TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 26ed3f448f98d6cf3867fee29235961ecdb997e0 / . / boot / espressif / hal / src / flash_encrypt.c
blob: 77f5992bb27921b27c75b301dd8377a17f729c17 [file] [log] [blame]
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]1/*
2 * SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7#include <strings.h>
8#include "bootloader_flash_priv.h"
9#include "bootloader_random.h"
10#include "esp_image_format.h"
11#include "esp_flash_encrypt.h"
12#include "esp_flash_partitions.h"
13#include "esp_secure_boot.h"
14#include "esp_efuse.h"
15#include "esp_efuse_table.h"
16#include "esp_log.h"
17#include "hal/wdt_hal.h"
Almir Okatob365e232022-03-08 01:35:54 -0300[diff] [blame]18#include "soc/soc_caps.h"
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]19
20#include "esp_mcuboot_image.h"
21
22#if CONFIG_IDF_TARGET_ESP32
23#define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
24#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT
25#else
26#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
27#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
28#endif
29
30/* This file implements FLASH ENCRYPTION related APIs to perform
31 * various operations such as programming necessary flash encryption
32 * eFuses, detect whether flash encryption is enabled (by reading eFuse)
33 * and if required encrypt the partitions in flash memory
34 */
35
36static const char *TAG = "flash_encrypt";
37
38/* Static functions for stages of flash encryption */
39static esp_err_t initialise_flash_encryption(void);
40static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_crypt_wr_dis) __attribute__((unused));
41static esp_err_t encrypt_bootloader(void);
42static esp_err_t encrypt_primary_slot(void);
43
44esp_err_t esp_flash_encrypt_check_and_update(void)
45{
46 size_t flash_crypt_cnt = 0;
47 esp_efuse_read_field_cnt(CRYPT_CNT, &flash_crypt_cnt);
48 bool flash_crypt_wr_dis = esp_efuse_read_field_bit(WR_DIS_CRYPT_CNT);
49
50 ESP_LOGV(TAG, "CRYPT_CNT %d, write protection %d", flash_crypt_cnt, flash_crypt_wr_dis);
51
52 if (flash_crypt_cnt % 2 == 1) {
53 /* Flash is already encrypted */
54 int left = (CRYPT_CNT[0]->bit_count - flash_crypt_cnt) / 2;
55 if (flash_crypt_wr_dis) {
56 left = 0; /* can't update FLASH_CRYPT_CNT, no more flashes */
57 }
58 ESP_LOGI(TAG, "flash encryption is enabled (%d plaintext flashes left)", left);
59 return ESP_OK;
60 } else {
61#ifndef CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
62 /* Flash is not encrypted, so encrypt it! */
63 return encrypt_flash_contents(flash_crypt_cnt, flash_crypt_wr_dis);
64#else
65 ESP_LOGE(TAG, "flash encryption is not enabled, and SECURE_FLASH_REQUIRE_ALREADY_ENABLED "
66 "is set, refusing to boot.");
67 return ESP_ERR_INVALID_STATE;
68#endif // CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
69 }
70}
71
72static esp_err_t check_and_generate_encryption_keys(void)
73{
74 size_t key_size = 32;
75#ifdef CONFIG_IDF_TARGET_ESP32
76 enum { BLOCKS_NEEDED = 1 };
77 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
78 ESP_EFUSE_KEY_PURPOSE_FLASH_ENCRYPTION,
79 };
80 esp_efuse_coding_scheme_t coding_scheme = esp_efuse_get_coding_scheme(EFUSE_BLK_ENCRYPT_FLASH);
81 if (coding_scheme != EFUSE_CODING_SCHEME_NONE && coding_scheme != EFUSE_CODING_SCHEME_3_4) {
82 ESP_LOGE(TAG, "Unknown/unsupported CODING_SCHEME value 0x%x", coding_scheme);
83 return ESP_ERR_NOT_SUPPORTED;
84 }
85 if (coding_scheme == EFUSE_CODING_SCHEME_3_4) {
86 key_size = 24;
87 }
88#else
89#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES256
90 enum { BLOCKS_NEEDED = 2 };
91 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
92 ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1,
93 ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2,
94 };
95 if (esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY, NULL)) {
96 ESP_LOGE(TAG, "XTS_AES_128_KEY is already in use, XTS_AES_256_KEY_1/2 can not be used");
97 return ESP_ERR_INVALID_STATE;
98 }
99#else
100 enum { BLOCKS_NEEDED = 1 };
101 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
102 ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
103 };
104#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
105#endif // CONFIG_IDF_TARGET_ESP32
106
107 /* Initialize all efuse block entries to invalid (max) value */
108 esp_efuse_block_t blocks[BLOCKS_NEEDED] = {[0 ... BLOCKS_NEEDED-1] = EFUSE_BLK_KEY_MAX};
109 bool has_key = true;
110 for (unsigned i = 0; i < BLOCKS_NEEDED; i++) {
111 bool tmp_has_key = esp_efuse_find_purpose(purposes[i], &blocks[i]);
112 if (tmp_has_key) { // For ESP32: esp_efuse_find_purpose() always returns True, need to check whether the key block is used or not.
113 tmp_has_key &= !esp_efuse_key_block_unused(blocks[i]);
114 }
115 if (i == 1 && tmp_has_key != has_key) {
116 ESP_LOGE(TAG, "Invalid efuse key blocks: Both AES-256 key blocks must be set.");
117 return ESP_ERR_INVALID_STATE;
118 }
119 has_key &= tmp_has_key;
120 }
121
122 if (!has_key) {
123 /* Generate key */
124 uint8_t keys[BLOCKS_NEEDED][32] = { 0 };
125 ESP_LOGI(TAG, "Generating new flash encryption key...");
126 for (unsigned i = 0; i < BLOCKS_NEEDED; ++i) {
127 bootloader_fill_random(keys[i], key_size);
128 }
129 ESP_LOGD(TAG, "Key generation complete");
130
131 esp_err_t err = esp_efuse_write_keys(purposes, keys, BLOCKS_NEEDED);
132 if (err != ESP_OK) {
133 if (err == ESP_ERR_NOT_ENOUGH_UNUSED_KEY_BLOCKS) {
134 ESP_LOGE(TAG, "Not enough free efuse key blocks (need %d) to continue", BLOCKS_NEEDED);
135 } else {
136 ESP_LOGE(TAG, "Failed to write efuse block with purpose (err=0x%x). Can't continue.", err);
137 }
138 return err;
139 }
140 } else {
141 for (unsigned i = 0; i < BLOCKS_NEEDED; i++) {
142 if (!esp_efuse_get_key_dis_write(blocks[i])
143 || !esp_efuse_get_key_dis_read(blocks[i])
144 || !esp_efuse_get_keypurpose_dis_write(blocks[i])) { // For ESP32: no keypurpose, it returns always True.
145 ESP_LOGE(TAG, "Invalid key state, check read&write protection for key and keypurpose(if exists)");
146 return ESP_ERR_INVALID_STATE;
147 }
148 }
149 ESP_LOGI(TAG, "Using pre-loaded flash encryption key in efuse");
150 }
151 return ESP_OK;
152}
153
154static esp_err_t initialise_flash_encryption(void)
155{
156 esp_efuse_batch_write_begin(); /* Batch all efuse writes at the end of this function */
157
158 /* Before first flash encryption pass, need to initialise key & crypto config */
159 esp_err_t err = check_and_generate_encryption_keys();
160 if (err != ESP_OK) {
161 esp_efuse_batch_write_cancel();
162 return err;
163 }
164
165 err = esp_flash_encryption_enable_secure_features();
166 if (err != ESP_OK) {
167 esp_efuse_batch_write_cancel();
168 return err;
169 }
170
Almir Okatob365e232022-03-08 01:35:54 -0300[diff] [blame]171#if defined(SOC_SUPPORTS_SECURE_DL_MODE) && defined(CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE)
172 ESP_LOGI(TAG, "Enabling Secure Download mode...");
173 err = esp_efuse_enable_rom_secure_download_mode();
174 if (err != ESP_OK) {
175 ESP_LOGE(TAG, "Could not enable Secure Download mode...");
176 esp_efuse_batch_write_cancel();
177 return err;
178 }
179#elif CONFIG_SECURE_DISABLE_ROM_DL_MODE
180 ESP_LOGI(TAG, "Disable ROM Download mode...");
181 err = esp_efuse_disable_rom_download_mode();
182 if (err != ESP_OK) {
183 ESP_LOGE(TAG, "Could not disable ROM Download mode...");
184 esp_efuse_batch_write_cancel();
185 return err;
186 }
187#else
188 ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
189#endif
190
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]191 err = esp_efuse_batch_write_commit();
192 if (err != ESP_OK) {
193 ESP_LOGE(TAG, "Error programming security eFuses (err=0x%x).", err);
194 return err;
195 }
196
197 return ESP_OK;
198}
199
200/* Encrypt all flash data that should be encrypted */
201static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_crypt_wr_dis)
202{
203 esp_err_t err;
204
205 /* If all flash_crypt_cnt bits are burned or write-disabled, the
206 device can't re-encrypt itself. */
207 if (flash_crypt_wr_dis || flash_crypt_cnt == CRYPT_CNT[0]->bit_count) {
208 ESP_LOGE(TAG, "Cannot re-encrypt data CRYPT_CNT %d write disabled %d", flash_crypt_cnt, flash_crypt_wr_dis);
209 return ESP_FAIL;
210 }
211
212 if (flash_crypt_cnt == 0) {
213 /* Very first flash of encrypted data: generate keys, etc. */
214 err = initialise_flash_encryption();
215 if (err != ESP_OK) {
216 return err;
217 }
218 }
219
220 err = encrypt_bootloader();
221 if (err != ESP_OK) {
222 return err;
223 }
224
225 /* If the primary slot executable application is not encrypted,
226 * then encrypt it
227 */
228 err = encrypt_primary_slot();
229 if (err != ESP_OK) {
230 return err;
231 }
232
233 /* Unconditionally encrypts remaining regions
234 * This will need changes when implementing multi-slot support
235 */
236 ESP_LOGI(TAG, "Encrypting remaining flash...");
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]237 uint32_t region_addr = CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS;
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]238 size_t region_size = CONFIG_ESP_APPLICATION_SIZE;
239 err = esp_flash_encrypt_region(region_addr, region_size);
240 if (err != ESP_OK) {
241 return err;
242 }
243 region_addr = CONFIG_ESP_SCRATCH_OFFSET;
244 region_size = CONFIG_ESP_SCRATCH_SIZE;
245 err = esp_flash_encrypt_region(region_addr, region_size);
246 if (err != ESP_OK) {
247 return err;
248 }
249
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]250#if defined(CONFIG_ESP_IMAGE_NUMBER) && (CONFIG_ESP_IMAGE_NUMBER == 2)
251 region_addr = CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS;
252 region_size = CONFIG_ESP_APPLICATION_SIZE;
253 err = esp_flash_encrypt_region(region_addr, region_size);
254 if (err != ESP_OK) {
255 return err;
256 }
257 region_addr = CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS;
258 region_size = CONFIG_ESP_APPLICATION_SIZE;
259 err = esp_flash_encrypt_region(region_addr, region_size);
260 if (err != ESP_OK) {
261 return err;
262 }
263#endif
264
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]265#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE
266 // Go straight to max, permanently enabled
267 ESP_LOGI(TAG, "Setting CRYPT_CNT for permanent encryption");
268 size_t new_flash_crypt_cnt = CRYPT_CNT[0]->bit_count - flash_crypt_cnt;
269#else
270 /* Set least significant 0-bit in flash_crypt_cnt */
271 size_t new_flash_crypt_cnt = 1;
272#endif
273 ESP_LOGD(TAG, "CRYPT_CNT %d -> %d", flash_crypt_cnt, new_flash_crypt_cnt);
274 err = esp_efuse_write_field_cnt(CRYPT_CNT, new_flash_crypt_cnt);
275
276 ESP_LOGI(TAG, "Flash encryption completed");
277
278 return ESP_OK;
279}
280
281static esp_err_t encrypt_bootloader(void)
282{
283 esp_err_t err;
284 uint32_t image_length;
285 /* Check for plaintext bootloader (verification will fail if it's already encrypted) */
286 if (esp_image_verify_bootloader(&image_length) == ESP_OK) {
287 ESP_LOGI(TAG, "Encrypting bootloader...");
288
289 err = esp_flash_encrypt_region(ESP_BOOTLOADER_OFFSET, CONFIG_ESP_BOOTLOADER_SIZE);
290 if (err != ESP_OK) {
291 ESP_LOGE(TAG, "Failed to encrypt bootloader in place: 0x%x", err);
292 return err;
293 }
294 ESP_LOGI(TAG, "Bootloader encrypted successfully");
295 } else {
296 ESP_LOGW(TAG, "No valid bootloader was found");
297 return ESP_ERR_NOT_FOUND;
298 }
299
300 return ESP_OK;
301}
302
303static esp_err_t verify_img_header(uint32_t addr, const esp_image_load_header_t *image, bool silent)
304{
305 esp_err_t err = ESP_OK;
306
307 if (image->header_magic != ESP_LOAD_HEADER_MAGIC) {
308 if (!silent) {
309 ESP_LOGE(TAG, "image at 0x%x has invalid magic byte",
310 addr);
311 }
312 err = ESP_ERR_IMAGE_INVALID;
313 }
314
315 return err;
316}
317
318static esp_err_t encrypt_primary_slot(void)
319{
320 esp_err_t err;
321
322 esp_image_load_header_t img_header;
323
324 /* Check if the slot is plaintext or encrypted, 0x20 offset is for skipping
325 * MCUboot header
326 */
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]327 err = bootloader_flash_read(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS + 0x20,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]328 &img_header, sizeof(esp_image_load_header_t), true);
329 if (err != ESP_OK) {
330 ESP_LOGE(TAG, "Failed to read slot img header");
331 return err;
332 } else {
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]333 err = verify_img_header(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]334 &img_header, true);
335 }
336
337 if (err == ESP_OK) {
338 ESP_LOGI(TAG, "Encrypting primary slot...");
339
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]340 err = esp_flash_encrypt_region(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]341 CONFIG_ESP_APPLICATION_SIZE);
342 if (err != ESP_OK) {
343 ESP_LOGE(TAG, "Failed to encrypt slot in place: 0x%x", err);
344 return err;
345 }
346 } else {
347 ESP_LOGW(TAG, "Slot already encrypted or no valid image was found");
348 }
349
350 return ESP_OK;
351}
352
353esp_err_t esp_flash_encrypt_region(uint32_t src_addr, size_t data_length)
354{
355 esp_err_t err;
356 uint32_t buf[FLASH_SECTOR_SIZE / sizeof(uint32_t)];
357
358 if (src_addr % FLASH_SECTOR_SIZE != 0) {
359 ESP_LOGE(TAG, "esp_flash_encrypt_region bad src_addr 0x%x", src_addr);
360 return ESP_FAIL;
361 }
362
363 wdt_hal_context_t rtc_wdt_ctx = {.inst = WDT_RWDT, .rwdt_dev = &RTCCNTL};
364 for (size_t i = 0; i < data_length; i += FLASH_SECTOR_SIZE) {
365 wdt_hal_write_protect_disable(&rtc_wdt_ctx);
366 wdt_hal_feed(&rtc_wdt_ctx);
367 wdt_hal_write_protect_enable(&rtc_wdt_ctx);
368 uint32_t sec_start = i + src_addr;
369 err = bootloader_flash_read(sec_start, buf, FLASH_SECTOR_SIZE, true);
370 if (err != ESP_OK) {
371 goto flash_failed;
372 }
373 err = bootloader_flash_erase_sector(sec_start / FLASH_SECTOR_SIZE);
374 if (err != ESP_OK) {
375 goto flash_failed;
376 }
377 err = bootloader_flash_write(sec_start, buf, FLASH_SECTOR_SIZE, true);
378 if (err != ESP_OK) {
379 goto flash_failed;
380 }
381 }
382 return ESP_OK;
383
384flash_failed:
385 ESP_LOGE(TAG, "flash operation failed: 0x%x", err);
386 return err;
387}