Blame - boot/espressif/main.c - mirror/mcuboot

blob: bd1d04d02b2c71e84a17188eec2b18318c872d58 [file] [log] [blame]

Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	1	/*
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	2	* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: Apache-2.0
				5	*/
				6
				7	#include <bootutil/bootutil.h>
Gustavo Henrique Nihei	d985d22	2021-11-12 14:21:12 -0300	[diff] [blame]	8	#include <bootutil/bootutil_log.h>
				9	#include <bootutil/fault_injection_hardening.h>
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	10	#include <bootutil/image.h>
				11
Gustavo Henrique Nihei	d985d22	2021-11-12 14:21:12 -0300	[diff] [blame]	12	#include "bootloader_init.h"
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	13
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	14	#if defined(CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH) \|\| defined(CONFIG_SECURE_BOOT)
				15	#include "esp_efuse.h"
				16	#endif
				17	#ifdef CONFIG_SECURE_BOOT
				18	#include "esp_secure_boot.h"
				19	#endif
				20
Gustavo Henrique Nihei	d985d22	2021-11-12 14:21:12 -0300	[diff] [blame]	21	#include "esp_loader.h"
				22	#include "os/os_malloc.h"
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	23
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	24	#ifdef CONFIG_SECURE_BOOT
				25	extern esp_err_t check_and_generate_secure_boot_keys(void);
				26	#endif
				27
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	28	void do_boot(struct boot_rsp *rsp)
				29	{
Gustavo Henrique Nihei	d985d22	2021-11-12 14:21:12 -0300	[diff] [blame]	30	BOOT_LOG_INF("br_image_off = 0x%x", rsp->br_image_off);
				31	BOOT_LOG_INF("ih_hdr_size = 0x%x", rsp->br_hdr->ih_hdr_size);
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	32	int slot = (rsp->br_image_off == CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS) ? 0 : 1;
				33	esp_app_image_load(slot, rsp->br_hdr->ih_hdr_size);
				34	}
Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	35
				36	int main()
				37	{
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	38	bootloader_init();
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	39
				40	#ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
				41	BOOT_LOG_WRN("eFuse virtual mode is enabled. If Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY!");
				42	esp_efuse_init_virtual_mode_in_flash(CONFIG_EFUSE_VIRTUAL_OFFSET, CONFIG_EFUSE_VIRTUAL_SIZE);
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	43	#endif
Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	44
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	45	#ifdef CONFIG_SECURE_BOOT
				46	BOOT_LOG_INF("enabling secure boot v2...");
				47
				48	bool sb_hw_enabled = esp_secure_boot_enabled();
				49
				50	if (sb_hw_enabled) {
				51	BOOT_LOG_INF("secure boot v2 is already enabled, continuing..");
				52	} else {
				53	esp_efuse_batch_write_begin(); /* Batch all efuse writes at the end of this function */
				54
				55	esp_err_t err;
				56	err = check_and_generate_secure_boot_keys();
				57	if (err != ESP_OK) {
				58	esp_efuse_batch_write_cancel();
				59	FIH_PANIC;
				60	}
				61	}
				62	#endif
				63
				64	BOOT_LOG_INF("* Booting MCUboot build %s *", MCUBOOT_VER);
				65
Almir Okato	eb6b7bf	2021-09-07 17:06:35 -0300	[diff] [blame]	66	os_heap_init();
				67
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	68	struct boot_rsp rsp;
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	69	fih_int fih_rc = FIH_FAILURE;
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	70
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	71	FIH_CALL(boot_go, fih_rc, &rsp);
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	72
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	73	if (fih_not_eq(fih_rc, FIH_SUCCESS)) {
Gustavo Henrique Nihei	d985d22	2021-11-12 14:21:12 -0300	[diff] [blame]	74	BOOT_LOG_ERR("Unable to find bootable image");
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	75	#ifdef CONFIG_SECURE_BOOT
				76	esp_efuse_batch_write_cancel();
				77	#endif
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	78	FIH_PANIC;
Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	79	}
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	80
				81	#ifdef CONFIG_SECURE_BOOT
				82	if (!sb_hw_enabled) {
				83	BOOT_LOG_INF("blowing secure boot efuse...");
				84	esp_err_t err;
				85	err = esp_secure_boot_enable_secure_features();
				86	if (err != ESP_OK) {
				87	esp_efuse_batch_write_cancel();
				88	FIH_PANIC;
				89	}
				90
				91	err = esp_efuse_batch_write_commit();
				92	if (err != ESP_OK) {
				93	BOOT_LOG_ERR("Error programming security eFuses (err=0x%x).", err);
				94	FIH_PANIC;
				95	}
				96
				97	#ifdef CONFIG_SECURE_BOOT_ENABLE_AGGRESSIVE_KEY_REVOKE
				98	assert(esp_efuse_read_field_bit(ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE));
				99	#endif
				100
				101	assert(esp_secure_boot_enabled());
				102	BOOT_LOG_INF("Secure boot permanently enabled");
				103	}
				104	#endif
				105
Shubham Kulkarni	8787bb0	2021-07-20 11:46:03 +0530	[diff] [blame]	106	do_boot(&rsp);
Gustavo Henrique Nihei	523ef3f	2021-11-12 17:53:18 -0300	[diff] [blame]	107
Shubham Kulkarni	052561d	2021-07-20 11:42:44 +0530	[diff] [blame]	108	while(1);
				109	}