From 7c5f729b6990a2a68fa0d8aaa1fb2c880bf99bc9 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Mon, 17 Nov 2025 12:20:44 +0100 Subject: [PATCH] Add is_secure_boot_enable and is_secure_lock_enabled to PHY. Signed-off-by: Pol Henarejos --- src/fs/otp.c | 39 +++++++++++++++++++++++++++++++++++++++ src/fs/otp.h | 3 +++ src/fs/phy.c | 16 +++++++++++++++- src/fs/phy.h | 2 ++ 4 files changed, 59 insertions(+), 1 deletion(-) diff --git a/src/fs/otp.c b/src/fs/otp.c index b0b732a..2942ea2 100644 --- a/src/fs/otp.c +++ b/src/fs/otp.c @@ -125,6 +125,45 @@ typedef esp_err_t otp_ret_t; #define SECURE_BOOT_BOOTKEY_INDEX 0 #endif +bool otp_is_secure_boot_enabled() { +#ifdef PICO_RP2350 + alignas(2) uint8_t BOOTKEY[] = "\xe1\xd1\x6b\xa7\x64\xab\xd7\x12\xd4\xef\x6e\x3e\xdd\x74\x4e\xd5\x63\x8c\x26\xb\x77\x1c\xf9\x81\x51\x11\xb\xaf\xac\x9b\xc8\x71"; + const uint8_t *bootkey = otp_buffer(OTP_DATA_BOOTKEY0_0_ROW + 0x10*bootkey); + if (memcmp(bootkey, BOOTKEY, sizeof(BOOTKEY)) != 0) { + return false; + } + const uint8_t *boot_flags1 = otp_buffer(OTP_DATA_BOOT_FLAGS1_ROW); + if ((boot_flags1[0] & (1 << (SECURE_BOOT_BOOTKEY_INDEX + OTP_DATA_BOOT_FLAGS1_KEY_VALID_LSB))) == 0) { + return false; + } + const uint8_t *crit1 = otp_buffer(OTP_DATA_CRIT1_ROW); + if ((crit1[0] & (1 << OTP_DATA_CRIT1_SECURE_BOOT_ENABLE_LSB)) == 0) { + return false; + } +#elif defined(ESP_PLATFORM) + // TODO: Implement secure boot check for ESP32-S3 +#endif + return true; +} + +bool otp_is_secure_boot_locked() { +#ifdef PICO_RP2350 + const uint8_t *boot_flags1 = otp_buffer_raw(OTP_DATA_BOOT_FLAGS1_ROW); + if ((boot_flags1[1] & ((OTP_DATA_BOOT_FLAGS1_KEY_INVALID_BITS >> OTP_DATA_BOOT_FLAGS1_KEY_INVALID_LSB) & (~(1 << SECURE_BOOT_BOOTKEY_INDEX)))) == 0) { + return false; + } + const uint8_t *crit1 = otp_buffer_raw(OTP_DATA_CRIT1_ROW); + if ((crit1[0] & (1 << OTP_DATA_CRIT1_DEBUG_DISABLE_LSB)) == 0 + || (crit1[0] & (1 << OTP_DATA_CRIT1_GLITCH_DETECTOR_ENABLE_LSB)) == 0 + || ((crit1[0] & (3 << OTP_DATA_CRIT1_GLITCH_DETECTOR_SENS_LSB)) != (3 << OTP_DATA_CRIT1_GLITCH_DETECTOR_SENS_LSB))) { + return false; + } +#elif defined(ESP_PLATFORM) + // TODO: Implement secure boot lock check for ESP32-S3 +#endif + return true; +} + int otp_enable_secure_boot(uint8_t bootkey, bool secure_lock) { int ret = 0; #ifdef PICO_RP2350 diff --git a/src/fs/otp.h b/src/fs/otp.h index 3847b07..a67f265 100644 --- a/src/fs/otp.h +++ b/src/fs/otp.h @@ -50,4 +50,7 @@ extern void init_otp_files(); extern const uint8_t *otp_key_1; extern const uint8_t *otp_key_2; +extern bool otp_is_secure_boot_enabled(); +extern bool otp_is_secure_boot_locked(); + #endif // _OTP_H_ diff --git a/src/fs/phy.c b/src/fs/phy.c index 3753c60..7913aa2 100644 --- a/src/fs/phy.c +++ b/src/fs/phy.c @@ -17,6 +17,7 @@ #include "pico_keys.h" #include "file.h" +#include "otp.h" #ifndef ENABLE_EMULATION @@ -47,7 +48,14 @@ int phy_serialize_data(const phy_data_t *phy, uint8_t *data, uint16_t *len) { } *p++ = PHY_OPTS; *p++ = 2; - p += put_uint16_t_be(phy->opts, p); + uint16_t opts = phy->opts; + if (otp_is_secure_boot_enabled()) { + opts |= PHY_OPT_SECBOOT; + } + if (otp_is_secure_boot_locked()) { + opts |= PHY_OPT_SECLOCK; + } + p += put_uint16_t_be(opts, p); if (phy->up_btn_present) { *p++ = PHY_UP_BTN; *p++ = 1; @@ -115,6 +123,12 @@ int phy_unserialize_data(const uint8_t *data, uint16_t len, phy_data_t *phy) { case PHY_OPTS: if (tlen == 2) { phy->opts = get_uint16_t_be(p); + if (otp_is_secure_boot_enabled()) { + phy->opts |= PHY_OPT_SECBOOT; + } + if (otp_is_secure_boot_locked()) { + phy->opts |= PHY_OPT_SECLOCK; + } p += 2; } break; diff --git a/src/fs/phy.h b/src/fs/phy.h index e8b1b9c..e918085 100644 --- a/src/fs/phy.h +++ b/src/fs/phy.h @@ -34,6 +34,8 @@ #define PHY_OPT_DIMM 0x2 #define PHY_OPT_DISABLE_POWER_RESET 0x4 #define PHY_OPT_LED_STEADY 0x8 +#define PHY_OPT_SECBOOT 0x10 +#define PHY_OPT_SECLOCK 0x20 #define PHY_CURVE_SECP256R1 0x1 #define PHY_CURVE_SECP384R1 0x2