forked from espressif/esp-idf
43575c2f85
Previously security eFuses were only burnt if the flash was not encrypted yet. To enhance robustness of the security eFuse settings their correct setup should be verified on each bootup. Else it would be possible for an already encrypted ESP to be reflashed with firmware containing updated, more restrictive eFuse settings without them ever being applied. Additionally this change enables easy, secure use of ESPs with host sidee flash preencryption. Flash preencryption by the host computer performing the programming procedure can speed up the programming process by a great deal since the flash no longer needs to be read, erased and written again by the bootloader self-encryption routines. Additionally it avoids bricking of ESPs through interruption of the self-ecnryption procedure. Without this change the host would have to set up all fuses in the ESP correctly by itself, duplicating the fuse configuration code already present in the bootloader and creating additional maintenance burden for the host software if anything about the fuse setup logic changes. This commit changes the security eFuse configuration logic to always burn any configured security eFuses on bootup, regardless of current flash encryption status.
Bootloader Support Component ============================ Overview -------- "Bootloader support" contains APIs which are used by the bootloader but are also needed for the main app. Code in this component needs to be aware of being executed in a bootloader environment (no RTOS available, BOOTLOADER_BUILD macro set) or in an esp-idf app environment (RTOS running, need locking support.)