From d2dd264c640ef0ecc24542825ab96feb6032b33c Mon Sep 17 00:00:00 2001 From: Erhan Kurubas Date: Mon, 6 May 2024 15:39:02 +0200 Subject: [PATCH] fix(coredump): don't allow mapping of non-encrypted coredump partition --- components/espcoredump/src/core_dump_elf.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/components/espcoredump/src/core_dump_elf.c b/components/espcoredump/src/core_dump_elf.c index 3dca34af1e..4654a24001 100644 --- a/components/espcoredump/src/core_dump_elf.c +++ b/components/espcoredump/src/core_dump_elf.c @@ -774,6 +774,14 @@ static esp_err_t elf_core_dump_image_mmap(esp_partition_mmap_handle_t* core_data return err; } + /* Data read from the mmapped core dump partition will be garbage if flash + * encryption is enabled in hardware and core dump partition is not encrypted + */ + if (esp_flash_encryption_enabled() && !core_part->encrypted) { + ESP_COREDUMP_LOGE("Flash encryption enabled in hardware and core dump partition is not encrypted!"); + return ESP_ERR_NOT_SUPPORTED; + } + /* map the full core dump partition, including the checksum. */ return esp_partition_mmap(core_part, 0, out_size, ESP_PARTITION_MMAP_DATA, map_addr, core_data_handle);