espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-04 13:14:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

examples(efuse): Set CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE

Browse Source 
For efuse example test, we set CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
by default because in the python test we expect secure boot is in RELEASE mode
This commit is contained in:
KonstantinKondrashov
2023-01-24 01:10:05 +08:00
parent 1cb0472520
commit 905f9bf25f
5 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
examples/system/efuse/example_test.py
View File

@@ -714,7 +714,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe(env, _): # type: (ttfw_idf.TinyF
dut.expect('secure_boot_v2: blowing secure boot efuse...') dut.expect('secure_boot_v2: blowing secure boot efuse...')
dut.expect('Disable JTAG...') dut.expect('Disable JTAG...')
dut.expect('Disable ROM BASIC interpreter fallback...') dut.expect('Disable ROM BASIC interpreter fallback...')
dut.expect('UART ROM Download mode kept enabled - SECURITY COMPROMISED') dut.expect('Disable ROM Download mode...')
dut.expect('secure_boot_v2: Secure boot permanently enabled') dut.expect('secure_boot_v2: Secure boot permanently enabled')
dut.expect('Checking flash encryption...') dut.expect('Checking flash encryption...')
@@ -799,7 +799,7 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(env, _): # type: (ttfw_i
dut.expect('secure_boot_v2: Revoking empty key digest slot (1)...') dut.expect('secure_boot_v2: Revoking empty key digest slot (1)...')
dut.expect('secure_boot_v2: Revoking empty key digest slot (2)...') dut.expect('secure_boot_v2: Revoking empty key digest slot (2)...')
dut.expect('secure_boot_v2: blowing secure boot efuse...') dut.expect('secure_boot_v2: blowing secure boot efuse...')
dut.expect('UART ROM Download mode kept enabled - SECURITY COMPROMISED') dut.expect('Enabling Security download mode...')
dut.expect('Disable hardware & software JTAG...') dut.expect('Disable hardware & software JTAG...')
if dut.TARGET != 'esp32c2': if dut.TARGET != 'esp32c2':

1
examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32
View File

@@ -13,6 +13,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
CONFIG_SECURE_BOOT=y CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_V2_ENABLED=y CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem" CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
CONFIG_SECURE_DISABLE_ROM_DL_MODE=y
CONFIG_SECURE_FLASH_ENC_ENABLED=y CONFIG_SECURE_FLASH_ENC_ENABLED=y

1
examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c2
View File

@@ -9,6 +9,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
CONFIG_SECURE_BOOT=y CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_V2_ENABLED=y CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key_ecdsa_nistp256.pem" CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key_ecdsa_nistp256.pem"
CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
CONFIG_SECURE_FLASH_ENC_ENABLED=y CONFIG_SECURE_FLASH_ENC_ENABLED=y

1
examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32c3
View File

@@ -13,6 +13,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
CONFIG_SECURE_BOOT=y CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_V2_ENABLED=y CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem" CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
CONFIG_SECURE_FLASH_ENC_ENABLED=y CONFIG_SECURE_FLASH_ENC_ENABLED=y

1
examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32s2
View File

@@ -9,6 +9,7 @@ CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"
CONFIG_SECURE_BOOT=y CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_V2_ENABLED=y CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem" CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
CONFIG_SECURE_FLASH_ENC_ENABLED=y CONFIG_SECURE_FLASH_ENC_ENABLED=y