Secure Boot v2: Fix the double padding of the image length during flash encryption

Fixes https://github.com/espressif/esp-idf/issues/6236
2024-10-05 20:47:46 -04:00 · 2020-12-18 14:10:28 +05:30 · 2020-12-18 14:10:28 +05:30 · e517b4953f
commit e517b4953f
parent ec4de5bd38
3 changed files with 3 additions and 9 deletions
--- a/components/bootloader_support/src/esp32/flash_encrypt.c
+++ b/components/bootloader_support/src/esp32/flash_encrypt.c
@ -252,9 +252,7 @@ static esp_err_t encrypt_bootloader(void)
        ESP_LOGD(TAG, "bootloader is plaintext. Encrypting...");

 #if CONFIG_SECURE_BOOT_V2_ENABLED
-        // Account for the signature sector after the bootloader
-        image_length = (image_length + FLASH_SECTOR_SIZE - 1) & ~(FLASH_SECTOR_SIZE - 1);
-        image_length += FLASH_SECTOR_SIZE;
+        /* The image length obtained from esp_image_verify_bootloader includes the sector boundary padding and the signature block lengths */
        if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
            ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
            return ESP_ERR_INVALID_STATE;
--- a/components/bootloader_support/src/esp32s2/flash_encrypt.c
+++ b/components/bootloader_support/src/esp32s2/flash_encrypt.c
@ -286,9 +286,7 @@ static esp_err_t encrypt_bootloader(void)
        ESP_LOGD(TAG, "bootloader is plaintext. Encrypting...");

 #if CONFIG_SECURE_BOOT_V2_ENABLED
-        // Account for the signature sector after the bootloader
-        image_length = (image_length + FLASH_SECTOR_SIZE - 1) & ~(FLASH_SECTOR_SIZE - 1);
-        image_length += FLASH_SECTOR_SIZE;
+        /* The image length obtained from esp_image_verify_bootloader includes the sector boundary padding and the signature block lengths */
        if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
            ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
            return ESP_ERR_INVALID_SIZE;
--- a/components/bootloader_support/src/esp32s3/flash_encrypt.c
+++ b/components/bootloader_support/src/esp32s3/flash_encrypt.c
@ -287,9 +287,7 @@ static esp_err_t encrypt_bootloader(void)
        ESP_LOGD(TAG, "bootloader is plaintext. Encrypting...");

 #if CONFIG_SECURE_BOOT_V2_ENABLED
-        // Account for the signature sector after the bootloader
-        image_length = (image_length + FLASH_SECTOR_SIZE - 1) & ~(FLASH_SECTOR_SIZE - 1);
-        image_length += FLASH_SECTOR_SIZE;
+        /* The image length obtained from esp_image_verify_bootloader includes the sector boundary padding and the signature block lengths */
        if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
            ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
            return ESP_ERR_INVALID_SIZE;