esp32s2: Disable legacy boot mode & ROM remap modes if either Secure Boot or Flash Encryption is on

components/bootloader_support/src/esp32s2/flash_encrypt.c

@@ -188,31 +188,28 @@ static esp_err_t initialise_flash_encryption(void)
 
 #ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
     ESP_LOGI(TAG, "Disable UART bootloader encryption...");
-    const uint8_t dis_manual_encrypt = 1;
-    esp_efuse_write_field_blob(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT, &dis_manual_encrypt, 1);
+    esp_efuse_write_field_cnt(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT, 1);
 #else
     ESP_LOGW(TAG, "Not disabling UART bootloader encryption");
 #endif
 
 #ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE
     ESP_LOGI(TAG, "Disable UART bootloader cache...");
-    const uint8_t dis_download_caches = 1;
-    esp_efuse_write_field_blob(ESP_EFUSE_DIS_DOWNLOAD_DCACHE, &dis_download_caches, 1);
-    esp_efuse_write_field_blob(ESP_EFUSE_DIS_DOWNLOAD_ICACHE, &dis_download_caches, 1);
+    esp_efuse_write_field_cnt(ESP_EFUSE_DIS_DOWNLOAD_DCACHE, 1);
+    esp_efuse_write_field_cnt(ESP_EFUSE_DIS_DOWNLOAD_ICACHE, 1);
 #else
     ESP_LOGW(TAG, "Not disabling UART bootloader cache - SECURITY COMPROMISED");
 #endif
 
 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
     ESP_LOGI(TAG, "Disable JTAG...");
-    const uint8_t dis_jtag = 1;
-    esp_efuse_write_field_blob(ESP_EFUSE_HARD_DIS_JTAG, &dis_jtag, 1);
+    esp_efuse_write_field_cnt(ESP_EFUSE_HARD_DIS_JTAG, 1);
 #else
     ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
 #endif
 
-    const uint8_t dis_boot_remap = 1;
-    esp_efuse_write_field_blob(ESP_EFUSE_DIS_BOOT_REMAP, &dis_boot_remap, 1);
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_BOOT_REMAP);
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_LEGACY_SPI_BOOT);
 
     esp_err_t err = esp_efuse_batch_write_commit();