feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Merge branch 'feature/enable_flash_encryption_for_esp32c61' into 'master'

Browse Source 
feat: enable flash encyption support in esp32c61

Closes IDF-9232

See merge request espressif/esp-idf!31399
This commit is contained in:
Aditya Patwardhan
2024-07-23 18:40:56 +08:00
parent a22a60c6a1 2bf74cf86d
commit e3925f4534
3 changed files with 13 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/bootloader_support/src/flash_encrypt.c
View File

@@ -13,8 +13,6 @@
#include "esp_secure_boot.h" #include "esp_secure_boot.h"
#include "hal/efuse_hal.h" #include "hal/efuse_hal.h"
//TODO:[ESP32C61] IDf-9232
#if CONFIG_IDF_TARGET_ESP32 #if CONFIG_IDF_TARGET_ESP32
#define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT #define CRYPT_CNT ESP_EFUSE_FLASH_CRYPT_CNT
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT #define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_FLASH_CRYPT_CNT

26
components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h
View File

@@ -15,18 +15,16 @@
#include <stdbool.h> #include <stdbool.h>
#include <string.h> #include <string.h>
#include "soc/hp_system_reg.h" #include "soc/hp_system_reg.h"
#include "soc/xts_aes_reg.h" #include "soc/spi_mem_reg.h"
#include "soc/soc.h" #include "soc/soc.h"
#include "soc/soc_caps.h" #include "soc/soc_caps.h"
#include "hal/assert.h" #include "hal/assert.h"
// TODO: [ESP32C61] IDF-9232, inherit from c6
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/// Choose type of chip you want to encrypt manully /// Choose type of chip you want to encrypt manually
typedef enum typedef enum
{ {
FLASH_ENCRYPTION_MANU = 0, ///!< Manually encrypt the flash chip. FLASH_ENCRYPTION_MANU = 0, ///!< Manually encrypt the flash chip.
@@ -53,7 +51,7 @@ static inline void spi_flash_encrypt_ll_disable(void)
} }
/** /**
* Choose type of chip you want to encrypt manully * Choose type of chip you want to encrypt manually
* *
* @param type The type of chip to be encrypted * @param type The type of chip to be encrypted
* *
@@ -63,7 +61,7 @@ static inline void spi_flash_encrypt_ll_type(flash_encrypt_ll_type_t type)
{ {
// Our hardware only support flash encryption // Our hardware only support flash encryption
HAL_ASSERT(type == FLASH_ENCRYPTION_MANU); HAL_ASSERT(type == FLASH_ENCRYPTION_MANU);
REG_SET_FIELD(XTS_AES_DESTINATION_REG(0), XTS_AES_DESTINATION, type); REG_SET_FIELD(SPI_MEM_XTS_DESTINATION_REG(0), SPI_MEM_XTS_DESTINATION, type);
} }
/** /**
@@ -74,7 +72,7 @@ static inline void spi_flash_encrypt_ll_type(flash_encrypt_ll_type_t type)
static inline void spi_flash_encrypt_ll_buffer_length(uint32_t size) static inline void spi_flash_encrypt_ll_buffer_length(uint32_t size)
{ {
// Desired block should not be larger than the block size. // Desired block should not be larger than the block size.
REG_SET_FIELD(XTS_AES_LINESIZE_REG(0), XTS_AES_LINESIZE, size >> 5); REG_SET_FIELD(SPI_MEM_XTS_LINESIZE_REG(0), SPI_MEM_XTS_LINESIZE, size >> 5);
} }
/** /**
@@ -89,7 +87,7 @@ static inline void spi_flash_encrypt_ll_plaintext_save(uint32_t address, const u
{ {
uint32_t plaintext_offs = (address % SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX); uint32_t plaintext_offs = (address % SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX);
HAL_ASSERT(plaintext_offs + size <= SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX); HAL_ASSERT(plaintext_offs + size <= SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX);
memcpy((void *)(XTS_AES_PLAIN_MEM(0) + plaintext_offs), buffer, size); memcpy((void *)(SPI_MEM_XTS_PLAIN_BASE_REG(0) + plaintext_offs), buffer, size);
} }
/** /**
@@ -99,7 +97,7 @@ static inline void spi_flash_encrypt_ll_plaintext_save(uint32_t address, const u
*/ */
static inline void spi_flash_encrypt_ll_address_save(uint32_t flash_addr) static inline void spi_flash_encrypt_ll_address_save(uint32_t flash_addr)
{ {
REG_SET_FIELD(XTS_AES_PHYSICAL_ADDRESS_REG(0), XTS_AES_PHYSICAL_ADDRESS, flash_addr); REG_SET_FIELD(SPI_MEM_XTS_PHYSICAL_ADDRESS_REG(0), SPI_MEM_XTS_PHYSICAL_ADDRESS, flash_addr);
} }
/** /**
@@ -107,7 +105,7 @@ static inline void spi_flash_encrypt_ll_address_save(uint32_t flash_addr)
*/ */
static inline void spi_flash_encrypt_ll_calculate_start(void) static inline void spi_flash_encrypt_ll_calculate_start(void)
{ {
REG_SET_FIELD(XTS_AES_TRIGGER_REG(0), XTS_AES_TRIGGER, 1); REG_SET_FIELD(SPI_MEM_XTS_TRIGGER_REG(0), SPI_MEM_XTS_TRIGGER, 1);
} }
/** /**
@@ -115,7 +113,7 @@ static inline void spi_flash_encrypt_ll_calculate_start(void)
*/ */
static inline void spi_flash_encrypt_ll_calculate_wait_idle(void) static inline void spi_flash_encrypt_ll_calculate_wait_idle(void)
{ {
while(REG_GET_FIELD(XTS_AES_STATE_REG(0), XTS_AES_STATE) == 0x1) { while(REG_GET_FIELD(SPI_MEM_XTS_STATE_REG(0), SPI_MEM_XTS_STATE) == 0x1) {
} }
} }
@@ -124,8 +122,8 @@ static inline void spi_flash_encrypt_ll_calculate_wait_idle(void)
*/ */
static inline void spi_flash_encrypt_ll_done(void) static inline void spi_flash_encrypt_ll_done(void)
{ {
REG_SET_BIT(XTS_AES_RELEASE_REG(0), XTS_AES_RELEASE); REG_SET_BIT(SPI_MEM_XTS_RELEASE_REG(0), SPI_MEM_XTS_RELEASE);
while(REG_GET_FIELD(XTS_AES_STATE_REG(0), XTS_AES_STATE) != 0x3) { while(REG_GET_FIELD(SPI_MEM_XTS_STATE_REG(0), SPI_MEM_XTS_STATE) != 0x3) {
} }
} }
@@ -134,7 +132,7 @@ static inline void spi_flash_encrypt_ll_done(void)
*/ */
static inline void spi_flash_encrypt_ll_destroy(void) static inline void spi_flash_encrypt_ll_destroy(void)
{ {
REG_SET_BIT(XTS_AES_DESTROY_REG(0), XTS_AES_DESTROY); REG_SET_BIT(SPI_MEM_XTS_DESTROY_REG(0), SPI_MEM_XTS_DESTROY);
} }
/** /**

2
components/soc/esp32c61/include/soc/soc_caps.h
View File

@@ -47,7 +47,7 @@
// \#define SOC_DIG_SIGN_SUPPORTED 1 //TODO: [ESP32C61] IDF-9325 // \#define SOC_DIG_SIGN_SUPPORTED 1 //TODO: [ESP32C61] IDF-9325
#define SOC_ECC_SUPPORTED 1 #define SOC_ECC_SUPPORTED 1
#define SOC_ECC_EXTENDED_MODES_SUPPORTED 1 #define SOC_ECC_EXTENDED_MODES_SUPPORTED 1
#define SOC_FLASH_ENC_SUPPORTED 1 //TODO: [ESP32C61] IDF-9232 #define SOC_FLASH_ENC_SUPPORTED 1
// \#define SOC_SECURE_BOOT_SUPPORTED 1 //TODO: [ESP32C61] IDF-9233 // \#define SOC_SECURE_BOOT_SUPPORTED 1 //TODO: [ESP32C61] IDF-9233
// \#define SOC_BOD_SUPPORTED 1 //TODO: [ESP32C61] IDF-9254 // \#define SOC_BOD_SUPPORTED 1 //TODO: [ESP32C61] IDF-9254
// \#define SOC_APM_SUPPORTED 1 //TODO: [ESP32C61] IDF-9230 // \#define SOC_APM_SUPPORTED 1 //TODO: [ESP32C61] IDF-9230