot_rd_abstract((uint32_t *)digest
.digest
);
82 ets_secure_boot_finish();
84 ESP_LOGD(TAG
, "write iv+digest to flash");
85 err
= bootloader_flash_write(FLASH_OFFS_SECURE_BOOT_IV_DIGEST
, &digest
,
86 sizeof(digest
), esp_flash_encryption_enabled());
88 ESP_LOGE(TAG
, "SPI write failed: 0x%x", err
);
95 /* Burn values written to the efuse write registers */
96 static inline void burn_efuses()
98 #ifdef CONFIG_SECURE_BOOT_TEST_MODE
99 ESP_LOGE(TAG
, "SECURE BOOT TEST MODE. Not really burning any efuses! NOT SECURE");
101 esp_efuse_burn_new_values();
105 esp_err_t
esp_secure_boot_permanently_enable(void) {
107 uint32_t image_len
= 0;
108 if (esp_secure_boot_enabled())
110 ESP_LOGI(TAG
, "bootloader secure boot is already enabled, continuing..");
114 err
= esp_image_verify_bootloader(&image_len
);
116 ESP_LOGE(TAG
, "bootloader image appears invalid! error %d", err
);
120 uint32_t dis_reg
= REG_READ(EFUSE_BLK0_RDATA0_REG
);
121 bool efuse_key_read_protected
= dis_reg
& EFUSE_RD_DIS_BLK2
;
122 bool efuse_key_write_protected
= dis_reg
& EFUSE_WR_DIS_BLK2
;
123 if (efuse_key_read_protected
== false
124 && efuse_key_write_protected
== false
125 && REG_READ(EFUSE_BLK2_RDATA0_REG
) == 0
126 && REG_READ(EFUSE_BLK2_RDATA1_REG
) == 0
127 && REG_READ(EFUSE_BLK2_RDATA2_REG
) == 0
128 && REG_READ(EFUSE_BLK2_RDATA3_REG
) == 0
129 && REG_READ(EFUSE_BLK2_RDATA4_REG
) == 0
130 && REG_READ(EFUSE_BLK2_RDATA5_REG
) == 0
131 && REG_READ(EFUSE_BLK2_RDATA6_REG
) == 0
132 && REG_READ(EFUSE_BLK2_RDATA7_REG
) == 0) {
133 ESP_LOGI(TAG
, "Generating new secure boot key...");
135 bootloader_fill_random(buf
, sizeof(buf
));
136 for (int i
= 0; i
< 8; i
++) {
137 ESP_LOGV(TAG
, "EFUSE_BLK2_WDATA%d_REG = 0x%08x", i
, buf
[i
]);
138 REG_WRITE(EFUSE_BLK2_WDATA0_REG
+ 4*i
, buf
[i
]);
140 bzero(buf
, sizeof(buf
));
142 ESP_LOGI(TAG
, "Read & write protecting new key...");
143 REG_WRITE(EFUSE_BLK0_WDATA0_REG
, EFUSE_WR_DIS_BLK2
| EFUSE_RD_DIS_BLK2
);
145 efuse_key_read_protected
= true;
146 efuse_key_write_protected
= true;
149 ESP_LOGW(TAG
, "Using pre-loaded secure boot key in EFUSE block 2");
152 ESP_LOGI(TAG
, "Generating secure boot digest...");
153 if (false == secure_boot_generate(image_len
)){
154 ESP_LOGE(TAG
, "secure boot generation failed");
157 ESP_LOGI(TAG
, "Digest generation complete.");
159 #ifndef CONFIG_SECURE_BOOT_TEST_MODE
160 if (!efuse_key_read_protected
) {
161 ESP_LOGE(TAG
, "Pre-loaded key is not read protected. Refusing to blow secure boot efuse.");
162 return ESP_ERR_INVALID_STATE
;
164 if (!efuse_key_write_protected
) {
165 ESP_LOGE(TAG
, "Pre-loaded key is not write protected. Refusing to blow secure boot efuse.");
166 return ESP_ERR_INVALID_STATE
;
170 ESP_LOGI(TAG
, "blowing secure boot efuse...");
171 ESP_LOGD(TAG
, "before updating, EFUSE_BLK0_RDATA6 %x", REG_READ(EFUSE_BLK0_RDATA6_REG
));
173 uint32_t new_wdata6
= EFUSE_RD_ABS_DONE_0
;
175 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
176 ESP_LOGI(TAG
, "Disable JTAG...");
177 new_wdata6
|= EFUSE_RD_DISABLE_JTAG
;
179 ESP_LOGW(TAG
, "Not disabling JTAG - SECURITY COMPROMISED");
182 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
183 ESP_LOGI(TAG
, "Disable ROM BASIC interpreter fallback...");
184 new_wdata6
|= EFUSE_RD_CONSOLE_DEBUG_DISABLE
;
186 ESP_LOGW(TAG
, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
189 REG_WRITE(EFUSE_BLK0_WDATA6_REG
, new_wdata6
);
191 uint32_t after
= REG_READ(EFUSE_BLK0_RDATA6_REG
);
192 ESP_LOGD(TAG
, "after updating, EFUSE_BLK0_RDATA6 %x", after
);
193 if (after
& EFUSE_RD_ABS_DONE_0
) {
194 ESP_LOGI(TAG
, "secure boot is now enabled for bootloader image");
197 #ifdef CONFIG_SECURE_BOOT_TEST_MODE
198 ESP_LOGE(TAG
, "secure boot not enabled due to test mode");
200 ESP_LOGE(TAG
, "secure boot not enabled for bootloader image, EFUSE_RD_ABS_DONE_0 is probably write protected!");
202 return ESP_ERR_INVALID_STATE
;