efuse: Prevent burning XTS_AES and ECDSA keys into BLOCK9 (BLOCK_KEY5)

eFuse module has a hardware bug. It is related to ESP32-C3, C6, S3, H2 chips: - BLOCK9 (BLOCK_KEY5) can not be used by XTS_AES keys. For H2 chips, the BLOCK9 (BLOCK_KEY5) can not be used by ECDSA keys. S2 does not have such a hardware bug.
2025-11-02 16:11:41 +01:00 · 2023-04-04 00:00:56 +08:00
parent d0a29ada57
commit 3d695b9768
12 changed files with 79 additions and 3 deletions
--- a/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
@@ -975,6 +975,10 @@ config SOC_EFUSE_DIS_ICACHE
    bool
    default y

+config SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK
+    bool
+    default y
+
 config SOC_SECURE_BOOT_V2_RSA
    bool
    default y
--- a/components/soc/esp32h2/include/soc/soc_caps.h
+++ b/components/soc/esp32h2/include/soc/soc_caps.h
@@ -410,6 +410,7 @@
 #define SOC_EFUSE_DIS_DIRECT_BOOT 1
 #define SOC_EFUSE_SOFT_DIS_JTAG 1
 #define SOC_EFUSE_DIS_ICACHE 1
+#define SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK 1  // AES-XTS and ECDSA key purposes not supported for this block

 /*-------------------------- Secure Boot CAPS----------------------------*/
 #define SOC_SECURE_BOOT_V2_RSA              1