OTA update used to fail if `firmware_size == partition_size`, because the code was trying to
erase one additional sector beyond the space reserved for the firmware partition.
This commit fixes the problem and OTA update can work if the firmware
size exactly matches the allocated partition size.
Closes https://github.com/espressif/esp-idf/pull/12460
* Add a note that DNS server config is global in lwIP
* Add a section about defining LWIP config macros from CMake
* Mention the DNS limitation in ESP-IDF additions to lwIP
* Update CN for lwIP DNS limitation
Co-Authored-By: Wang Ziyan <wangziyan@espressif.com>
With 8959555cee7e[1] ("setup_git_directory(): add an owner check for the top..")
git added an ownership check of the git directory and refuses to
run any git commands, even parsing the config file, if the git directory
is not owned by the current user. The "fatal: detected dubious ownership in repository"
is reported.
This fixes CVE-2022-24765[2], which allows to compromise user account. On a
multi-user system or e.g. on a shared file system, one user may create a "rogue"
git repository with e.g. core.fsmonitor set to an arbitrary command. Other user
may unwillingly execute this command by running e.g. git-diff or
git-status within the "rogue" git repository, which may be in one of the parent
directories. If e.g. PS1 is set to display information about a git
repository in CWD, as suggested in Git in Bash[3], the user do not need to run
any git command to trigger this, just entering some subdirectory under
this "rogue" git repository is enough, because the git command will be
started transparently through the script used in PS1. The core.fsmonitor
can be set to arbitrary command. It's purpose is to help git to identify changed files
and speed up the scanning for changed files.
rogue
├── .git # owned by user1
└── dir1 # owned by user2
├── dir2 # owned by user2
└── .git # owned by user2
user1 sets core.fsmonitor for git repository in rogue directory
$ git config --add core.fsmonitor "bash -c 'rm -rf \$HOME'"
user2 enters dir1 and runs e.g. git diff and triggers the core.fsmonitor command.
The ownership check may cause problems when running git commands in
ESP-IDF Docker container. For example user may run the container as
root, but the mounted project may be owned by a particular user.
In this case git will refuse to execute any git command within the
"/project" directory, because it's not owned by root. To overcome this,
git allows to set safe.directories, for which the ownership check is
skipped. The security check may be completely disabled by setting
safe.directories to "*". This solution was proposed in PR 12636[4], but
it would allow make it possible to exploit this vulnerability again.
This fix allows user to specify git's safe.directory in IDF_GIT_SAFE_DIR
environmental variable, which may be set during container startup.
The IDF_GIT_SAFE_DIR has same format as PATH and multiple directories can be
specified by using a ":" separator. To entirely disable this git security check
within the container, user may set IDF_GIT_SAFE_DIR='*'. This might be
heplfull in CI.
Closes https://github.com/espressif/esp-idf/pull/12636
[1] - 8959555cee
[2] - https://nvd.nist.gov/vuln/detail/cve-2022-24765
[3] - https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
[4] - https://github.com/espressif/esp-idf/pull/12636
Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
Some devices return full LANGID table, even if short LANGID table was requested.
No memory overflow occurs, because we have allocated enough memory for transfers to the
default pipe. So we can ignore the error and continue with string desc fetching.
This commit adds a subset of the DWC OTG configuration values to the
'usb_dwc_ll.h' file. Only relevant configuration values have been added.
Some DWC OTG releated constants have also been moved from 'usb_dwc_hal.h'
to 'usb_dwc_ll.h' and renamed.
This commit refactors SOC_USB_PERIPH_NUM as follows:
- Renamed to SOC_USB_OTG_PERIPH_NUM to avoid confusion with USB Serial JTAG
- Updated to unsigned integer "1U"
- Updated some build rules to depend on SOC_USB_OTG_SUPPORTED instead
In esp_eth_phy_802_3.h:
Make 802.3 API public.
In esp_eth_phy_802_3.c:
Add loopback check in eth_phy_802_3_set_duplex(). Now ESP_ERR_INVALID_STATE is invoked on attempt to set duplex to half
when loopback is enabled.
Remove static property from esp_eth_phy_802_3_autonego_ctrl and esp_eth_phy_802_3_loopback.
In esp_eth_phy_dm9051.c:
Add dm9051_loopback() because DM9051 requires setting additional bit to enable auto-negotiation loopback for data to be
received. Add dm9051_set_speed() which invokes ESP_ERR_INVALID_STATE on attempt to set speed to 10 Mbps when loopback is
enabled because such speed configuration is unsupported.
In esp_eth_phy_ksz80xx.c:
Add ksz80xx_set_speed() which invokes ESP_ERR_INVALID_STATE on attempt to set speed to 10 Mbps when loopback is enabled
because such speed configuration is unsupported.
In esp_eth_phy_ksz8851snl.c:
Change phy_ksz8851_set_duplex() to invoke ESP_ERR_INVALID_STATE on attempt to set duplex to half when loopback is enabled.
In esp_eth_phy_dp83848.c, esp_eth_phy_rtl8201.c:
Add autonego_ctrl implementation which prevents enabling autonegotiation when loopback is enabled.
Add loopback implementation which disables autonegotiation prior to enabling loopback.
In esp_eth_phy_lan87xx.c:
Add autonego_ctrl implementation which prevents enabling autonegotiation when loopback is enabled.
Add loopback implementation which disables autonegotiation prior to enabling loopback.
Fix link indicating being down when loopback is enabled by force setting link up.