From d2123cf531678d008969bae63dff5948c654d9ff Mon Sep 17 00:00:00 2001 From: Konstantin Kondrashov Date: Mon, 9 Sep 2024 15:25:53 +0300 Subject: [PATCH 1/2] fix(esptool_py): Check the size of the bootloader + signature block --- components/esptool_py/CMakeLists.txt | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/components/esptool_py/CMakeLists.txt b/components/esptool_py/CMakeLists.txt index 37f4de423a..66778dc019 100644 --- a/components/esptool_py/CMakeLists.txt +++ b/components/esptool_py/CMakeLists.txt @@ -66,10 +66,19 @@ consist of two ota app without factory or test partitions.") endif() # NOT BOOTLOADER_BUILD if(BOOTLOADER_BUILD) - # Generate bootloader post-build check of the bootloader size against the offset - partition_table_add_check_bootloader_size_target(bootloader_check_size - DEPENDS gen_project_binary - BOOTLOADER_BINARY_PATH "${build_dir}/${PROJECT_BIN}" - RESULT bootloader_check_size_command) - add_dependencies(app bootloader_check_size) # note: in the subproject, so the target is 'app'... + # Generate bootloader post-build check of the bootloader size against the offset + partition_table_add_check_bootloader_size_target(bootloader_check_size + DEPENDS gen_project_binary + BOOTLOADER_BINARY_PATH "${build_dir}/${PROJECT_BIN}" + RESULT bootloader_check_size_command) + add_dependencies(app bootloader_check_size) # note: in the subproject, so the target is 'app'... + + if(CONFIG_SECURE_BOOT_V2_ENABLED AND CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES) + # Check the size of the bootloader + signature block. + partition_table_add_check_bootloader_size_target(bootloader_check_size_signed + DEPENDS gen_signed_bootloader + BOOTLOADER_BINARY_PATH "${build_dir}/${PROJECT_BIN}" + RESULT bootloader_check_size_signed_command) + add_dependencies(app bootloader_check_size_signed) # note: in the subproject, so the target is 'app'... + endif() endif() From 7b0b80f46ffa72fc8ad7d452f6f6537a4d4265ee Mon Sep 17 00:00:00 2001 From: Konstantin Kondrashov Date: Mon, 9 Sep 2024 15:27:18 +0300 Subject: [PATCH 2/2] fix(examples): Increases partition table offset for SBV2+FE test --- examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 | 2 +- tools/test_apps/security/secure_boot/sdkconfig.defaults | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 index 271310afca..15f82c74ba 100644 --- a/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 +++ b/examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32 @@ -6,7 +6,7 @@ CONFIG_IDF_TARGET="esp32" CONFIG_ESP32_REV_MIN_3=y CONFIG_ESP32_REV_MIN=3 -CONFIG_PARTITION_TABLE_OFFSET=0xD000 +CONFIG_PARTITION_TABLE_OFFSET=0xE000 CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv" diff --git a/tools/test_apps/security/secure_boot/sdkconfig.defaults b/tools/test_apps/security/secure_boot/sdkconfig.defaults index 35e13788d6..960d81f18c 100644 --- a/tools/test_apps/security/secure_boot/sdkconfig.defaults +++ b/tools/test_apps/security/secure_boot/sdkconfig.defaults @@ -3,7 +3,7 @@ # # If you find yourself needing to edit this in the future, it's a sign the # bootloader is bloating out! -CONFIG_PARTITION_TABLE_OFFSET=0xC000 +CONFIG_PARTITION_TABLE_OFFSET=0xD000 # Maximize the number of possible build warnings CONFIG_COMPILER_OPTIMIZATION_PERF=y