mirror of
https://github.com/espressif/esp-idf.git
synced 2024-09-20 00:36:01 -04:00
ttfw_idf: Added ESP32-S3 FPGA support
Provision to burn and reset efuses of ESP32S3 on FPGA test_app: Enabled automated test cases for ESP32S3
This commit is contained in:
parent
3f7fed7872
commit
cfcb893289
@ -849,3 +849,40 @@ class ESP32C3FPGADUT(IDFFPGADUT):
|
|||||||
@classmethod
|
@classmethod
|
||||||
def confirm_dut(cls, port, **kwargs):
|
def confirm_dut(cls, port, **kwargs):
|
||||||
return True, cls.TARGET
|
return True, cls.TARGET
|
||||||
|
|
||||||
|
|
||||||
|
class ESP32S3FPGADUT(IDFFPGADUT):
|
||||||
|
TARGET = 'esp32s3'
|
||||||
|
TOOLCHAIN_PREFIX = 'xtensa-esp32s3-elf-'
|
||||||
|
FLASH_ENCRYPT_SCHEME = 'AES-XTS'
|
||||||
|
FLASH_ENCRYPT_CNT_KEY = 'SPI_BOOT_CRYPT_CNT'
|
||||||
|
FLASH_ENCRYPT_CNT_VAL = 1
|
||||||
|
FLASH_ENCRYPT_PURPOSE = 'XTS_AES_128_KEY'
|
||||||
|
SECURE_BOOT_EN_KEY = 'SECURE_BOOT_EN'
|
||||||
|
SECURE_BOOT_EN_VAL = 1
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def get_rom(cls):
|
||||||
|
return esptool.ESP32S3ROM
|
||||||
|
|
||||||
|
def erase_partition(self, esp, partition):
|
||||||
|
raise NotImplementedError()
|
||||||
|
|
||||||
|
def flash_encrypt_burn_cnt(self):
|
||||||
|
self.burn_efuse(self.FLASH_ENCRYPT_CNT_KEY, self.FLASH_ENCRYPT_CNT_VAL)
|
||||||
|
|
||||||
|
def flash_encrypt_burn_key(self, key, block=0):
|
||||||
|
self.burn_efuse_key(key, self.FLASH_ENCRYPT_PURPOSE, 'BLOCK_KEY%d' % block)
|
||||||
|
|
||||||
|
def flash_encrypt_get_scheme(self):
|
||||||
|
return self.FLASH_ENCRYPT_SCHEME
|
||||||
|
|
||||||
|
def secure_boot_burn_en_bit(self):
|
||||||
|
self.burn_efuse(self.SECURE_BOOT_EN_KEY, self.SECURE_BOOT_EN_VAL)
|
||||||
|
|
||||||
|
def secure_boot_burn_digest(self, digest, key_index=0, block=0):
|
||||||
|
self.burn_efuse_key_digest(digest, 'SECURE_BOOT_DIGEST%d' % key_index, 'BLOCK_KEY%d' % block)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def confirm_dut(cls, port, **kwargs):
|
||||||
|
return True, cls.TARGET
|
||||||
|
@ -24,7 +24,7 @@ from tiny_test_fw import TinyFW, Utility
|
|||||||
from .DebugUtils import CustomProcess, GDBBackend, OCDBackend # noqa: export DebugUtils for users
|
from .DebugUtils import CustomProcess, GDBBackend, OCDBackend # noqa: export DebugUtils for users
|
||||||
from .IDFApp import UT, ComponentUTApp, Example, IDFApp, LoadableElfTestApp, TestApp # noqa: export all Apps for users
|
from .IDFApp import UT, ComponentUTApp, Example, IDFApp, LoadableElfTestApp, TestApp # noqa: export all Apps for users
|
||||||
from .IDFDUT import (ESP32C3DUT, ESP32C3FPGADUT, ESP32DUT, ESP32QEMUDUT, ESP32S2DUT, # noqa: export DUTs for users
|
from .IDFDUT import (ESP32C3DUT, ESP32C3FPGADUT, ESP32DUT, ESP32QEMUDUT, ESP32S2DUT, # noqa: export DUTs for users
|
||||||
ESP32S3DUT, ESP8266DUT, IDFDUT)
|
ESP32S3DUT, ESP32S3FPGADUT, ESP8266DUT, IDFDUT)
|
||||||
from .unity_test_parser import TestFormat, TestResults
|
from .unity_test_parser import TestFormat, TestResults
|
||||||
|
|
||||||
# pass TARGET_DUT_CLS_DICT to Env.py to avoid circular dependency issue.
|
# pass TARGET_DUT_CLS_DICT to Env.py to avoid circular dependency issue.
|
||||||
@ -34,6 +34,7 @@ TARGET_DUT_CLS_DICT = {
|
|||||||
'ESP32S3': ESP32S3DUT,
|
'ESP32S3': ESP32S3DUT,
|
||||||
'ESP32C3': ESP32C3DUT,
|
'ESP32C3': ESP32C3DUT,
|
||||||
'ESP32C3FPGA': ESP32C3FPGADUT,
|
'ESP32C3FPGA': ESP32C3FPGADUT,
|
||||||
|
'ESP32S3FPGA': ESP32S3FPGADUT,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
| Supported Targets | ESP32 | ESP32-S2 | ESP32-C3 |
|
| Supported Targets | ESP32 | ESP32-S2 | ESP32-C3 | ESP32-S3 |
|
||||||
| ----------------- | ----- | -------- | -------- |
|
| ----------------- | ----- | -------- | -------- | -------- |
|
||||||
|
|
||||||
# Secure Boot
|
# Secure Boot
|
||||||
|
|
||||||
@ -14,6 +14,7 @@ Any of the following ESP module:
|
|||||||
* ESP32-ECO3 (supports Secure Boot V2 & Secure Boot V1)
|
* ESP32-ECO3 (supports Secure Boot V2 & Secure Boot V1)
|
||||||
* ESP32S2 (supports Secure Boot V2)
|
* ESP32S2 (supports Secure Boot V2)
|
||||||
* ESP32C3-ECO3 (supports Secure Boot V2)
|
* ESP32C3-ECO3 (supports Secure Boot V2)
|
||||||
|
* ESP32S3 (supports Secure Boot V2)
|
||||||
|
|
||||||
It is recommended to use Secure Boot V2 from ESP32-ECO3 onwards.
|
It is recommended to use Secure Boot V2 from ESP32-ECO3 onwards.
|
||||||
|
|
||||||
@ -68,7 +69,7 @@ Purpose of the example test cases (`example_test.py`) is to test the secure boot
|
|||||||
|
|
||||||
### Hardware required
|
### Hardware required
|
||||||
|
|
||||||
* FPGA setup with ESP32C3 image
|
* FPGA setup with ESP32C3/ESP32S3 image
|
||||||
|
|
||||||
* COM port for programming and export it as ESPPORT
|
* COM port for programming and export it as ESPPORT
|
||||||
e.g `export ESPPORT=/dev/ttyUSB0`
|
e.g `export ESPPORT=/dev/ttyUSB0`
|
||||||
@ -81,7 +82,7 @@ Purpose of the example test cases (`example_test.py`) is to test the secure boot
|
|||||||
```
|
```
|
||||||
export IDF_ENV_FPGA=1
|
export IDF_ENV_FPGA=1
|
||||||
|
|
||||||
idf.py set-target esp32c3
|
idf.py set-target esp32c3 #(or esp32s3)
|
||||||
|
|
||||||
idf.py menuconfig
|
idf.py menuconfig
|
||||||
```
|
```
|
||||||
|
@ -75,7 +75,7 @@ def dut_start_secure_app(dut): # type: (ttfw_idf.IDFDUT) -> None
|
|||||||
|
|
||||||
# Test secure boot flow.
|
# Test secure boot flow.
|
||||||
# Correctly signed bootloader + correctly signed app should work
|
# Correctly signed bootloader + correctly signed app should work
|
||||||
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
|
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
|
||||||
def test_examples_security_secure_boot(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
def test_examples_security_secure_boot(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
||||||
efuse_port = os.getenv('EFUSEPORT')
|
efuse_port = os.getenv('EFUSEPORT')
|
||||||
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
||||||
@ -85,7 +85,7 @@ def test_examples_security_secure_boot(env, _): # type: (ttfw_idf.TinyFW.Env,
|
|||||||
|
|
||||||
# Test efuse key index and key block combination.
|
# Test efuse key index and key block combination.
|
||||||
# Any key index can be written to any key block and should work
|
# Any key index can be written to any key block and should work
|
||||||
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
|
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
|
||||||
def test_examples_security_secure_boot_key_combo(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
def test_examples_security_secure_boot_key_combo(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
||||||
efuse_port = os.getenv('EFUSEPORT')
|
efuse_port = os.getenv('EFUSEPORT')
|
||||||
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
||||||
@ -101,7 +101,7 @@ def test_examples_security_secure_boot_key_combo(env, _): # type: (ttfw_idf
|
|||||||
|
|
||||||
# Test secure boot key revoke.
|
# Test secure boot key revoke.
|
||||||
# If a key is revoked, bootloader signed with that key should fail verification
|
# If a key is revoked, bootloader signed with that key should fail verification
|
||||||
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
|
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
|
||||||
def test_examples_security_secure_boot_key_revoke(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
def test_examples_security_secure_boot_key_revoke(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
||||||
efuse_port = os.getenv('EFUSEPORT')
|
efuse_port = os.getenv('EFUSEPORT')
|
||||||
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
||||||
@ -117,7 +117,7 @@ def test_examples_security_secure_boot_key_revoke(env, _): # type: (ttfw_idf
|
|||||||
|
|
||||||
# Test bootloader signature corruption.
|
# Test bootloader signature corruption.
|
||||||
# Corrupt one byte at a time of bootloader signature and test that the verification fails
|
# Corrupt one byte at a time of bootloader signature and test that the verification fails
|
||||||
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
|
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
|
||||||
def test_examples_security_secure_boot_corrupt_bl_sig(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
def test_examples_security_secure_boot_corrupt_bl_sig(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
||||||
efuse_port = os.getenv('EFUSEPORT')
|
efuse_port = os.getenv('EFUSEPORT')
|
||||||
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
||||||
@ -140,7 +140,7 @@ def test_examples_security_secure_boot_corrupt_bl_sig(env, _): # type: (ttfw
|
|||||||
|
|
||||||
# Test app signature corruption.
|
# Test app signature corruption.
|
||||||
# Corrupt app signature, one byte at a time, and test that the verification fails
|
# Corrupt app signature, one byte at a time, and test that the verification fails
|
||||||
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
|
@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
|
||||||
def test_examples_security_secure_boot_corrupt_app_sig(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
def test_examples_security_secure_boot_corrupt_app_sig(env, _): # type: (ttfw_idf.TinyFW.Env, None) -> None
|
||||||
efuse_port = os.getenv('EFUSEPORT')
|
efuse_port = os.getenv('EFUSEPORT')
|
||||||
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
|
||||||
|
Loading…
Reference in New Issue
Block a user