alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-10 06:31:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

soc: add capability macros for security features

Browse Source 
- Security features covers "secure boot", "flash encryption" etc.
- ECO revision specific modifications still need to be handled
through kconfig itself, as soc_caps.h is processed before ECO revision
selection
- This will simplify addition of security features for newer chips by
using these SOC capability macros
This commit is contained in:
Mahavir Jain
2022-03-31 17:43:50 +05:30
committed by BOT
parent 813fa1e4ae
commit 74005ed2f5
12 changed files with 241 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
components/soc/esp32s2/include/soc/Kconfig.soc_caps.in
View File

@@ -59,14 +59,6 @@ config SOC_ASYNC_MEMCPY_SUPPORTED
bool
default y
config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
int
default 3
config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default y
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default y
@@ -79,14 +71,6 @@ config SOC_CACHE_SUPPORT_WRAP
bool
default y
config SOC_FLASH_ENCRYPTION_XTS_AES
bool
default y
config SOC_FLASH_ENCRYPTION_XTS_AES_256
bool
default y
config SOC_RTC_FAST_MEM_SUPPORTED
bool
default y
@@ -103,10 +87,6 @@ config SOC_XT_WDT_SUPPORTED
bool
default y
config SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
bool
default y
config SOC_I2S_SUPPORTED
bool
default y
@@ -143,6 +123,14 @@ config SOC_DIG_SIGN_SUPPORTED
bool
default y
config SOC_FLASH_ENC_SUPPORTED
bool
default y
config SOC_SECURE_BOOT_SUPPORTED
bool
default y
config SOC_ADC_RTC_CTRL_SUPPORTED
bool
default y
@@ -707,10 +695,38 @@ config SOC_AES_SUPPORT_GCM
bool
default y
config SOC_SECURE_BOOT_V2_RSA
bool
default y
config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
int
default 3
config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default y
config SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
bool
default y
config SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX
int
default 64
config SOC_FLASH_ENCRYPTION_XTS_AES
bool
default y
config SOC_FLASH_ENCRYPTION_XTS_AES_128
bool
default y
config SOC_FLASH_ENCRYPTION_XTS_AES_256
bool
default y
config SOC_AES_CRYPTO_DMA
bool
default y

16
components/soc/esp32s2/include/soc/soc_caps.h
View File

@@ -53,18 +53,13 @@
#define SOC_ULP_SUPPORTED 1
#define SOC_CCOMP_TIMER_SUPPORTED 1
#define SOC_ASYNC_MEMCPY_SUPPORTED 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_KEY_PURPOSE_FIELD 1
#define SOC_TEMP_SENSOR_SUPPORTED 1
#define SOC_CACHE_SUPPORT_WRAP 1
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
#define SOC_FLASH_ENCRYPTION_XTS_AES_256 1
#define SOC_RTC_FAST_MEM_SUPPORTED 1
#define SOC_RTC_SLOW_MEM_SUPPORTED 1
#define SOC_PSRAM_DMA_CAPABLE 1
#define SOC_XT_WDT_SUPPORTED 1
#define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY 1
#define SOC_I2S_SUPPORTED 1
#define SOC_RMT_SUPPORTED 1
#define SOC_SIGMADELTA_SUPPORTED 1
@@ -74,6 +69,8 @@
#define SOC_SHA_SUPPORTED 1
#define SOC_HMAC_SUPPORTED 1
#define SOC_DIG_SIGN_SUPPORTED 1
#define SOC_FLASH_ENC_SUPPORTED 1
#define SOC_SECURE_BOOT_SUPPORTED 1
/*-------------------------- ADC CAPS ----------------------------------------*/
@@ -332,8 +329,17 @@
#define SOC_AES_SUPPORT_DMA (1)
#define SOC_AES_SUPPORT_GCM (1)
/*-------------------------- Secure Boot CAPS----------------------------*/
#define SOC_SECURE_BOOT_V2_RSA 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY 1
/*-------------------------- Flash Encryption CAPS----------------------------*/
#define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (64)
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
#define SOC_FLASH_ENCRYPTION_XTS_AES_128 1
#define SOC_FLASH_ENCRYPTION_XTS_AES_256 1
/* Has "crypto DMA", which is shared with SHA */
#define SOC_AES_CRYPTO_DMA (1)