TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 54ef484afac4cd018afcf26848de5de6ab6ca18f / . / boot / espressif / hal / src / flash_encrypt.c
blob: 222e32e2aec5e9ae5cb337380c3a2ba574347968 [file] [log] [blame]
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]1/*
2 * SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7#include <strings.h>
8#include "bootloader_flash_priv.h"
9#include "bootloader_random.h"
10#include "esp_image_format.h"
11#include "esp_flash_encrypt.h"
12#include "esp_flash_partitions.h"
13#include "esp_secure_boot.h"
14#include "esp_efuse.h"
15#include "esp_efuse_table.h"
16#include "esp_log.h"
17#include "hal/wdt_hal.h"
Almir Okatob365e232022-03-08 01:35:54 -0300[diff] [blame]18#include "soc/soc_caps.h"
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]19
20#include "esp_mcuboot_image.h"
21
22#if CONFIG_IDF_TARGET_ESP32
23#define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
24#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT
25#else
26#define CRYPT_CNT ESP_EFUSE_SPI_BOOT_CRYPT_CNT
27#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
28#endif
29
30/* This file implements FLASH ENCRYPTION related APIs to perform
31 * various operations such as programming necessary flash encryption
32 * eFuses, detect whether flash encryption is enabled (by reading eFuse)
33 * and if required encrypt the partitions in flash memory
34 */
35
36static const char *TAG = "flash_encrypt";
37
38/* Static functions for stages of flash encryption */
39static esp_err_t initialise_flash_encryption(void);
40static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_crypt_wr_dis) __attribute__((unused));
41static esp_err_t encrypt_bootloader(void);
42static esp_err_t encrypt_primary_slot(void);
43
Almir Okato54ef4842023-03-07 17:56:53 -0300[diff] [blame^]44/**
45 * This former inlined function must not be defined in the header file anymore.
46 * As it depends on efuse component, any use of it outside of `bootloader_support`,
47 * would require the caller component to include `efuse` as part of its `REQUIRES` or
48 * `PRIV_REQUIRES` entries.
49 * Attribute IRAM_ATTR must be specified for the app build.
50 */
51bool IRAM_ATTR esp_flash_encryption_enabled(void)
52{
53 uint32_t flash_crypt_cnt = 0;
54#ifndef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
55 flash_crypt_cnt = efuse_ll_get_flash_crypt_cnt();
56#else
57#if CONFIG_IDF_TARGET_ESP32
58 esp_efuse_read_field_blob(ESP_EFUSE_FLASH_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_FLASH_CRYPT_CNT[0]->bit_count);
59#else
60 esp_efuse_read_field_blob(ESP_EFUSE_SPI_BOOT_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_SPI_BOOT_CRYPT_CNT[0]->bit_count);
61#endif
62#endif
63 /* __builtin_parity is in flash, so we calculate parity inline */
64 bool enabled = false;
65 while (flash_crypt_cnt) {
66 if (flash_crypt_cnt & 1) {
67 enabled = !enabled;
68 }
69 flash_crypt_cnt >>= 1;
70 }
71 return enabled;
72}
73
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]74esp_err_t esp_flash_encrypt_check_and_update(void)
75{
76 size_t flash_crypt_cnt = 0;
77 esp_efuse_read_field_cnt(CRYPT_CNT, &flash_crypt_cnt);
78 bool flash_crypt_wr_dis = esp_efuse_read_field_bit(WR_DIS_CRYPT_CNT);
79
80 ESP_LOGV(TAG, "CRYPT_CNT %d, write protection %d", flash_crypt_cnt, flash_crypt_wr_dis);
81
82 if (flash_crypt_cnt % 2 == 1) {
83 /* Flash is already encrypted */
84 int left = (CRYPT_CNT[0]->bit_count - flash_crypt_cnt) / 2;
85 if (flash_crypt_wr_dis) {
86 left = 0; /* can't update FLASH_CRYPT_CNT, no more flashes */
87 }
88 ESP_LOGI(TAG, "flash encryption is enabled (%d plaintext flashes left)", left);
89 return ESP_OK;
90 } else {
91#ifndef CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
92 /* Flash is not encrypted, so encrypt it! */
93 return encrypt_flash_contents(flash_crypt_cnt, flash_crypt_wr_dis);
94#else
95 ESP_LOGE(TAG, "flash encryption is not enabled, and SECURE_FLASH_REQUIRE_ALREADY_ENABLED "
96 "is set, refusing to boot.");
97 return ESP_ERR_INVALID_STATE;
98#endif // CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
99 }
100}
101
102static esp_err_t check_and_generate_encryption_keys(void)
103{
104 size_t key_size = 32;
105#ifdef CONFIG_IDF_TARGET_ESP32
106 enum { BLOCKS_NEEDED = 1 };
107 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
108 ESP_EFUSE_KEY_PURPOSE_FLASH_ENCRYPTION,
109 };
110 esp_efuse_coding_scheme_t coding_scheme = esp_efuse_get_coding_scheme(EFUSE_BLK_ENCRYPT_FLASH);
111 if (coding_scheme != EFUSE_CODING_SCHEME_NONE && coding_scheme != EFUSE_CODING_SCHEME_3_4) {
112 ESP_LOGE(TAG, "Unknown/unsupported CODING_SCHEME value 0x%x", coding_scheme);
113 return ESP_ERR_NOT_SUPPORTED;
114 }
115 if (coding_scheme == EFUSE_CODING_SCHEME_3_4) {
116 key_size = 24;
117 }
118#else
119#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES256
120 enum { BLOCKS_NEEDED = 2 };
121 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
122 ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1,
123 ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2,
124 };
125 if (esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY, NULL)) {
126 ESP_LOGE(TAG, "XTS_AES_128_KEY is already in use, XTS_AES_256_KEY_1/2 can not be used");
127 return ESP_ERR_INVALID_STATE;
128 }
129#else
130 enum { BLOCKS_NEEDED = 1 };
131 esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
132 ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
133 };
134#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
135#endif // CONFIG_IDF_TARGET_ESP32
136
137 /* Initialize all efuse block entries to invalid (max) value */
138 esp_efuse_block_t blocks[BLOCKS_NEEDED] = {[0 ... BLOCKS_NEEDED-1] = EFUSE_BLK_KEY_MAX};
139 bool has_key = true;
140 for (unsigned i = 0; i < BLOCKS_NEEDED; i++) {
141 bool tmp_has_key = esp_efuse_find_purpose(purposes[i], &blocks[i]);
142 if (tmp_has_key) { // For ESP32: esp_efuse_find_purpose() always returns True, need to check whether the key block is used or not.
143 tmp_has_key &= !esp_efuse_key_block_unused(blocks[i]);
144 }
145 if (i == 1 && tmp_has_key != has_key) {
146 ESP_LOGE(TAG, "Invalid efuse key blocks: Both AES-256 key blocks must be set.");
147 return ESP_ERR_INVALID_STATE;
148 }
149 has_key &= tmp_has_key;
150 }
151
152 if (!has_key) {
153 /* Generate key */
154 uint8_t keys[BLOCKS_NEEDED][32] = { 0 };
155 ESP_LOGI(TAG, "Generating new flash encryption key...");
156 for (unsigned i = 0; i < BLOCKS_NEEDED; ++i) {
157 bootloader_fill_random(keys[i], key_size);
158 }
159 ESP_LOGD(TAG, "Key generation complete");
160
161 esp_err_t err = esp_efuse_write_keys(purposes, keys, BLOCKS_NEEDED);
162 if (err != ESP_OK) {
163 if (err == ESP_ERR_NOT_ENOUGH_UNUSED_KEY_BLOCKS) {
164 ESP_LOGE(TAG, "Not enough free efuse key blocks (need %d) to continue", BLOCKS_NEEDED);
165 } else {
166 ESP_LOGE(TAG, "Failed to write efuse block with purpose (err=0x%x). Can't continue.", err);
167 }
168 return err;
169 }
170 } else {
171 for (unsigned i = 0; i < BLOCKS_NEEDED; i++) {
172 if (!esp_efuse_get_key_dis_write(blocks[i])
173 || !esp_efuse_get_key_dis_read(blocks[i])
174 || !esp_efuse_get_keypurpose_dis_write(blocks[i])) { // For ESP32: no keypurpose, it returns always True.
175 ESP_LOGE(TAG, "Invalid key state, check read&write protection for key and keypurpose(if exists)");
176 return ESP_ERR_INVALID_STATE;
177 }
178 }
179 ESP_LOGI(TAG, "Using pre-loaded flash encryption key in efuse");
180 }
181 return ESP_OK;
182}
183
184static esp_err_t initialise_flash_encryption(void)
185{
186 esp_efuse_batch_write_begin(); /* Batch all efuse writes at the end of this function */
187
188 /* Before first flash encryption pass, need to initialise key & crypto config */
189 esp_err_t err = check_and_generate_encryption_keys();
190 if (err != ESP_OK) {
191 esp_efuse_batch_write_cancel();
192 return err;
193 }
194
195 err = esp_flash_encryption_enable_secure_features();
196 if (err != ESP_OK) {
197 esp_efuse_batch_write_cancel();
198 return err;
199 }
200
Almir Okatob365e232022-03-08 01:35:54 -0300[diff] [blame]201#if defined(SOC_SUPPORTS_SECURE_DL_MODE) && defined(CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE)
202 ESP_LOGI(TAG, "Enabling Secure Download mode...");
203 err = esp_efuse_enable_rom_secure_download_mode();
204 if (err != ESP_OK) {
205 ESP_LOGE(TAG, "Could not enable Secure Download mode...");
206 esp_efuse_batch_write_cancel();
207 return err;
208 }
209#elif CONFIG_SECURE_DISABLE_ROM_DL_MODE
210 ESP_LOGI(TAG, "Disable ROM Download mode...");
211 err = esp_efuse_disable_rom_download_mode();
212 if (err != ESP_OK) {
213 ESP_LOGE(TAG, "Could not disable ROM Download mode...");
214 esp_efuse_batch_write_cancel();
215 return err;
216 }
217#else
218 ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
219#endif
220
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]221 err = esp_efuse_batch_write_commit();
222 if (err != ESP_OK) {
223 ESP_LOGE(TAG, "Error programming security eFuses (err=0x%x).", err);
224 return err;
225 }
226
227 return ESP_OK;
228}
229
230/* Encrypt all flash data that should be encrypted */
231static esp_err_t encrypt_flash_contents(uint32_t flash_crypt_cnt, bool flash_crypt_wr_dis)
232{
233 esp_err_t err;
234
235 /* If all flash_crypt_cnt bits are burned or write-disabled, the
236 device can't re-encrypt itself. */
237 if (flash_crypt_wr_dis || flash_crypt_cnt == CRYPT_CNT[0]->bit_count) {
238 ESP_LOGE(TAG, "Cannot re-encrypt data CRYPT_CNT %d write disabled %d", flash_crypt_cnt, flash_crypt_wr_dis);
239 return ESP_FAIL;
240 }
241
242 if (flash_crypt_cnt == 0) {
243 /* Very first flash of encrypted data: generate keys, etc. */
244 err = initialise_flash_encryption();
245 if (err != ESP_OK) {
246 return err;
247 }
248 }
249
250 err = encrypt_bootloader();
251 if (err != ESP_OK) {
252 return err;
253 }
254
255 /* If the primary slot executable application is not encrypted,
256 * then encrypt it
257 */
258 err = encrypt_primary_slot();
259 if (err != ESP_OK) {
260 return err;
261 }
262
263 /* Unconditionally encrypts remaining regions
264 * This will need changes when implementing multi-slot support
265 */
266 ESP_LOGI(TAG, "Encrypting remaining flash...");
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]267 uint32_t region_addr = CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS;
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]268 size_t region_size = CONFIG_ESP_APPLICATION_SIZE;
269 err = esp_flash_encrypt_region(region_addr, region_size);
270 if (err != ESP_OK) {
271 return err;
272 }
273 region_addr = CONFIG_ESP_SCRATCH_OFFSET;
274 region_size = CONFIG_ESP_SCRATCH_SIZE;
275 err = esp_flash_encrypt_region(region_addr, region_size);
276 if (err != ESP_OK) {
277 return err;
278 }
279
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]280#if defined(CONFIG_ESP_IMAGE_NUMBER) && (CONFIG_ESP_IMAGE_NUMBER == 2)
281 region_addr = CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS;
282 region_size = CONFIG_ESP_APPLICATION_SIZE;
283 err = esp_flash_encrypt_region(region_addr, region_size);
284 if (err != ESP_OK) {
285 return err;
286 }
287 region_addr = CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS;
288 region_size = CONFIG_ESP_APPLICATION_SIZE;
289 err = esp_flash_encrypt_region(region_addr, region_size);
290 if (err != ESP_OK) {
291 return err;
292 }
293#endif
294
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]295#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE
296 // Go straight to max, permanently enabled
297 ESP_LOGI(TAG, "Setting CRYPT_CNT for permanent encryption");
298 size_t new_flash_crypt_cnt = CRYPT_CNT[0]->bit_count - flash_crypt_cnt;
299#else
300 /* Set least significant 0-bit in flash_crypt_cnt */
301 size_t new_flash_crypt_cnt = 1;
302#endif
303 ESP_LOGD(TAG, "CRYPT_CNT %d -> %d", flash_crypt_cnt, new_flash_crypt_cnt);
304 err = esp_efuse_write_field_cnt(CRYPT_CNT, new_flash_crypt_cnt);
305
306 ESP_LOGI(TAG, "Flash encryption completed");
307
308 return ESP_OK;
309}
310
311static esp_err_t encrypt_bootloader(void)
312{
313 esp_err_t err;
314 uint32_t image_length;
315 /* Check for plaintext bootloader (verification will fail if it's already encrypted) */
316 if (esp_image_verify_bootloader(&image_length) == ESP_OK) {
317 ESP_LOGI(TAG, "Encrypting bootloader...");
318
319 err = esp_flash_encrypt_region(ESP_BOOTLOADER_OFFSET, CONFIG_ESP_BOOTLOADER_SIZE);
320 if (err != ESP_OK) {
321 ESP_LOGE(TAG, "Failed to encrypt bootloader in place: 0x%x", err);
322 return err;
323 }
324 ESP_LOGI(TAG, "Bootloader encrypted successfully");
325 } else {
326 ESP_LOGW(TAG, "No valid bootloader was found");
327 return ESP_ERR_NOT_FOUND;
328 }
329
330 return ESP_OK;
331}
332
333static esp_err_t verify_img_header(uint32_t addr, const esp_image_load_header_t *image, bool silent)
334{
335 esp_err_t err = ESP_OK;
336
337 if (image->header_magic != ESP_LOAD_HEADER_MAGIC) {
338 if (!silent) {
339 ESP_LOGE(TAG, "image at 0x%x has invalid magic byte",
340 addr);
341 }
342 err = ESP_ERR_IMAGE_INVALID;
343 }
344
345 return err;
346}
347
348static esp_err_t encrypt_primary_slot(void)
349{
350 esp_err_t err;
351
352 esp_image_load_header_t img_header;
353
354 /* Check if the slot is plaintext or encrypted, 0x20 offset is for skipping
355 * MCUboot header
356 */
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]357 err = bootloader_flash_read(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS + 0x20,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]358 &img_header, sizeof(esp_image_load_header_t), true);
359 if (err != ESP_OK) {
360 ESP_LOGE(TAG, "Failed to read slot img header");
361 return err;
362 } else {
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]363 err = verify_img_header(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]364 &img_header, true);
365 }
366
367 if (err == ESP_OK) {
368 ESP_LOGI(TAG, "Encrypting primary slot...");
369
Almir Okatoa1d641d2022-02-21 19:31:46 -0300[diff] [blame]370 err = esp_flash_encrypt_region(CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS,
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]371 CONFIG_ESP_APPLICATION_SIZE);
372 if (err != ESP_OK) {
373 ESP_LOGE(TAG, "Failed to encrypt slot in place: 0x%x", err);
374 return err;
375 }
376 } else {
377 ESP_LOGW(TAG, "Slot already encrypted or no valid image was found");
378 }
379
380 return ESP_OK;
381}
382
383esp_err_t esp_flash_encrypt_region(uint32_t src_addr, size_t data_length)
384{
385 esp_err_t err;
386 uint32_t buf[FLASH_SECTOR_SIZE / sizeof(uint32_t)];
387
388 if (src_addr % FLASH_SECTOR_SIZE != 0) {
389 ESP_LOGE(TAG, "esp_flash_encrypt_region bad src_addr 0x%x", src_addr);
390 return ESP_FAIL;
391 }
392
Almir Okato54ef4842023-03-07 17:56:53 -0300[diff] [blame^]393 wdt_hal_context_t rtc_wdt_ctx = RWDT_HAL_CONTEXT_DEFAULT();
Almir Okato14763b12021-11-25 00:45:26 -0300[diff] [blame]394 for (size_t i = 0; i < data_length; i += FLASH_SECTOR_SIZE) {
395 wdt_hal_write_protect_disable(&rtc_wdt_ctx);
396 wdt_hal_feed(&rtc_wdt_ctx);
397 wdt_hal_write_protect_enable(&rtc_wdt_ctx);
398 uint32_t sec_start = i + src_addr;
399 err = bootloader_flash_read(sec_start, buf, FLASH_SECTOR_SIZE, true);
400 if (err != ESP_OK) {
401 goto flash_failed;
402 }
403 err = bootloader_flash_erase_sector(sec_start / FLASH_SECTOR_SIZE);
404 if (err != ESP_OK) {
405 goto flash_failed;
406 }
407 err = bootloader_flash_write(sec_start, buf, FLASH_SECTOR_SIZE, true);
408 if (err != ESP_OK) {
409 goto flash_failed;
410 }
411 }
412 return ESP_OK;
413
414flash_failed:
415 ESP_LOGE(TAG, "flash operation failed: 0x%x", err);
416 return err;
417}