Commit Graph

213 Commits

Author SHA1 Message Date
Michael (XIAO Xufeng)
91439e2c70 bootloader: disable XMC startup flow by default to reduce bootloader size 2022-01-20 02:15:38 +08:00
Michael (XIAO Xufeng)
ccab4633de bootloader: add xmc spi_flash startup flow to improve reliability 2021-12-31 02:13:47 +08:00
Michael (XIAO Xufeng)
7a49a131d3 Merge branch 'feature/support_for_esp32_pico_v3_02_v3.3' into 'release/v3.3'
psram: support for esp32-pico-v3-02 (backport v3.3)

See merge request espressif/esp-idf!14156
2021-11-15 06:14:37 +00:00
Marius Vikhammer
5b91a8173e soc: add dummy bytes to ensure instr prefetch always valid
The CPU might prefetch instructions, which means it in some cases
will try to fetch instruction located after the last instruction in
flash.text.

Add dummy bytes to ensure fetching these wont result in an error,
 e.g. MMU exceptions
2021-07-09 14:40:24 +08:00
chenjianqiang
bc60eb65e2 psram: support for esp32-pico-v3-02
1. Support for 16Mbit PSRAM
2. Support for esp32-pico-v3-02
3. Use package identifier to look up SPI flash/PSRAM WP Pin, unless overridden

Closes https://github.com/espressif/esp-idf/issues/7189
2021-06-25 17:54:42 +08:00
Angus Gratton
22487a65ac paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-06-02 16:32:31 +10:00
Sachin Parekh
3c7f439d5b bootloader: Add fault injection resistance to Secure Boot bootloader verification 2021-03-31 17:54:45 +05:30
Angus Gratton
a461605003 efuse: Add ESP32 V3 'disable Download Mode' functionality 2020-12-17 17:44:21 +11:00
Angus Gratton
9d6c3632e8 bootloader: Fix regression burning efuses late in boot process
APB clock get functions not included in iram_loader_seg, meaning
could be overwritten by app depending on app IRAM size and linker
layout.

Regression in dd5190868a

Closes https://github.com/espressif/esp-idf/issues/5456
2020-07-06 16:42:46 +10:00
Angus Gratton
46a7409965 security: Hide Secure Boot & Flash Encryption config items when using CMake
These features are not supported in the CMake build system preview, but previously
had to read the notice in the CMake Getting Started guide to know this.

Related to https://github.com/espressif/esp-idf/issues/4419
2019-12-04 11:00:06 +11:00
KonstantinKondrashov
8849d6acfa bootloader: Factory reset not for deep sleep
Closes: https://github.com/espressif/esp-idf/issues/3800

Closes: IDFGH-1536
2019-09-14 09:52:58 +00:00
Angus Gratton
e8a4e70c42 flash encryption: Add config option to disable any plaintext reflashes
Enabled by default when Secure Boot is on, so Flash Encryption protection
is always available in case of a Secure Boot bypass.
2019-07-30 08:35:30 +00:00
hemal.gujarathi
6cf4e14671 remove secure boot test mode 2019-06-14 14:37:02 +05:30
Renz Christian Bagaporo
8c363321db cmake: fix custom bootloader issue
Issue is that when users creates a custom bootloader from
$IDF_PATH/components/bootloader. Parent project build uses the copy but
bootloader subproject build uses the original still. The issue is solved
by passing the custom bootloader as extra component directory so
bootloader build knows to use the new copy (itself) in the build.
2019-05-27 17:00:23 +08:00
Konstantin Kondrashov
7626145e6d bootloader: Add support efuse component 2019-02-28 07:31:29 +00:00
Konstantin Kondrashov
e916cf52a3 bootloader: Add support of anti-rollback
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.

Closes: TW26335
2019-02-14 18:51:43 +08:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Konstantin Kondrashov
dde1fd9b94 bootloader: Add support flags for rollback app
Added
* Set actual ota_seq if both ota are init or incorrect.
* Description of rollback
* UT tests

Closes TW15459
2018-12-11 11:54:21 +08:00
Renz Christian Bagaporo
37d30c7a6e cmake: separate app from idf lib project
mbedtls: import mbedtls using unmodified cmake file
2018-11-27 13:59:24 +08:00
Renz Christian Bagaporo
3a02a12aa4 cmake: remove unecessary info passed to bootloader build 2018-11-23 16:08:47 +08:00
Anurag Kar
1f6622b2d1 CMake : Secure Boot support added 2018-11-06 17:09:55 +05:30
Ivan Grokhotkov
73d1b5a7a0 bootloader: verify that loaded image does not overlap bootloader code
Fixes CVE-2018-18558
2018-10-26 12:44:10 +08:00
Renz Bagaporo
cc774111bf cmake: Add support for test build 2018-10-20 12:07:24 +08:00
Angus Gratton
f53fef9936 Secure Boot & Flash encryption: Support 3/4 Coding Scheme
Includes esptool update to v2.6-beta1
2018-10-16 16:24:10 +11:00
Ivan Grokhotkov
9240bbb708 esp32: remove ROM functions redefined in IDF from LD script
In some cases, linker could choose to use ROM functions instead of the
ones defined in IDF.
For functions used in ROM stub table, this would lead to infinite
recursion when the corresponding function was called from ROM.
For crypto functions, some of these were modified in IDF, and
incompatible with ROM counterparts.
2018-10-02 01:20:04 +00:00
Angus Gratton
4d99513bdb bootloader: Fix crash enabling flash encryption
Regression in 9c715d7946
2018-09-26 18:26:06 +10:00
Renz Christian Bagaporo
d9939cedd9 cmake: make main a component again 2018-09-11 09:44:12 +08:00
Angus Gratton
b355854d4d Merge branch 'master' into feature/cmake 2018-09-05 10:35:04 +08:00
Ivan Grokhotkov
2469718481 Merge branch 'bugfix/check_python_order_only_prereq' into 'master'
Use check_python_dependencies everywhere as order-only-prerequisite

See merge request idf/esp-idf!3174
2018-09-04 20:31:49 +08:00
Angus Gratton
2ec0fd8fd6 Merge branch 'feature/signature_verify_updates' into 'master'
secure boot: Support signed app verification without hardware secure boot

See merge request idf/esp-idf!2814
2018-09-04 18:56:47 +08:00
Roland Dobai
f755a0371d Use check_python_dependencies everywhere as order-only-prerequisite 2018-09-03 11:42:10 +02:00
Konstantin Kondrashov
9c715d7946 bootloader_support: Fix enable rtc_wdt for resolve issue with varying supply
Eliminates the issue with the lock up in the bootloader due to a power drawdown during its operation.

Closes https://github.com/espressif/esp-idf/issues/1814
2018-09-03 05:43:01 +00:00
Angus Gratton
a9c4ed7139 Merge branch 'master' into feature/cmake 2018-08-30 18:51:01 +08:00
Mahavir Jain
4a987dacca bootloader: keep bootloader_common code to retention region
It is possible to utilize some of the routines related to otadata
partition validation, after firmware image is downloaded to RAM. Hence
these routines should be part of app cpu cache, so that they do not
get overwritten by firmware.

Signed-off-by: Mahavir Jain <mahavir@espressif.com>
2018-08-29 12:04:32 +00:00
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Roland Dobai
74fe7c82ae bootloader: Don't use check_python_dependencies in the bootloader command 2018-08-23 11:41:40 +02:00
Angus Gratton
31ae3fe683 make: Use order-only prereq to check python dependencies 2018-08-23 08:28:57 +02:00
Roland Dobai
62cad3a7d7 Add python-future by using python requirements file 2018-08-23 08:28:57 +02:00
Angus Gratton
ff2404a272 Merge branch 'master' into feature/cmake 2018-08-16 17:14:17 +10:00
Angus Gratton
e75a1129e0 Merge branch 'bugfix/bootloader_noreturn_always' into 'master'
bootloader: Ensure bootloader never returns to caller

See merge request idf/esp-idf!2815
2018-07-23 11:56:14 +08:00
Angus Gratton
f0d74b1c64 bootloader: Ensure bootloader never returns to caller
* Fixes some "noreturn" functions in bootloader utils which did return (causing fatal CPU
  exceptions).
* Marks bootloader entry as "noreturn", preventing "user code done" from stalling boot
  Partial fix for https://github.com/espressif/esp-idf/issues/1814 TW20016
  (Comprehensive fix for this issue will be enabling WDT during bootloader, coming shortly.)
2018-07-19 16:24:11 +10:00
Angus Gratton
57b601ab7f secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-17 15:33:47 +10:00
Angus Gratton
8b5a2ccb8d docs: Update Flash Encryption docs to clarify reflashing options 2018-07-13 16:18:07 +10:00
Angus Gratton
6fd6e024fc bootloader: Fix warning building reflashable Secure Boot image 2018-07-13 15:45:15 +10:00
Angus Gratton
7b9009ca5c bootloader: Fix secure boot & flash encryption functionality
Fixes regression in 3e0ac4db79.
2018-07-13 15:26:18 +10:00
Ivan Grokhotkov
5551b3f616 bootloader: move iram_seg 1k up to have better looking idf_monitor output
When 2nd stage bootloader loads the ROM bootloader, it prints a
message similar to "entry 0x40080xxx", which idf_monitor decodes
(using application ELF file) as one of the reset vectors (xxx is <
400h). This moves the iram_seg of bootloader 1k up to prevent overlap
of bootloader .text and application vectors, making the output look
nicer. There is still a chance that the entry point decodes as some
symbol in application ELF file, but at least it won't have
"Exception" in its name.
2018-07-04 12:33:11 +08:00
Angus Gratton
d0b8f2865f docs: Switch base URL from esp-idf.readthedocs.io to docs.espressif.com 2018-06-19 11:23:33 +00:00
Angus Gratton
bf10447b82 cmake: Fix issues when IDF_PATH is not set in environment
Support cases where IDF_PATH may be passed in on the cmake command line,
or inferred from a (hardcoded absolute or relative) path to project.cmake
2018-06-18 14:48:03 +10:00
Angus Gratton
43b6c76bba Merge branch 'feature/expansion_space_for_bootloader' into 'master'
partition_table: Moving to custom offset

See merge request idf/esp-idf!2263
2018-06-18 12:34:53 +08:00
Ivan Grokhotkov
b2f498f7da build: allow EXCLUDE_COMPONENTS to contain quotes
'dequote' macro can’t be used at this point yet, use subst directly.
Also prevent EXCLUDE_COMPONENTS from being passed to bootloader build.
2018-06-11 23:26:56 +08:00