espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-02 16:11:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

secure_boot: Checks secure boot efuses

Browse Source 
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
This commit is contained in:
KonstantinKondrashov
2021-01-26 04:27:03 +08:00
parent b92c290e56
commit 90f2d3199a
55 changed files with 877 additions and 767 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/en/security/secure-boot-v2.rst
View File

@@ -173,6 +173,8 @@ eFuse usage
- SECURE_BOOT_AGGRESSIVE_REVOKE - Enables aggressive revocation of keys. The key is revoked as soon as verification with this key fails.
To ensure no trusted keys can be added later by an attacker, each unused key digest slot should be revoked (KEY_REVOKEX). It will be checked during app startup in :cpp:func:`esp_secure_boot_init_checks` and fixed unless :ref:`CONFIG_SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS` is enabled.
.. _secure-boot-v2-howto:
How To Enable Secure Boot V2