Commit Graph

384 Commits

Author SHA1 Message Date
Sachin Parekh
7fe2a4815d secure_boot: Added Kconfig option for aggressive key revoke
Applicable to S2, C3, and S3
2021-11-09 15:19:47 +05:30
Ivan Grokhotkov
5bfd10113a bootloader: fix adding bootloader_components to EXTRA_COMPONENT_DIRS 2021-10-06 10:17:19 +02:00
Mahavir Jain
8c3287e0db Merge branch 'docs/add_note_for_esp32_sec_dl_mode' into 'master'
bootloader: add note about secure download mode for ESP32 target

Closes IDFGH-5857

See merge request espressif/esp-idf!15304
2021-09-30 04:00:50 +00:00
Mahavir Jain
3cff291f95
bootloader: add note about secure download mode for ESP32 target
Closes IDFGH-5857
Closes https://github.com/espressif/esp-idf/issues/7557
2021-09-22 15:37:40 +05:30
Sachin Parekh
c4e445b6f3 secure_boot: Enable --no-stub if secure boot enabled
ROM code doesn't allow loader stub to be executed in case secure boot in
enabled. Providing --no-stub flag to esptool allows user to flash new
firmware, given download mode hasn't been disabled
2021-09-22 12:45:46 +05:30
Sachin Parekh
bf1dde7233 bootloader: Enable clock glitch detection
Reset the device when clock glitch detected. Clock glitch detection is
only active in bootloader
2021-09-02 12:25:12 +05:30
Sachin Parekh
2d82560ed5 bootloader: Enable Secure boot V2 for ESP32-S3 2021-08-19 14:08:12 +05:30
Mahavir Jain
012c9e26a4 Merge branch 'fixes/secure_boot' into 'master'
secure_boot/esp32(s2,c3): Disable read protecting of efuses

See merge request espressif/esp-idf!14769
2021-08-17 05:05:00 +00:00
Sachin Parekh
f430e86c0f secure_boot/esp32(s2,c3): Disable read protecting of efuses
When secure boot is enabled, disable the ability to read protect
efuses that contain the digest.
2021-08-13 13:41:59 +05:30
Michael (XIAO Xufeng)
dd40123129 bootloader: add xmc spi_flash startup flow to improve reliability 2021-08-12 17:22:42 +08:00
Wu Zheng Hui
fb7894382b Merge branch 'bugfix/fix_c3_bootloader_ld_addr_err' into 'master'
update c3 bootloader ld rom addr info

See merge request espressif/esp-idf!14168
2021-07-31 05:43:58 +00:00
SalimTerryLi
2347e68e6b
soc: move peripheral linker scripts out of target component 2021-07-22 12:55:01 +08:00
KonstantinKondrashov
4ccb5515ef fpga/bootloader: Fix LoadProhibited error when bootloader_fill_random() is not in iram_loader_seg 2021-07-16 10:50:06 +10:00
Angus Gratton
072232a934 docs: Expand bootloader section
- Cover customization options
- Cross-link to the "general notes" section which explains the low-level details

Closes IDF-313
2021-07-13 17:33:53 +10:00
Angus Gratton
4fe4df8770 Merge branch 'feature/bootloader_pin_level_pr7089' into 'master'
bootloader: Add configurable pin level for factory reset (PR)

Closes IDFGH-5337

See merge request espressif/esp-idf!13956
2021-07-13 05:39:25 +00:00
Angus Gratton
6bbb58c8c2 bootloader: Small cleanup and docs for factory reset level config
- Add to docs & config descriptions
- Change to a "choice" to become self-documenting
- Keep the bootloader_common_check_long_hold_gpio() function for compatibility
2021-07-05 12:08:36 +08:00
chegewara
fb7234a13d bootloader: Add selectable level for factory reset pin
Closes https://github.com/espressif/esp-idf/pull/7089
2021-07-05 12:08:36 +08:00
Omar Chebib
a79acb413e bootloader: override the 2nd stage bootloader
Add the possibility to have user bootloader components. This is performed
from an application/project, by creating bootloader components. To do so,
it is required to create a `bootloader_component` directory containing
the custom modules to be compiled with the bootloader.

Thanks to this, two solutions are available to override the bootloader now:
- Using hooks within a user bootloader component
- Using a user defined `main` bootloader component to totally override the
  old implementation

Please check the two new examples in `examples/custom_bootloader`

* Closes https://github.com/espressif/esp-idf/issues/7043
2021-07-05 10:25:32 +08:00
Shu Chen
75bd02bd46 esp32h2: add some more fixes and TODOs 2021-07-01 20:36:39 +08:00
wuzhenghui
112372d598 update rom bootloader addr info 2021-07-01 19:53:50 +08:00
Shu Chen
2df4ddf998 esp32h2: fixes after rebase 2021-07-01 19:53:50 +08:00
Shu Chen
c0056813f2 esp32h2: add bootloader support 2021-07-01 19:53:11 +08:00
wuzhenghui
a59eb2d607 update c3 bootloader ld addr info 2021-06-28 10:51:06 +08:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Anton Maklakov
343cc5025b make build system: fix build for undefined _lock_* funcs 2021-06-07 12:53:45 +07:00
Jan Brudný
dffe49f305 bootloader: update copyright notice 2021-06-02 14:22:09 +02:00
Michael (XIAO Xufeng)
d6680b689b Merge branch 'feature/s3beta3_crypto_bringup' into 'master'
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc

Closes IDF-3004

See merge request espressif/esp-idf!12960
2021-05-19 11:22:05 +00:00
Marius Vikhammer
9b4ba3d707 crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc 2021-05-18 11:25:41 +08:00
Angus Gratton
ede477ea65 paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-05-18 01:32:59 +00:00
Jakob Hasse
fc22e3c645 [system]: Made longjmp save for context switch
* Patched longjmp to be context-switch safe
  longjmp modifies the windowbase and windowstart
  registers, which isn't safe if a context switch
  occurs during the modification. After a context
  switch, windowstart and windowbase will be
  different, leading to a wrongly set windowstart
  bit due to longjmp writing it based on the
  windowbase before the context switch. This
  corrupts the registers at the next window
  overflow reaching that wrongly set bit.

  The solution is to disable interrupts during
  this code. It is only 6 instructions long,
  the impact shouldn't be significant.

  The fix is implemented as a wrapper which
  replaces the original first instructions of
  longjmp which are buggy. Then, it jumps back
  to execute the rest of the original longjmp
  function.

  Added a comparably reliable test to the
  test apps.
2021-04-23 15:55:31 +08:00
Angus Gratton
6f6b4c3983 cmake partition_table: Check binaries fit in partition spaces at build time
- Bootloader is checked not to overlap partition table
- Apps are checked not to overlap any app partition regions

Supported for CMake build system only.

Closes https://github.com/espressif/esp-idf/pull/612
Closes https://github.com/espressif/esp-idf/issues/5043
Probable fix for https://github.com/espressif/esp-idf/issues/5456
2021-04-16 16:40:47 +10:00
KonstantinKondrashov
fd867a11df bootloader: Suppress a Cmake warning - variables were not used by the project
Manually-specified variables were not used by the project: SECURE_BOOT_SIGNING_KEY
2021-04-13 11:28:13 +00:00
KonstantinKondrashov
9f932a2a18 bootloader: Fix error in Make build system when signature options is on 2021-04-13 11:28:13 +00:00
KonstantinKondrashov
4e23f9f3b7 secure_boot_v2: Adds support SB_V2 for ESP32-C3 ECO3 2021-04-07 19:52:44 +08:00
Angus Gratton
97ea00f355 Merge branch 'doc/flash_encryption_development' into 'master'
doc: Mention Flash Encryption on the host is possible in Release mode

Closes IDFGH-4074

See merge request espressif/esp-idf!12721
2021-04-06 08:13:43 +00:00
Angus Gratton
e97ae26f48 doc: Mention pre-encrypting on the host is possible in Release mode
Closes https://github.com/espressif/esp-idf/issues/5945
2021-04-06 16:58:58 +10:00
Angus Gratton
fda565a5bf Merge branch 'bugfix/partition_table_depends_esptoolpy' into 'master'
esptool_py: Fix issue where build with limited components doesn't include esptool_py

Closes IDFGH-4876 and IDFGH-4874

See merge request espressif/esp-idf!12653
2021-03-31 01:30:33 +00:00
Marius Vikhammer
8ac74082f1 soc: add dummy bytes to ensure instr prefetch always valid
The CPU might prefetch instructions, which means it in some cases
will try to fetch instruction located after the last instruction in
flash.text.

Add dummy bytes to ensure fetching these wont result in an error,
 e.g. MMU exceptions
2021-03-29 13:50:03 +08:00
Aditya Patwardhan
2095148b31 bootloader/ ESP32_ECO3: Do not disable UART download mode by default 2021-03-23 08:15:32 +00:00
Angus Gratton
1581744c10 Merge branch 'feature/main_task_affinity_pr6627' into 'master'
Allow selection of different core for main task

Closes IDFGH-4828

See merge request espressif/esp-idf!12654
2021-03-22 06:46:24 +00:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)
- ESP32 ECO3, ESP32-S2/C3/S3
2021-03-15 12:30:20 +00:00
Angus Gratton
6f362b9383 bootloader: Add config options to skip validation of app for minimum boot time 2021-03-10 14:00:46 +11:00
0xFEEDC0DE64
6928db7670 Allow selection of different core for main task
Closes https://github.com/espressif/esp-idf/pull/6627
2021-03-09 10:13:28 +11:00
Angus Gratton
9c03f04769 esptool_py: Add esptool_py as a dependency for any component that uses it
Many components uses esptool_py_flash_target function, they all should
explicitly requier the esptool_py component.

Related to https://github.com/espressif/esp-idf/issues/6670
2021-03-08 19:47:38 +11:00
Angus Gratton
90ec0b0327 bootloader: Allow 'silent assert' config to work in bootloader
Requires adding the 'newlib' component to the bootloader project, for
platform_include header.
2021-03-03 10:26:57 +11:00
Angus Gratton
cbc58b85e2 Merge branch 'feature/adds_check_in_app_that_flash_enc_is_on' into 'master'
bootloader: Adds a check that app is run under FE

Closes IDF-640

See merge request espressif/esp-idf!12368
2021-02-25 22:39:13 +00:00
Angus Gratton
501af6dfa2 Merge branch 'feature/secure_boot_revoke_check' into 'master'
secure_boot: Checks secure boot efuses

Closes IDF-2609

See merge request espressif/esp-idf!12148
2021-02-25 22:38:42 +00:00
Renz Bagaporo
5e8799bbfe esp_common: move some headers 2021-02-24 12:16:37 +08:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
11a2f2acd3 bootloader: Adds a check that app is run under FE 2021-02-15 20:33:50 +08:00