esp_secure_boot_permanently_enable() function

Enable secure boot V1 if it is not already enabled. @important If this function succeeds, secure boot V1 is permanently enabled on the chip via efuse. @important This function is intended to be called from bootloader code only. @important In case of Secure Boot V1, this will enable r/w protection of secure boot key on EFUSE, therefore it is to be ensured that esp_secure_boot_generate_digest() is called before this .If secure boot is not yet enabled for bootloader, this will 1) enable R/W protection of secure boot key on EFUSE 2) enable secure boot by blowing the EFUSE_RD_ABS_DONE_0 efuse. This function does not verify secure boot of the bootloader (the ROM bootloader does this.) Will fail if efuses have been part-burned in a way that indicates secure boot should not or could not be correctly enabled.

Syntax

Show:

Summary

Declaration

from esp_secure_boot.h:183

esp_err_t esp_secure_boot_permanently_enable(void);

Return value

ESP_ERR_INVALID_STATE if efuse state doesn't allow secure boot to be enabled cleanly. ESP_OK if secure boot is enabled on this chip from now on.

References

Code

Location

esp_err_t esp_secure_boot_permanently_enable(void);

esp_secure_boot.h:183

esp_secure_boot_permanently_enable() function

Syntax

Return value

Examples

References

Call Tree

Data Use

Class Tree

Override Tree

Implementations

Instances

Lifecycle