espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix/disallow_enabling_sb_sha384_when_sb_sha256_is_enabled_p4_v5.5' into 'release/v5.5'

Browse Source 
fix(efuse): Disallow enabling SB using SHA-384 when SB using SHA-256 is enabled (ESP32-P4 ECO5) (v5.5)

See merge request espressif/esp-idf!43263
This commit is contained in:
Mahavir Jain
2025-11-12 11:22:35 +05:30
parent 6b89f1ed1c 6ea63548d4
commit 34ff2409dc
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/bootloader/Kconfig.projbuild
+1 -1
View File
@@ -967,7 +967,7 @@ menu "Security features"
config SECURE_BOOT_SKIP_WRITE_PROTECTION_SCA
bool "Skip write-protection of SECURE_FLASH_PSEUDO_ROUND_FUNC_STRENGTH"
default y if SECURE_FLASH_PSEUDO_ROUND_FUNC
default y if SECURE_FLASH_PSEUDO_ROUND_FUNC && !SECURE_FLASH_ENCRYPTION_MODE_RELEASE
default n
depends on SOC_ECDSA_SUPPORT_CURVE_P384 && SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
help
components/esp_security/src/init.c
+5 -2
View File
@@ -90,7 +90,7 @@ ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103)
#if CONFIG_SECURE_BOOT_V2_ENABLED
// H2, H21
#if SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED
// Also write protects the ECDSA_CURVE_MODE efuse bit.
// Also write protects the ECC_FORCE_CONST_TIME efuse bit.
if (ecdsa_ll_is_configurable_curve_supported()) {
err = esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE);
if (err != ESP_OK) {
@@ -102,10 +102,13 @@ ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103)
#if !CONFIG_SECURE_BOOT_SKIP_WRITE_PROTECTION_SCA
// C5
#if SOC_ECDSA_SUPPORT_CURVE_P384 && !CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS
#if SOC_ECDSA_SUPPORT_CURVE_P384 && !CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS && !CONFIG_IDF_TARGET_ESP32P4
// Since SECURE_BOOT_SHA384_EN, XTS_DPA_PSEUDO_LEVEL, and ECC_FORCE_CONST_TIME share the
// same write-protection bit, these efuses should only be write-protected after all of
// them have been programmed.
// Note: ESP32-P4 lacks WR_DIS_SECURE_BOOT_SHA384_EN bit, so it relies on software protection
// in the efuse write APIs (see esp_efuse_api.c) to prevent unauthorized programming of
// SECURE_BOOT_SHA384_EN when Secure Boot using SHA-256 is enabled.
err = esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_SECURE_BOOT_SHA384_EN);
if (err != ESP_OK) {
ESP_LOGE(TAG, "Failed to write protect the SECURE_BOOT_SHA384_EN efuse bit.");