Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2.
This will help in preventing the device to be bricked if the bootloader/application cannot be
verified by any other keys in efuse
OTA update used to fail if `firmware_size == partition_size`, because the code was trying to
erase one additional sector beyond the space reserved for the firmware partition.
This commit fixes the problem and OTA update can work if the firmware
size exactly matches the allocated partition size.
Closes https://github.com/espressif/esp-idf/pull/12460
This commit updates the chip independent system chapters of the
programming guide for esp32s3.
Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
This patch modifies the OTA implementation to incremental erase flash sectors
as they are written, rather than bulk erasing them all at once when OTA begins.
This solves several problems:
- The bulk flash erase can take so long that it triggers the watchdog timer.
Disabling the watchdog is an undesirable risk.
- The bulk erase interferes with the responsiveness of the system to user input.
- Incremental erasing eliminates the need to pass the firmware image size to
esp_ota_begin to avoid erasing more flash sectors than required.
- When installing an OTA received via HTTP, the size of the firmware image is
known when the content-length header is received. Calling esp_ota_begin at that
time causes a long delay to do the bulk erase which causes the TCP transfer
speed to be measurably slowed when the transfer resumes after the erase.
Incremental erasing eliminates this TCP slowdown.
Update:
Rework so erase optimization is only applied when image_size is set to
OTA_WITH_SEQUENTIAL_WRITES #5246
Merges https://github.com/espressif/esp-idf/pull/5246
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.
Closes: TW26335
Added a new structure esp_app_desc_t. It has info about firmware:
version, secure_version, project_name, time/date build and IDF version.
Added the ability to add a custom structure with a description of the firmware.
The esp_app_desc_t is located in fixed place in start of ROM secotor. It is located after structures esp_image_header_t and esp_image_segment_header_t.
app_version is filed from PROJECT_VER variable (if set in custom make file) or PROJECT_PATH/version.txt or git repo (git describe).
Add API to get app_desc from partition.
Added bootloader_common_get_sha256_of_partition() and esp_partition_get_sha256() - get or calculate SHA-256
digest for app and data partitions.
Added bootloader_sha256_hex_to_str() - helps to print SHA-256 digest
Added esp_partition_check_identity() - compares two partitions by SHA-256 digest
Refactoring a function esp_image_load() in bootloader space to esp_image_verify() and
bootloader_load_image(). Old name function esp_image_load is deprecated
and will remove in V4.0 version.
spi_flash/sim: Fix error test_host. Add stub for bootloader_common_get_sha256_of_partition in sim/stubs