Merge branch 'bugfix/esp32c5_flash_enc_issue' into 'master'

fix(bootloader): self encryption workflow in bootloader not working on C5

Closes IDF-11229

See merge request espressif/esp-idf!33621

Author: mahavirj

components/bootloader_support/include/esp_flash_encrypt.h

@@ -180,9 +180,17 @@ void esp_flash_encryption_init_checks(void);
 /** @brief Set all secure eFuse features related to flash encryption
  *
  * @return
- *  - ESP_OK - Successfully
+ *  - ESP_OK - On success
  */
 esp_err_t esp_flash_encryption_enable_secure_features(void);
+
+/** @brief Enable the key manager for flash encryption
+ *
+ * @return
+ *  - ESP_OK - On success
+ */
+esp_err_t esp_flash_encryption_enable_key_mgr(void);
+
 #endif /* BOOTLOADER_BUILD && CONFIG_SECURE_FLASH_ENC_ENABLED */
 
 /** @brief Returns the verification status for all physical security features of flash encryption in release mode

components/bootloader_support/src/esp32c5/flash_encryption_secure_features.c

@@ -11,6 +11,9 @@
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 #include "sdkconfig.h"
+#include "soc/keymng_reg.h"
+#include "soc/pcr_reg.h"
+#include "soc/pcr_struct.h"
 
 static __attribute__((unused)) const char *TAG = "flash_encrypt";
 
@@ -58,3 +61,31 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
 
     return ESP_OK;
 }
+
+// TODO: Update to use LL APIs once key manager support added in IDF-8621
+esp_err_t esp_flash_encryption_enable_key_mgr(void)
+{
+    // Set the force power down bit to 0 to enable key manager
+    PCR.km_pd_ctrl.km_mem_force_pd = 0;
+    // Reset the key manager
+    PCR.km_conf.km_clk_en = 1;
+    PCR.km_conf.km_rst_en = 1;
+    PCR.km_conf.km_rst_en = 0;
+
+    // Wait for key manager to be ready
+    while (!PCR.km_conf.km_ready) {
+    };
+
+    // Wait for key manager state machine to be idle
+    while (REG_READ(KEYMNG_STATE_REG) != 0) {
+    };
+
+    // Set the key manager to use efuse key
+    REG_SET_FIELD(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY, 2);
+
+    // Reset MSPI to re-load the flash encryption key
+    REG_SET_BIT(PCR_MSPI_CLK_CONF_REG, PCR_MSPI_AXI_RST_EN);
+    REG_CLR_BIT(PCR_MSPI_CLK_CONF_REG, PCR_MSPI_AXI_RST_EN);
+
+    return ESP_OK;
+}

components/bootloader_support/src/esp32p4/flash_encryption_secure_features.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -11,6 +11,8 @@
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 #include "sdkconfig.h"
+#include "hal/key_mgr_ll.h"
+#include "hal/mspi_timing_tuning_ll.h"
 
 static __attribute__((unused)) const char *TAG = "flash_encrypt";
 
@@ -48,3 +50,22 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
 
     return ESP_OK;
 }
+
+esp_err_t esp_flash_encryption_enable_key_mgr(void)
+{
+    // Enable and reset key manager
+    // To suppress build errors about spinlock's __DECLARE_RCC_ATOMIC_ENV
+    int __DECLARE_RCC_ATOMIC_ENV __attribute__ ((unused));
+    key_mgr_ll_enable_bus_clock(true);
+    key_mgr_ll_enable_peripheral_clock(true);
+    key_mgr_ll_reset_register();
+
+    while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
+    };
+
+    // Force Key Manager to use eFuse key for XTS-AES operation
+    key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+    _mspi_timing_ll_reset_mspi();
+
+    return ESP_OK;
+}

components/bootloader_support/src/flash_encryption/flash_encrypt.c

@@ -15,17 +15,7 @@
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 #include "hal/wdt_hal.h"
-
-// Need to remove check and merge accordingly for ESP32C5 once key manager support added in IDF-8621
-#if SOC_KEY_MANAGER_FE_KEY_DEPLOY || CONFIG_IDF_TARGET_ESP32C5
-#if CONFIG_IDF_TARGET_ESP32C5
-#include "soc/keymng_reg.h"
-#include "soc/pcr_reg.h"
-#else /* CONFIG_IDF_TARGET_ESP32C5 */
-#include "hal/key_mgr_ll.h"
-#include "hal/mspi_timing_tuning_ll.h"
-#endif /* !CONFIG_IDF_TARGET_ESP32C5 */
-#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
+#include "sdkconfig.h"
 
 #ifdef CONFIG_SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
 #include "soc/sensitive_reg.h"
@@ -221,26 +211,6 @@ static esp_err_t check_and_generate_encryption_keys(void)
         }
         ESP_LOGI(TAG, "Using pre-loaded flash encryption key in efuse");
     }
-// Need to remove check for ESP32C5 and merge accordingly once key manager support added in IDF-8621
-#if SOC_KEY_MANAGER_FE_KEY_DEPLOY || CONFIG_IDF_TARGET_ESP32C5
-#if CONFIG_IDF_TARGET_ESP32C5
-    REG_SET_FIELD(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY, 2);
-    REG_SET_BIT(PCR_MSPI_CLK_CONF_REG, PCR_MSPI_AXI_RST_EN);
-    REG_CLR_BIT(PCR_MSPI_CLK_CONF_REG, PCR_MSPI_AXI_RST_EN);
-#else /* CONFIG_IDF_TARGET_ESP32C5 */
-    // Enable and reset key manager
-    // To suppress build errors about spinlock's __DECLARE_RCC_ATOMIC_ENV
-    int __DECLARE_RCC_ATOMIC_ENV __attribute__ ((unused));
-    key_mgr_ll_enable_bus_clock(true);
-    key_mgr_ll_enable_peripheral_clock(true);
-    key_mgr_ll_reset_register();
-    while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
-    };
-    // Force Key Manager to use eFuse key for XTS-AES operation
-    key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
-    _mspi_timing_ll_reset_mspi();
-#endif /* !CONFIG_IDF_TARGET_ESP32C5 */
-#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
 
     return ESP_OK;
 }
@@ -288,6 +258,11 @@ esp_err_t esp_flash_encrypt_contents(void)
     REG_WRITE(SENSITIVE_XTS_AES_KEY_UPDATE_REG, 1);
 #endif
 
+// TODO: Remove C5 target config after key manager LL support- see IDF-8621
+#if CONFIG_SOC_KEY_MANAGER_FE_KEY_DEPLOY || CONFIG_IDF_TARGET_ESP32C5
+    esp_flash_encryption_enable_key_mgr();
+#endif
+
     err = encrypt_bootloader();
     if (err != ESP_OK) {
         return err;

components/esp_security/src/init.c

@@ -6,17 +6,44 @@
 
 #include "esp_private/startup_internal.h"
 #include "sdkconfig.h"
+#include "soc/soc_caps.h"
 #include "esp_crypto_clk.h"
 #include "esp_efuse.h"
 #include "esp_efuse_table.h"
 #include "esp_security_priv.h"
 #include "esp_err.h"
+#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY
+#include "hal/key_mgr_ll.h"
+#endif
 
 __attribute__((unused)) static const char *TAG = "esp_security";
 
+static void esp_key_mgr_init(void)
+{
+    // The following operation makes the Key Manager to use eFuse key for ECDSA and XTS-AES operation by default
+    // This is to keep the default behavior same as the other chips
+    // If the Key Manager configuration is already locked then following operation does not have any effect
+#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY
+    // Enable key manager clock
+    // Using ll APIs which do not require critical section
+    _key_mgr_ll_enable_bus_clock(true);
+    _key_mgr_ll_enable_peripheral_clock(true);
+
+    while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
+    };
+#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
+    key_mgr_ll_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+#endif
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY
+    key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+#endif
+#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY */
+}
+
 ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103)
 {
     esp_crypto_clk_init();
+    esp_key_mgr_init();
 #if CONFIG_ESP_CRYPTO_DPA_PROTECTION_AT_STARTUP
     esp_crypto_dpa_protection_startup();
 #endif

components/esp_system/port/cpu_start.c

@@ -71,10 +71,6 @@
 #include "soc/hp_sys_clkrst_reg.h"
 #endif
 
-#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY
-#include "hal/key_mgr_ll.h"
-#endif
-
 #include "esp_private/rtc_clk.h"
 
 #if SOC_INT_CLIC_SUPPORTED
@@ -319,22 +315,6 @@ static void start_other_core(void)
     }
 #endif
 
-    // The following operation makes the Key Manager to use eFuse key for ECDSA and XTS-AES operation by default
-    // This is to keep the default behavior same as the other chips
-    // If the Key Manager configuration is already locked then following operation does not have any effect
-#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY
-    // Enable key manager clock
-    // Using ll APIs which do not require critical section
-    _key_mgr_ll_enable_bus_clock(true);
-    _key_mgr_ll_enable_peripheral_clock(true);
-#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
-    key_mgr_ll_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
-#endif
-#if SOC_KEY_MANAGER_FE_KEY_DEPLOY
-    key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
-#endif
-#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY || SOC_KEY_MANAGER_FE_KEY_DEPLOY */
-
     ets_set_appcpu_boot_addr((uint32_t)call_start_cpu1);
 
     bool cpus_up = false;