For the following configuration case:
- CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
- CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
- CONFIG_SECURE_BOOT_ALLOW_SHORT_APP_PARTITION
verification of the application was failing because the externally
padded bytes were not considered in the hash (checksum) process.
This commit fixes the problem by enabling relevant code for secure OTA
without secure boot case.
Closes https://github.com/espressif/esp-idf/issues/11995
The commit fixes the case:
If variables in RTC RAM have been moved around by the linker,
they will be filled with garbage data. Any reset other than OTA would work fine
because the variables would still be initialized from the initial bootup.
So now system time will be valid even after OTA.
Closes https://github.com/espressif/esp-idf/issues/9448
ADDITIONAL_MAKE_CLEAN_FILES is deprecated and only worked with make.
Replaced with the new ADDITIONAL_CLEAN_FILES (CMake 3.15) which also works with ninja.
esp_efuse_utility_load_efuses_from_flash() read emul_efuse
as an encrypted partition, but that is not correct,
this partition was never encrypted.
Need to read it as not encrypted partition.
Fxed the case: If FE is already on then EFUSE VIRT mode can work with it.
Closes https://github.com/espressif/esp-idf/issues/10929
User's custom data are not taken into account during the CRC calculation anymore.
Which means taht the retained mem structure is not systematically erased
on each reboot anymore.
This commit fixes build issue because of function `bootloader_common_reset_rtc_retain_mem`
getting inlined with compiler optimization level set to `PERF` (-O2).
Build failure log:
-----------------
In function 'bootloader_common_reset_rtc_retain_mem',
inlined from 'bootloader_common_update_rtc_retain_mem' at /h/esp-idf/components/bootloader_support/src/bootloader_common_loader.c:183:13:
/h/esp-idf/components/bootloader_support/src/bootloader_common_loader.c:159:5: error: 'memset' writing 16 bytes into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
159 | memset(rtc_retain_mem, 0, sizeof(rtc_retain_mem_t));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For secure boot enabled cases, bootloader and firmware images have signature
appended and size is variable based on scheme being used. This appended data
must be considered while verifying image length against allocated partition
size to avoid any possibilities of going beyond reserved size.
Closes IDF-5617
- Remove esp_cpu_in_ocd_mode() from esp_cpu.h. Users should call esp_cpu_dbgr_is_attached() instead.
- Remove esp_cpu_get_ccount() from esp_cpu.h. Users should call esp_cpu_get_cycle_count() instead.
- Remove esp_cpu_set_ccount() from esp_cpu.h. Users should call esp_cpu_set_cycle_count() instead.
- Other IDF components updated to call esp_cpu_dbgr_is_attached(), esp_cpu_get_cycle_count() and esp_cpu_set_cycle_count() as well.
This commit marks all functions in interrupt_controller_hal.h, cpu_ll.h and cpu_hal.h as deprecated.
Users should use functions from esp_cpu.h instead.
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/
* Removed bootloader_reset_reason.h and
bootloader_common_get_reset_reason() completely.
Alternative in ROM component is available.
* made esp_efuse.h independent of target-specific rom header
