Commit Graph

318 Commits

Author SHA1 Message Date
Angus Gratton
9b822a3d2e esp32s2: Disable legacy boot mode & ROM remap modes if either Secure Boot or Flash Encryption is on 2020-05-28 17:45:09 +10:00
Angus Gratton
3e7ba2f389 bootloader: Don't print an error message after WDT reset in unicore mode
Caused some confusion here: https://github.com/espressif/esp-idf/issues/4388
2020-05-19 03:35:53 +00:00
Angus Gratton
cecf4622bc Merge branch 'bugfix/secure_boot_v2_fixes' into 'master'
Small secure boot v2 fixes

See merge request espressif/esp-idf!8462
2020-05-05 11:13:30 +08:00
Angus Gratton
d4d4d7324a efuse: Don't need to burn WR_CRYPT_CNT if CRYPT_CNT is already max
Reduces write cycles, and useful on ESP32 ECO3 as UART_DIS_DL is protected by
the same efuse.

Also fixes accidental macro definition introduced in 7635dce502
2020-05-01 16:16:47 +10:00
Felipe Neves
95bc186846 flash_encryption: Fix next spi boot crypt counter value after a plaintext flash 2020-04-24 12:43:47 -03:00
Felipe Neves
f7ccc081a5 flash_encryption: replace spi crypt count efuse burning function by a esp_efuse_API
flash_encryption: modify additional efuses burning method to fix them are not being written

flass_encryption: burn efuse to disable boot from RAM space

flash_encryption: added better checking for key generation state plus set read and write protect for them

soc esp32s2: Add register-level bit definitions for read & wrote protect bits

esp32s2: Fixes for flash encryption

- Write efuses in a batch
- Fix some detection of whether existing efuse blocks are read/write protected
2020-04-24 12:43:47 -03:00
Felipe Neves
6f27992430 flash_encryption: return more clear error codes when bootloader encryption fails 2020-04-24 12:43:47 -03:00
Felipe Neves
b3d8847406 flash_encryption: added wdt feed during encryption process to avoid undesired reset. 2020-04-24 12:43:47 -03:00
Felipe Neves
7635dce502 bootloader/flash_encrypt: added esp32s2 flash encryption code on build system and enabled example
flash_enctryption: enabled flash encryption example on esp32s2

bootloader: raise WDT overflow value providing sufficient interval to encrypt app partition

flash_ encrypt: Fixed the TODOs on flash encryption key generation for esp32s2

flash_encryption: added secure boot features to flash enctryption for esp32s2

bootloader: leave only esp32s2 compatible potentially insecure options on menuconfig.

flash_encryption: removed secure boot version 1 from esp32s2 encryption code

flash_encryption:  added  CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED option for esp32s2

flash_encryption: fixed the count of left plaintext flash

flash_encryption: disable dcache and icache download when using encryption in release mode

flash_encryption:  add cache potentally insecure options for s2 chips

flash_encryption: fixed bug which bricked some chips in relase mode
2020-04-24 12:43:47 -03:00
Angus Gratton
b26f93415e secure boot v2: Add anti-FI check that secure boot not enabled yet
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-04-24 15:03:31 +10:00
Angus Gratton
fc4b653729 secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled 2020-04-24 15:03:03 +10:00
Angus Gratton
fc0d6a99f8 secure boot v2: Don't log warnings when BLK2 is empty as expected
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)

If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-04-24 14:43:55 +10:00
chenjianqiang
ec9cc27e08 flash: fix spi flash clock config error
Closes https://github.com/espressif/esp-idf/issues/5099
2020-04-17 16:26:26 +08:00
Angus Gratton
25aa5b0e28 esp32: Enable flash encryption by setting FLASH_CRYPT_CNT to max
Previous method was to write-protect this efuse, however on ECO3
the write protect field also covers the UART_DOWNLOAD_DIS efuse.

Doing it this way keeps the possibility of disabling UART download
mode, later.
2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f secure boot v2: esp32: Prevent read disabling additional efuses
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Darian Leung
91841a53ff WDT: Add LL and HAL for watchdog timers
This commit updates the watchdog timers (MWDT and RWDT)
in the following ways:

- Add seprate LL for MWDT and RWDT.
- Add a combined WDT HAL for all Watchdog Timers
- Update int_wdt.c and task_wdt.c to use WDT HAL
- Remove most dependencies on LL or direct register access
  in other components. They will now use the WDT HAL
- Update use of watchdogs (including RTC WDT) in bootloader and
  startup code to use the HAL layer.
2020-03-26 02:14:02 +08:00
Mahavir Jain
409b3db22f bootloader_support: initialize mbedtls_ctr_drbg_context per mbedtls v2.16.5 requirement
In commit 02d2903e39, mbedtls was
updated to release v2.16.5, where it was made mandatory to initialize
mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant
but missed out in secure boot v2 verification code. This commit
fixes that.
2020-03-20 20:48:22 +05:30
Angus Gratton
207914a13a Merge branch 'refactor/common_code_panic_handler' into 'master'
Panic handling common code refactor

See merge request espressif/esp-idf!7489
2020-03-19 11:23:57 +08:00
Renz Christian Bagaporo
2b100789b7 esp32, esp32s2: move panic handling code to new component 2020-03-10 19:56:24 +08:00
Angus Gratton
df9d3c6e43 Merge branch 'refactor/print_app_description_on_startup' into 'master'
esp32s2: print app description on startup

See merge request espressif/esp-idf!7899
2020-03-09 14:05:04 +08:00
morris
ddcba3d574 bootloader_support: read random from register 2020-03-06 15:32:01 +08:00
Ivan Grokhotkov
22516b256f bootloader_support: force alignment of flash_read argument 2020-03-04 09:56:01 +01:00
Angus Gratton
04ccb84b83 Merge branch 'feature/cpu_abstraction' into 'master'
CPU related operations abstraction

See merge request espressif/esp-idf!7301
2020-02-28 11:54:29 +08:00
Angus Gratton
d40c69375c bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-02-27 14:37:19 +05:30
Angus Gratton
0dacff4df4 secure boot: Encrypt the bootloader signature when enabling flash encryption + secure boot v2 2020-02-27 14:32:42 +05:30
Renz Christian Bagaporo
cefc71cdcd bootloader_support: mem-related initializations using cpu abstractions 2020-02-27 07:14:21 +05:00
Supreet Deshpande
a9ccc5e5c8 feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:28:22 +05:30
Ivan Grokhotkov
40cff27053 Merge branch 'feature/esp32s2_pm' into 'master'
esp32s2: power management (DFS and auto light sleep)

Closes IDF-670, IDF-527, and IDFGH-231

See merge request espressif/esp-idf!7578
2020-02-19 18:26:33 +08:00
Ivan Grokhotkov
f69f05ecd7 bootloader: esp32s2: fix enabling custom console pins 2020-02-19 08:13:23 +01:00
Nebojsa Cvetkovic
d649ea96ce soc: Add missing gpio_periph.h header 2020-02-18 13:10:37 +00:00
Ivan Grokhotkov
490bf29767 esp32s2: fix enabling 32k XTAL clock
On the ESP32S2, rtc_clk_cal(RTC_CAL_RTC_MUX) measures the frequency
of the 90kHz RTC clock regardless of the selected slow clock
frequency. Keep track which clock is selected and pass the argument
to rtc_clk_cal accordingly.

fix clock choices

update rtc 32k xtal code for s2

missed api in rtc.h

bootloader_clock: update for S2
2020-02-17 17:33:56 +01:00
Ivan Grokhotkov
74ac618287 soc/rtc: update frequency switching APIs to match the master branch
esp32s2 code was based in IDF v3.1, and used outdated APIs.

Closes IDF-670
2020-02-17 17:23:32 +01:00
morris
e30cd361a8 global: rename esp32s2beta to esp32s2 2020-01-22 12:14:38 +08:00
morris
2422c52851 global: hello world on real esp32-s2 2020-01-16 17:43:59 +08:00
Wangjialin
fad639f0d4 feature(psram): update psram initialization.
1. use spi functions in rom
2. remove unnecessary GPIO configurations.
3. remove unnecessary dummy settings.
4. enable dummy out function
5. flash and psram have independent timing setting registers.
6. no need to set 1.9v for LDO in 80Mhz
7. set IO driver ability to 1 by default.
8. no need to use GPIO matrix on esp32s2, IO MUX is recommended
9. enable spi clock mode and IO mode settings
2020-01-16 17:41:31 +08:00
morris
a8d31b0385 rtc: enable super wdt auto feed 2020-01-16 17:41:31 +08:00
morris
1c2cc5430e global: bring up esp32s2(not beta) 2020-01-16 17:41:31 +08:00
duyi
9c5a981ef1 remove unnecessary function in bootloader_support
1. Delete bootloader_clock_get_rated_freq_mhz, esp32s2 do not need it right now
2. Remove bootloader_flash_gpio_config () because it has the same function as bootloader_flash_dummy_config
2020-01-16 17:41:31 +08:00
suda-morris
1ffb546135 esp32s2:remove unsupported xtal choice
ESP32-S2 only supports 40MHz XTAL and doesn't have XTAL autodetection.
2020-01-09 13:09:21 +08:00
Angus Gratton
ba3f47efd6 bootloader_support: fix crash in image verification is SHA doesn't match 2019-12-30 13:48:11 +11:00
Angus Gratton
b2ed553bbf bootloader_support: Reduce log spam about chip revisions
* Don't bother checking the chip revision if it looks like the partition
  doesn't really contain an app
* Don't print the "info" level about the revision & min revision unless
  we're in the bootloader (otherwise it gets printed at random times
  during the OTA process)
2019-12-30 13:48:11 +11:00
Angus Gratton
5139934767 bootloader_common: Fix esp_partition_get_sha256(), add unit tests
Regression in 438d513a95

Reported here: https://esp32.com/viewtopic.php?f=13&t=13250&p=52460
2019-12-30 13:47:47 +11:00
morris
888316fc64 bootloader_support: refactor to better support multi target 2019-12-23 05:45:17 +00:00
morris
01ca687caa esp32s2beta: only support unicore 2019-12-09 09:48:37 +08:00
Angus Gratton
fd27c0a113 Merge branch 'bugfix/bootloader_unicore_cache_enable' into 'master'
bootloader: revert support for booting dual-core apps on single-core bootloader

See merge request espressif/esp-idf!6609
2019-11-27 08:01:59 +08:00
wanglei
7b2348baad fix bug that wrap mode not disabled in none-QIO mode 2019-11-15 15:59:07 +00:00
Ivan Grokhotkov
a8e3ad6bd9 bootloader: revert support for booting dual-core apps on single-core bootloader 2019-11-05 14:42:43 +01:00
Chen Zheng Wei
b4a02c57c2 bugfix(i2s_bootloader_random_disable): fix bug about i2s bootloader_random_disable
bootloader_random_disable disables the ADC incorrectly, causing the ADC to sometimes fail to work. Fix this bug

closes https://github.com/espressif/esp-idf/issues/3973
2019-11-05 10:36:53 +08:00
Angus Gratton
7ce75a42c7 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-25 15:13:52 +11:00
Angus Gratton
5bec9fb010 Merge branch 'bugfix/random_en_dis_for_app' into 'master'
bootloader_support: Fix using shared CLK_EN and RST_EN regs for random

See merge request espressif/esp-idf!6198
2019-10-23 13:18:01 +08:00
Angus Gratton
496ede9bcd Merge branch 'master' into feature/esp32s2beta_merge 2019-10-15 14:59:27 +11:00
Mahavir Jain
99659091fb bootloader_support: fix logging prints around chip revision 2019-10-11 14:35:22 +05:30
KonstantinKondrashov
807826f796 bootloader_support: Fix using shared CLK_EN and RST_EN regs for random
bootloader_random_enable() and bootloader_random_disable() functions
can be used in app.
This MR added the protection for shared CLK_EN and RST_EN registers.
2019-10-07 06:47:00 +00:00
Ivan Grokhotkov
6bddcdac67 bootloader: move esp32 specific code from bootloader_common
Also implements bootloader_clock_get_rated_freq_mhz for esp32s2beta.

Closes IDF-758
2019-10-03 09:38:13 +02:00
Ivan Grokhotkov
5830f529d8 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-02 19:01:39 +02:00
suda-morris
cbab3c34f8 bootloader: shrink bin size
1. write a bootloader version of "getting chip revision" function.
2. reduce wordy log.
2019-09-27 10:58:30 +08:00
KonstantinKondrashov
6f102125b4 bootloader: Add support esp32s2beta 2019-09-20 16:57:33 +10:00
Angus Gratton
adfc06a530 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-20 10:28:37 +10:00
Angus Gratton
83680bd96b Merge branch 'feature/esp32s2beta' into feature/esp32s2beta_merge 2019-09-19 21:08:20 +10:00
Jiang Jiang Jian
d78831ab2b Merge branch 'bugfix/remove_v40_deprecations' into 'master'
Remove features deprecated before ESP-IDF V4.0

Closes IDF-507

See merge request espressif/esp-idf!5841
2019-09-19 16:07:01 +08:00
suda-morris
dd248ffc32 Add chip revision into image header
Check chip id and chip revision before boot app image

Closes https://github.com/espressif/esp-idf/issues/4000
2019-09-16 18:13:53 +08:00
Angus Gratton
438d513a95 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-16 16:18:48 +10:00
Angus Gratton
62c06047da bootloader_support: Remove deprecated partition load/verify functions
Deprecated since v3.2
2019-09-13 09:44:07 +10:00
KonstantinKondrashov
d3637cd06b rtc_wdt: re-enable RTC_WDT 2019-09-13 00:03:52 +08:00
Angus Gratton
b547aef2a0 flash encryption: Ensure flash encryption can't be disabled if Secure Boot is on 2019-09-10 11:28:11 +10:00
Li Shuai
bd29202520 1. Fix backtrace is incomplete
2. Optimization code style
2019-09-05 18:40:33 +08:00
Angus Gratton
abd6d40796 secure boot: Ensure mbedTLS enables ECDSA if signatures are checked in app
and all ECDSA to be disabled if secure boot is not enabled

Previously if ECDSA disabled in config then secure_boot_signatures.c would
fail to build (whether or not secure boot was enabled).

To avoid breaking apps that might be using the signature scheme with custom OTA
without enabling secure boot signatures in config, this change just disables
this functionality if unavailable in mbedTLS config.

Possible fix for root cause of https://github.com/espressif/esp-idf/pull/3703
2019-08-30 14:56:11 +10:00
Angus Gratton
06898325e6 Merge branch 'bugfix/bootloader_efuse_build_regression' into 'master'
bootloader: add definition of esp_clk_apb_freq

Closes IDFGH-1734

See merge request espressif/esp-idf!5913
2019-08-29 08:35:48 +08:00
Angus Gratton
a21ca2270a Merge branch 'feature/deep_sleep_fast_wake' into 'master'
bootloader: Reduce the time spent in image validation when waking from deep sleep

See merge request espressif/esp-idf!5140
2019-08-28 08:54:28 +08:00
Ivan Grokhotkov
fb72a6f629 bootloader: add definition of esp_clk_apb_freq
Commit 8cd04c80 has added a dependency of efuse component on
esp_clk_apb_freq, however there was no definition of this function in
the bootloader context.

Reported at https://esp32.com/viewtopic.php?f=13&t=12035
2019-08-27 12:01:11 +02:00
Ivan Grokhotkov
12c9d9a564 spi_flash: remove duplicate definition of spi_flash_unlock
The other (static) definition is in flash_ops.c, all references are
also in flash_ops.c.
2019-08-23 12:37:55 +08:00
KonstantinKondrashov
c543aac91e bootloader: API for the fast wakeup and custom using RTC mem
Added "Reserve RTC FAST memory for custom purposes" option.
Added a boot counter.
2019-08-21 11:44:37 +00:00
Tim Nordell
43393cf4d1 bootloader: Support for skipping validation upon wake from deep sleep
This saves time when waking up from deep sleep, but potentially decreases
the security of the system.  If the application able to modify itself
(especially areas that are loaded into RAM) in flash while running
without crashing or is modifies the cached bits of information about
what was last booted from the bootloader, this could cause security
issues if the user does a "deep sleep reset" since the full validation
is skipped.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Tim Nordell
82984f0539 bootloader: Do not obfuscate RAM if we are not doing image validation
No need to take this step if we are not doing image validation.  The
obfuscation only buys us a tiny bit of "security" anyways since the
main parts of flash are memory mapped, too.  This saves a little bit of
wake-up time when waking up from deep sleep when the
BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP option is set.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Tim Nordell
1e32fa2cf7 bootloader: Remove extraneous newlines from some debug statements
ESP_LOGD(...) provides its own new lines so remove these from these
debug strings.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Angus Gratton
6990a7cd54 Merge branch 'master' into feature/esp32s2beta_update 2019-08-19 15:03:43 +10:00
Angus Gratton
18c5cfadae Fix function prototypes 2019-08-13 17:14:16 +10:00
Angus Gratton
eb7ad6ca17 bootloader: Fix SPI dummy clock settings for ESP32S2-beta 2019-08-13 17:14:16 +10:00
Angus Gratton
309376f51a spi_flash: Force legacy mode for ESP32-S2
Can be removed once IDF-763 is merged
2019-08-13 17:14:16 +10:00
Angus Gratton
8f74271d5d esp_rom: Fail immediately if the wrong SoC's header file is included 2019-08-12 16:57:40 +10:00
Michael (XIAO Xufeng)
264ffbeb14 timer_group: use the LL 2019-08-09 13:46:31 +08:00
Angus Gratton
04ae56806c Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 15:26:58 +10:00
Angus Gratton
24d26fccde Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 13:44:24 +10:00
fuzhibo
572084821b add Comment for touchpad 2019-08-07 11:39:17 +08:00
fuzhibo
b055bff580 1.update touch driver; 2.update adc/dac driver; 3.add temp sensor driver; 2019-08-05 16:21:18 +08:00
Michael Zimmermann
74a459dd3d make code conform to Wstrict-prototypes
Merges https://github.com/espressif/esp-idf/pull/2937
2019-08-01 16:28:56 +07:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
chenjianqiang
d77c74770a bugfix(flash): add flash config in app startup
We fixed some flash bugs in bootloader, but for the users used the old
vrsion bootloader, they can not fix these bugs via OTA, the solution is
add these updates in app startup.

These updates include:
1. SPI flash gpio matrix and drive strength configuration
2. SPI flash clock configuration
3. SPI flash read dummy configuration
4. SPI flash cs timing configuration
5. Update flash id of g_rom_flashchip
2019-07-18 14:40:59 +08:00
Angus Gratton
409181361f Merge branch 'bugfix/fix_flash_read_error_in_dio_26MHz_mode' into 'master'
bugfix(flash): fix flash read error in DIO/26MHz mode

See merge request espressif/esp-idf!5381
2019-07-10 08:13:35 +08:00
chenjianqiang
266baa8839 bugfix(flash): fix flash read error in DIO/26MHz mode 2019-07-08 01:50:07 +00:00
Michael (XIAO Xufeng)
25ab8380c8 ci: support to build esp32s2beta simple examples 2019-07-08 09:16:06 +08:00
chenjianqiang
d6c40c7c1d bugfix(flash): improve spi cs timing settings for flash
cs setup time is recomemded to be 1.5T, and cs hold time is recommended to be 2.5T.
(cs_setup = 1, cs_setup_time = 0; cs_hold = 1, cs_hold_time = 1)
2019-07-05 21:21:17 +08:00
Vikram Dattu
4b42f535ed Add mmu pages available check in non-secure image hash check path.
Made MMU pages available check in `esp_image_format.c`
This now makes it possible to map and process bootoader image as well in chunks when image doesn't fit completely into available free pages.

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
2019-07-01 20:04:15 +00:00
Vikram Dattu
eb99b27f2e Bugfix: ota fails with secure boot on for image size greater than 3.2MB
When an OTA image size is larger than 50 MMU pages (approx. 3.2 MB), secure_boot_generate fails while trying to map it into memory:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp32/secure_boot.c#L72
Instead of trying to map the whole image, secure boot code should split the image into chunks and map them one by one, like it is done in esp_image_format.c:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp_image_format.c#L372

Closes https://jira.espressif.com:8443/browse/IDF-709

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
2019-07-01 20:04:15 +00:00
Hemal Gujarathi
a68c7c21e1 Improve flash encryption documentation and add Development & Release modes
This MR improves existing flash encryption document to provide simplified steps
Adds two new modes for user: Development & Release
Adds a simple example
Supports encrypted write through make command
2019-06-25 23:41:18 +00:00
suda-morris
3f7a571c90 fix errors when ci testing for esp32 2019-06-19 15:31:47 +08:00
Wang Jia Lin
e2d1c6234f Merge branch 'bugfix/improve_flash_dio_read_timing' into 'master'
bugfix(flash): fix flash dio read mode configuration error on SPI0

See merge request idf/esp-idf!5086
2019-06-14 12:10:46 +08:00
suda-morris
4a79d750a5 clean up build warnings 2019-06-11 13:07:37 +08:00
Angus Gratton
8d949c3c9d esp32s2beta: Apply new Kconfig names to esp32s2beta
Still using ESP32_xxx prefix on all chips: CORE_DUMP, APP_TRACE

Still using the same config prefix and duplicate names in esp32 & esp32s2beta: SPIRAM, PM
2019-06-11 13:07:37 +08:00
Ivan Grokhotkov
73b30af2b3 confgen.py: don't output compatibility definitions for options which are not defined
For example, if a renamed option CONFIG_NEW is a bool with value "n", kconfiglib will not generate a define for it in the Kconfig file. The define (#define CONFIG_NEW 1) will only be generated if the option is "y" or "m".
However the compatibility definition was always generated: #define CONFIG_OLD CONFIG_NEW. This broke the #ifdef checks which depended on the old option names.
2019-06-11 13:07:37 +08:00
suda-morris
84b2f9f14d build and link hello-world for esp32s2beta 2019-06-11 13:07:37 +08:00
suda-morris
61ce868396 make bootloader_support support esp32s2beta 2019-06-11 13:07:02 +08:00
Angus Gratton
c9bf3a3b17 Merge branch 'bugfix/remove_secure_boot_test_mode' into 'master'
remove secure boot test mode

See merge request idf/esp-idf!5059
2019-06-11 07:25:07 +08:00
Konstantin Kondrashov
399d2d2605 all: Using xxx_periph.h
Using xxx_periph.h in whole IDF instead of xxx_reg.h, xxx_struct.h, xxx_channel.h ... .

Cleaned up header files from unnecessary headers (releated to soc/... headers).
2019-06-03 14:15:08 +08:00
Angus Gratton
30d9ee56fb Merge branch 'feature/config_spi_pins_based_on_efuse_value' into 'master'
feat(psram): config SPI psram pins based on efuse value

See merge request idf/esp-idf!4950
2019-05-31 16:15:56 +08:00
Angus Gratton
73b90387cb Merge branch 'bugfix/reset_log_uart_port' into 'master'
esp32: Add reset CONSOLE_UART port

See merge request idf/esp-idf!5011
2019-05-29 14:28:37 +08:00
chenjianqiang
db138ae19b feat(psram): config SPI psram pins based on efuse value 2019-05-28 21:25:16 +08:00
chenjianqiang
d68f1907ef bugfix(flash): improve flash dio read timing
When flash work in DIO Mode, in order to ensure the fast read mode of flash
is a fixed value, we merged the mode bits into address part, and the fast
read mode value is 0 (the default value).
2019-05-28 14:51:04 +08:00
hemal.gujarathi
865b24144e remove secure boot test mode 2019-05-23 14:13:08 +05:30
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Roland Dobai
997b29a9ca Rename Kconfig options (components/esptool_py) 2019-05-21 09:32:55 +02:00
Roland Dobai
0ae53691ba Rename Kconfig options (components/esp32) 2019-05-21 09:09:01 +02:00
Konstantin Kondrashov
be6f5563b4 esp32: Add reset uart
Fixed the case when the first part of log was missed
this was happened when:
 * CONFIG_CONSOLE_UART_CUSTOM option is selected (UART1)
 * The selected CONSOLE_UART port is used also for the console component
 * in code esp_restart() or abort() functions were called.
2019-05-21 06:18:28 +00:00
Konstantin Kondrashov
98c77cebb2 bootloader_support: Fix UART RXD pin for console output (CUSTOM option)
The RXD pin is assigned as input (fix for custom uart option).

Closes: https://github.com/espressif/esp-idf/issues/2843

Closes: IDFGH-505
2019-05-16 11:18:56 +00:00
Angus Gratton
fe2565f5d7 Merge branch 'feature/make_bootloader_support_target_dependent' into 'master'
make bootloader_support depend on IDF_TARGET

See merge request idf/esp-idf!4798
2019-04-26 15:36:48 +08:00
suda-morris
3f2d6a0891 make bootloader_support depend on IDF_TARGET
1. move chip-specific code(e.g. encryption) into IDF_TARGET directory
2. splict app-only code to idf directory which won't be compiled into bootloader
2019-04-16 17:37:56 +08:00
Michael (XIAO Xufeng)
562af8f65e global: move the soc component out of the common list
This MR removes the common dependency from every IDF components to the SOC component.

Currently, in the ``idf_functions.cmake`` script, we include the header path of SOC component by default for all components.
But for better code organization (or maybe also benifits to the compiling speed), we may remove the dependency to SOC components for most components except the driver and kernel related components.

In CMAKE, we have two kinds of header visibilities (set by include path visibility):

(Assume component A --(depends on)--> B, B is the current component)

1. public (``COMPONENT_ADD_INCLUDEDIRS``): means this path is visible to other depending components (A) (visible to A and B)
2. private (``COMPONENT_PRIV_INCLUDEDIRS``): means this path is only visible to source files inside the component (visible to B only)

and we have two kinds of depending ways:

(Assume component A --(depends on)--> B --(depends on)--> C, B is the current component)

1. public (```COMPONENT_REQUIRES```): means B can access to public include path of C. All other components rely on you (A) will also be available for the public headers. (visible to A, B)
2. private (``COMPONENT_PRIV_REQUIRES``): means B can access to public include path of C, but don't propagate this relation to other components (A). (visible to B)

1. remove the common requirement in ``idf_functions.cmake``, this makes the SOC components invisible to all other components by default.
2. if a component (for example, DRIVER) really needs the dependency to SOC, add a private dependency to SOC for it.
3. some other components that don't really depends on the SOC may still meet some errors saying "can't find header soc/...", this is because it's depended component (DRIVER) incorrectly include the header of SOC in its public headers. Moving all this kind of #include into source files, or private headers
4. Fix the include requirements for some file which miss sufficient #include directives. (Previously they include some headers by the long long long header include link)

This is a breaking change. Previous code may depends on the long include chain.
You may need to include the following headers for some files after this commit:

- soc/soc.h
- soc/soc_memory_layout.h
- driver/gpio.h
- esp_sleep.h

The major broken include chain includes:

1. esp_system.h no longer includes esp_sleep.h. The latter includes driver/gpio.h and driver/touch_pad.h.
2. ets_sys.h no longer includes soc/soc.h
3. freertos/portmacro.h no longer includes soc/soc_memory_layout.h

some peripheral headers no longer includes their hw related headers, e.g. rom/gpio.h no longer includes soc/gpio_pins.h and soc/gpio_reg.h

BREAKING CHANGE
2019-04-16 13:21:15 +08:00
Anurag Kar
62b0d51c02 Enable secure boot only after encrypting flash
This prevents a device from being bricked in case when both secure boot & flash encryption are enabled and encryption gets interrupted during first boot. After interruption, all partitions on the device need to be reflashed (including the bootloader).

List of changes:
* Secure boot key generation and bootloader digest generation logic, implemented inside function esp_secure_boot_permanently_enable(), has been pulled out into new API esp_secure_boot_generate_digest(). The enabling of R/W protection of secure boot key on EFUSE still happens inside esp_secure_boot_permanently_enable()
* Now esp_secure_boot_permanently_enable() is called only after flash encryption process completes
* esp_secure_boot_generate_digest() is called before flash encryption process starts
2019-04-10 18:17:58 +05:30
Angus Gratton
8e91677701 Merge branch 'bugfix/bootloader_flash_crypt_cnt_ff' into 'master'
flash encryption: reduce FLASH_CRYPT_CNT bit width to 7 bits

See merge request idf/esp-idf!4642
2019-04-09 08:10:06 +08:00
Angus Gratton
4b4cd7fb51 efuse/flash encryption: Reduce FLASH_CRYPT_CNT to a 7 bit efuse field
8th bit is not used by hardware.

As reported https://esp32.com/viewtopic.php?f=2&t=7800&p=40895#p40894
2019-04-03 14:07:20 +11:00
Mahavir Jain
202f689baa bootloader: use mbedTLS for secure boot verification in firmware 2019-04-01 15:46:52 +05:30
morris
c159984264 separate rom from esp32 component to esp_rom
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
2019-03-21 18:51:45 +08:00
morris
fae39dc326 merge esp_flash_data_types into esp_flash_partitions 2019-03-18 08:51:55 +00:00
Angus Gratton
1cc726b2a3 secure boot: Use mbedtls_sha256() not esp_sha()
Latter is probably compiled into most firmwares already, saves some size.

Ref https://github.com/espressif/esp-idf/issues/3127
2019-03-14 05:56:06 +00:00
Konstantin Kondrashov
509e1264b9 efuse: Fix to pass CI tests 2019-02-28 07:31:29 +00:00
Ivan Grokhotkov
8cc6226051 soc: define named constants for DPORT_CPUPERIOD_SEL values 2019-02-26 17:07:59 +08:00
Ivan Grokhotkov
178e5b25e6 bootloader: check previously used clock frequency at run time
In the situation when bootloader was compiled for 240MHz, and app was
compiled for 160MHz, and the chip is a revision 0 chip, the
bootloader will assume that the application has also been running at
240MHz. This will cause the chip to lock up later. Modify this to use
a run time check of DPORT_CPUPERIOD_SEL, which indicates which of the
PLL frequencies was used.

Closes https://github.com/espressif/esp-idf/issues/2731.
2019-02-26 17:02:34 +08:00
Konstantin Kondrashov
e916cf52a3 bootloader: Add support of anti-rollback
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.

Closes: TW26335
2019-02-14 18:51:43 +08:00
Ivan Grokhotkov
96d0f7f5e2 bootloader: account for load address when mapping cache pages
Bootloader used to calculate the number of cache pages assuming that
load address was aligned, while in reality load address for DROM and
IROM was offset by 0x20 bytes from the start of 64kB page. This
caused the bootloader to map one less page if the size of the image
was 0x4..0x1c less than a multiple of 64kB.

Reported in https://esp32.com/viewtopic.php?f=13&t=6952.
2019-01-19 14:44:55 +08:00
Ivan Grokhotkov
182e917d78 bootloader: fix IROM and DROM swapped in log messages 2019-01-19 14:44:55 +08:00
Konstantin Kondrashov
dde1fd9b94 bootloader: Add support flags for rollback app
Added
* Set actual ota_seq if both ota are init or incorrect.
* Description of rollback
* UT tests

Closes TW15459
2018-12-11 11:54:21 +08:00
Konstantin Kondrashov
f9522a0eb6 bootloader app_update: Refactoring otadata part 2018-12-05 11:20:03 +08:00
Konstantin Kondrashov
3b9cb25fe1 esp32: Add firmware version to app
Added a new structure esp_app_desc_t. It has info about firmware:
version, secure_version, project_name, time/date build and IDF version.
Added the ability to add a custom structure with a description of the firmware.

The esp_app_desc_t is located in fixed place in start of ROM secotor. It is located after structures esp_image_header_t and esp_image_segment_header_t.

app_version is filed from PROJECT_VER variable (if set in custom make file) or PROJECT_PATH/version.txt or git repo (git describe).

Add API to get app_desc from partition.
2018-12-03 16:52:04 +08:00
Ivan Grokhotkov
964f5a91f7 bootloader, esp32: add workaround for Tensilica erratum 572
If zero-overhead loop buffer is enabled, under certain rare conditions
when executing a zero-overhead loop, the CPU may attempt to execute an invalid instruction. Work around by disabling the buffer.
2018-11-19 04:39:35 +00:00
Ivan Grokhotkov
73d1b5a7a0 bootloader: verify that loaded image does not overlap bootloader code
Fixes CVE-2018-18558
2018-10-26 12:44:10 +08:00
Ivan Grokhotkov
bd11965f6c Merge branch 'bugfix/ndebug_build' into 'master'
soc,sdmmc: fix build failures when NDEBUG is used

See merge request idf/esp-idf!3352
2018-10-19 11:55:37 +08:00
Angus Gratton
f53fef9936 Secure Boot & Flash encryption: Support 3/4 Coding Scheme
Includes esptool update to v2.6-beta1
2018-10-16 16:24:10 +11:00
Ivan Grokhotkov
a1f809fcc5 bootloader: provide implementation of abort
ROM definition of `abort` was removed in 9240bbb. The old definition
resulted in a panic due to a jump to a null pointer (abort member in
ROM stub table was zero). The new definition triggers a debug
exception if JTAG is connected, or goes into an infinite loop to be
reset by the WDT.
2018-10-15 15:02:56 +08:00
Angus Gratton
326d791ebb bootloader: Fix secure boot digest generation for image length where (len%128 < 32) 2018-10-02 15:17:14 +10:00
Angus Gratton
98b42a8b71 Merge branch 'bugfix/disable_coding_scheme_security_features' into 'master'
bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme

See merge request idf/esp-idf!3369
2018-10-02 07:54:11 +08:00
Ivan Grokhotkov
22b840f3df bootloader: don’t reload RTC_FAST DRAM after deep sleep
When CONFIG_ESP32_RTCDATA_IN_FAST_MEM is enabled, RTC data is placed
into RTC_FAST memory region, viewed from the data bus. However the
bootloader was missing a check that this region should not be
overwritten after deep sleep, which caused .rtc.bss segment to loose
its contents after wakeup.
2018-09-29 14:02:16 +08:00
Angus Gratton
ff33406e74 bootloader: Don't enable secure boot or flash encryption for 3/4 Coding Scheme 2018-09-26 18:26:06 +10:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Angus Gratton
2ec0fd8fd6 Merge branch 'feature/signature_verify_updates' into 'master'
secure boot: Support signed app verification without hardware secure boot

See merge request idf/esp-idf!2814
2018-09-04 18:56:47 +08:00
Angus Gratton
e54f3d9616 Merge branch 'bugfix/bootloader_random_in_app' into 'master'
esp32: Allow bootloader_random.h use in app, add esp_fill_random() function

See merge request idf/esp-idf!3124
2018-09-04 10:39:12 +08:00
Konstantin Kondrashov
9c715d7946 bootloader_support: Fix enable rtc_wdt for resolve issue with varying supply
Eliminates the issue with the lock up in the bootloader due to a power drawdown during its operation.

Closes https://github.com/espressif/esp-idf/issues/1814
2018-09-03 05:43:01 +00:00
Angus Gratton
83a179abb0 esp32: Add esp_fill_random() function
Convenience function to fill a buffer with random bytes.

Add some unit tests (only sanity checks, really.)
2018-09-03 04:39:45 +00:00
Mahavir Jain
62746e414e bootloader: add API for erasing flash region
Signed-off-by: Mahavir Jain <mahavir@espressif.com>
2018-08-29 12:04:32 +00:00
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Ivan Grokhotkov
90f5456dba Merge branch 'feature/rtc_cpu_freq_config' into 'master'
soc/rtc: Refactoring, support CPU frequencies lower than XTAL

See merge request idf/esp-idf!2856
2018-08-22 11:32:08 +08:00