secure boot v2: esp32: Prevent read disabling additional efuses

Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.

components/bootloader_support/src/esp32/flash_encrypt.c

@@ -73,6 +73,10 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
 
 static esp_err_t initialise_flash_encryption(void)
 {
+    uint32_t new_wdata0 = 0;
+    uint32_t new_wdata5 = 0;
+    uint32_t new_wdata6 = 0;
+
     uint32_t coding_scheme = REG_GET_FIELD(EFUSE_BLK0_RDATA6_REG, EFUSE_CODING_SCHEME);
     if (coding_scheme != EFUSE_CODING_SCHEME_VAL_NONE && coding_scheme != EFUSE_CODING_SCHEME_VAL_34) {
         ESP_LOGE(TAG, "Unknown/unsupported CODING_SCHEME value 0x%x", coding_scheme);
@@ -97,11 +101,10 @@ static esp_err_t initialise_flash_encryption(void)
         && REG_READ(EFUSE_BLK1_RDATA7_REG) == 0) {
         ESP_LOGI(TAG, "Generating new flash encryption key...");
         esp_efuse_write_random_key(EFUSE_BLK1_WDATA0_REG);
-        esp_efuse_burn_new_values();
+        // defer efuse programming step to the end
 
         ESP_LOGI(TAG, "Read & write protecting new key...");
-        REG_WRITE(EFUSE_BLK0_WDATA0_REG, EFUSE_WR_DIS_BLK1 | EFUSE_RD_DIS_BLK1);
-        esp_efuse_burn_new_values();
+        new_wdata0 |= EFUSE_WR_DIS_BLK1 | EFUSE_RD_DIS_BLK1;
     } else {
 
         if(!(efuse_key_read_protected && efuse_key_write_protected)) {
@@ -122,34 +125,36 @@ static esp_err_t initialise_flash_encryption(void)
        operation does nothing. Please note this is not recommended!
     */
     ESP_LOGI(TAG, "Setting CRYPT_CONFIG efuse to 0xF");
-    REG_WRITE(EFUSE_BLK0_WDATA5_REG, EFUSE_FLASH_CRYPT_CONFIG_M);
-    esp_efuse_burn_new_values();
+    new_wdata5 |= EFUSE_FLASH_CRYPT_CONFIG_M;
 
-    uint32_t new_wdata6 = 0;
 #ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
     ESP_LOGI(TAG, "Disable UART bootloader encryption...");
     new_wdata6 |= EFUSE_DISABLE_DL_ENCRYPT;
 #else
     ESP_LOGW(TAG, "Not disabling UART bootloader encryption");
 #endif
+
 #ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC
     ESP_LOGI(TAG, "Disable UART bootloader decryption...");
     new_wdata6 |= EFUSE_DISABLE_DL_DECRYPT;
 #else
     ESP_LOGW(TAG, "Not disabling UART bootloader decryption - SECURITY COMPROMISED");
 #endif
+
 #ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE
     ESP_LOGI(TAG, "Disable UART bootloader MMU cache...");
     new_wdata6 |= EFUSE_DISABLE_DL_CACHE;
 #else
     ESP_LOGW(TAG, "Not disabling UART bootloader MMU cache - SECURITY COMPROMISED");
 #endif
+
 #ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
     ESP_LOGI(TAG, "Disable JTAG...");
     new_wdata6 |= EFUSE_RD_DISABLE_JTAG;
 #else
     ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
 #endif
+
 #ifndef CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC
     ESP_LOGI(TAG, "Disable ROM BASIC interpreter fallback...");
     new_wdata6 |= EFUSE_RD_CONSOLE_DEBUG_DISABLE;
@@ -157,10 +162,16 @@ static esp_err_t initialise_flash_encryption(void)
     ESP_LOGW(TAG, "Not disabling ROM BASIC fallback - SECURITY COMPROMISED");
 #endif
 
-    if (new_wdata6 != 0) {
-        REG_WRITE(EFUSE_BLK0_WDATA6_REG, new_wdata6);
-        esp_efuse_burn_new_values();
-    }
+#if defined(CONFIG_SECURE_BOOT_V2_ENABLED) && !defined(CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS)
+    // This bit is set when enabling Secure Boot V2, but we can't enable it until this later point in the first boot
+    // otherwise the Flash Encryption key cannot be read protected
+    new_wdata0 |= EFUSE_WR_DIS_RD_DIS;
+#endif
+
+    REG_WRITE(EFUSE_BLK0_WDATA0_REG, new_wdata0);
+    REG_WRITE(EFUSE_BLK0_WDATA5_REG, new_wdata5);
+    REG_WRITE(EFUSE_BLK0_WDATA6_REG, new_wdata6);
+    esp_efuse_burn_new_values();
 
     return ESP_OK;
 }