Angus Gratton
fa734e6af8
Merge branch 'bugfix/partition_table_integrity_check_v4.2' into 'release/v4.2'
...
paritition_table: Verify the partition table md5sum when loading in the app (v4.2)
See merge request espressif/esp-idf!13583
2021-06-03 02:19:11 +00:00
Angus Gratton
f8b9cb2864
paritition_table: Verify the partition table md5sum when loading the app
...
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).
The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-06-02 06:35:45 +00:00
Angus Gratton
fd50bcf704
bootloader: Fix "skip validate in deep sleep" on ESP32 & ESP32-S2
...
Regression in 83bf2e1ac1
, this memory region was shifted from fast to slow RTC
memory (no change on ESP32-C3 as no RTC fast memory on this chip.)
2021-06-01 19:07:15 +10:00
Mahavir Jain
ec510fdf18
Merge branch 'bugfix/deep_sleep_skip_verify_rtc_mem_heap_v4.2' into 'release/v4.2'
...
Fix bootloader "skip validate on exiting deep sleep" option if "use RTC memory as heap" is enabled (v4.2)
See merge request espressif/esp-idf!13097
2021-05-03 13:44:06 +00:00
KonstantinKondrashov
4200af3e26
secure_boot_v2: Fix case when BLOCK2 is left blank
...
Closes: https://github.com/espressif/esp-idf/issues/6886
2021-04-20 23:23:32 +00:00
Angus Gratton
8de16142a5
bootloader: Fix "skip validate on exit deep sleep" when "Use RTC fast memory as heap" is enabled
...
RTC region used to store boot partition needs to remain reserved in the app.
2021-04-16 10:50:55 +10:00
Michael (XIAO Xufeng)
15f406ddb7
spi_flash: add config option to override flash size in bootloader header
...
Sometimes the flash size read from bootloader is not correct. This may
forbid SPI Flash driver from reading the the area larger than the size
in bootloader header.
When the new config option is enabled, the latest configured
ESPTOOLPY_FLAHSIZE in the app header will be used to override the value
read from bootloader header.
2021-02-22 23:18:17 +08:00
Mahavir Jain
4d1ada8ab5
Merge branch 'bugfix/misc_secure_boot_v4.2' into 'release/v4.2'
...
Bugfix/misc secure boot v2 (v4.2)
See merge request espressif/esp-idf!11743
2021-01-22 16:27:10 +08:00
Supreet Deshpande
7453507d93
Secure boot v2: Fixes the issue of passing the flash calculated digest for ota verification.
2021-01-12 11:16:23 +00:00
Supreet Deshpande
b979dacc6c
Secure Boot v2: Fix the double padding of the image length during flash encryption
...
Fixes https://github.com/espressif/esp-idf/issues/6236
2021-01-12 11:16:23 +00:00
Morozov-5F
0e4f43ddde
secure boot v2: Fix crash if signature verification fails in app
...
sha_handle is "finished" when verify_secure_boot_signature() returns and
should be nulled out.
Alternative version of fix submitted in https://github.com/espressif/esp-idf/pull/6210
Closes https://github.com/espressif/esp-idf/pull/6210
Signed-off-by: Angus Gratton <angus@espressif.com>
2021-01-08 18:45:49 +11:00
Supreet Deshpande
dd6405fcef
Secure Boot V2: Fix an issue leading to manual enablement of Secure Boot v2.
...
Fixes https://github.com/espressif/esp-idf/issues/6050
2020-11-13 11:33:29 +05:30
Michael (XIAO Xufeng)
c245db59b6
bootloader_support: fix fix spi flash clock config error
...
Relates to: https://github.com/espressif/esp-idf/issues/5099
2020-10-28 01:38:14 +00:00
Angus Gratton
b34c658554
esp32s2: Use regi2c registers to enable bootloader RNG
2020-10-21 15:09:22 +11:00
Angus Gratton
3cdf0aa18a
esp32s2: Enable 8M clock source for RNG also
...
Either of these options is sufficient to pass dieharder test suite with
bootloader random output, having both enabled is a bonus.
2020-10-19 10:24:37 +11:00
Angus Gratton
0c320bfb0e
esp32s2: Support bootloader_random_enable()
2020-10-19 10:24:37 +11:00
KonstantinKondrashov
af7d6f4d89
bootloader: Fix esp_get_flash_encryption_mode(). RELEASE = (CRYPT_CNT == max) or (CRYPT_CNT.write_protect == true)
...
If the CRYPT_CNT efuse is max it means the same as a write protection bit for this efuse.
Closes: https://github.com/espressif/esp-idf/issues/5747
2020-10-15 02:36:04 +00:00
Angus Gratton
57ce9c2f06
Merge branch 'bugfix/bootloader_anti_rollback_mmap_v4.2' into 'release/v4.2'
...
bootloader_support: fix issue in memory mapping for getting app descriptor (v4.2)
See merge request espressif/esp-idf!10734
2020-10-14 10:44:00 +08:00
Mahavir Jain
93aeac9728
bootloader_support: fix issue in memory mapping for getting app descriptor
...
For getting secure_version field in anti rollback case, bootloader tries
to map whole firmware partition but fails for cases where partition size
is beyond available MMU free pages capacity.
Fix here ensures to map only required length upto application descriptor
size in firmware partition.
Closes https://github.com/espressif/esp-idf/issues/5911
2020-10-06 08:49:49 +05:30
Supreet Deshpande
a04d6e7f63
Secure Boot V2: Fixes the OTA regression with secure boot in ESP32-V3
...
Closes https://github.com/espressif/esp-idf/issues/5905
2020-09-25 14:21:07 +05:30
Angus Gratton
f536db1782
Merge branch 'feature/secure_boot_esp32s2_v4.2' into 'release/v4.2'
...
Feature/secure boot esp32s2 v4.2
See merge request espressif/esp-idf!9958
2020-09-25 07:31:45 +08:00
Supreet Deshpande
7d57165922
Update to compatible crc & SBv2 enable check api's
2020-09-15 11:29:26 +05:30
Angus Gratton
1c6c6eceb5
secure boot: Fixes for ESP32-S2 first boot logic
2020-09-15 11:23:51 +05:30
Angus Gratton
762e8d5f84
bootloader esp32s2: Fix return type of ROM function signature verification
2020-09-15 11:23:51 +05:30
Supreet Deshpande
0f82fe105c
Secure boot v2 support for ESP32-S2
2020-09-15 11:23:51 +05:30
Ivan Grokhotkov
93a3beafb8
bootloader_support: don't check signature when JTAG is attached
...
If an insecure configuration is enabled (no hardware secure boot, just
software signature check), skip the signature check in bootloader if
JTAG debugger is attached. This allows the debugger to set breakpoints
in Flash before the application runs.
Closes https://github.com/espressif/esp-idf/issues/4734
Closes https://github.com/espressif/esp-idf/issues/4878
2020-09-09 23:39:51 +02:00
Angus Gratton
a2d20f9412
Merge branch 'bugfix/bootloader_common_get_sha256_of_partition_v4.2' into 'release/v4.2'
...
bootloader_support: Fix bootloader_common_get_sha256_of_partition(), can handle a long image (v4.2)
See merge request espressif/esp-idf!9952
2020-08-24 13:36:09 +08:00
KonstantinKondrashov
d87d9a714e
efuse: Add some fields in efuse_table and update esp_efuse_get_pkg_ver()
...
Closes: IDF-1077
2020-08-10 15:59:02 +08:00
KonstantinKondrashov
2620942568
bootloader_support: Fix bootloader_common_get_sha256_of_partition, can handle a long image
...
Closes: IDFGH-3594
2020-08-07 08:49:18 +00:00
Angus Gratton
a94685a222
esp32: Use package identifier to look up SPI flash/PSRAM WP Pin, unless overridden
...
Allows booting in QIO/QOUT mode or with PSRAM on ESP32-PICO-V3 and
ESP32-PICO-V3-O2 without any config changes.
Custom WP pins (needed for fully custom circuit boards) should still be compatible.
2020-07-24 21:45:31 +08:00
chenjianqiang
55a1bd0fb6
feat(esp32): support for esp32-pico-v3-02
2020-07-24 21:20:27 +08:00
Angus Gratton
ae35b6abcd
Merge branch 'bugfix/bootloader_header_align_v4.2' into 'release/v4.2'
...
bootloader: Force bootloader_image_hdr to be word aligned (v4.2)
See merge request espressif/esp-idf!9069
2020-06-24 20:33:47 +08:00
KonstantinKondrashov
a6ac0e8a51
esp32: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization
...
After setting _GLOBAL_REENT, ESP_LOGIx can be used instead of ESP_EARLY_LOGx.
Closes: https://github.com/espressif/esp-idf/issues/5343
2020-06-17 13:40:42 +08:00
Angus Gratton
e7ab7ce3af
bootloader: Force bootloader_image_hdr to be word aligned
...
Possible due to linker order for this file to be placed unaligned,
causing failure from bootloader_flash_read() function.
2020-06-04 20:56:26 +10:00
Angus Gratton
f64ae4fa99
efuse: Add 'disable Download Mode' & ESP32-S2 'Secure Download Mode' functionality
2020-05-28 17:50:45 +10:00
Angus Gratton
48d9c14c28
efuse: Add new esp_efuse_read_field_bit() convenience function
2020-05-28 17:45:09 +10:00
Angus Gratton
1dd5a4dba4
efuse: Add new esp_efuse_write_field_bit() convenience function
2020-05-28 17:45:09 +10:00
Angus Gratton
9b822a3d2e
esp32s2: Disable legacy boot mode & ROM remap modes if either Secure Boot or Flash Encryption is on
2020-05-28 17:45:09 +10:00
Angus Gratton
3e7ba2f389
bootloader: Don't print an error message after WDT reset in unicore mode
...
Caused some confusion here: https://github.com/espressif/esp-idf/issues/4388
2020-05-19 03:35:53 +00:00
Angus Gratton
cecf4622bc
Merge branch 'bugfix/secure_boot_v2_fixes' into 'master'
...
Small secure boot v2 fixes
See merge request espressif/esp-idf!8462
2020-05-05 11:13:30 +08:00
Angus Gratton
d4d4d7324a
efuse: Don't need to burn WR_CRYPT_CNT if CRYPT_CNT is already max
...
Reduces write cycles, and useful on ESP32 ECO3 as UART_DIS_DL is protected by
the same efuse.
Also fixes accidental macro definition introduced in 7635dce502
2020-05-01 16:16:47 +10:00
Felipe Neves
95bc186846
flash_encryption: Fix next spi boot crypt counter value after a plaintext flash
2020-04-24 12:43:47 -03:00
Felipe Neves
f7ccc081a5
flash_encryption: replace spi crypt count efuse burning function by a esp_efuse_API
...
flash_encryption: modify additional efuses burning method to fix them are not being written
flass_encryption: burn efuse to disable boot from RAM space
flash_encryption: added better checking for key generation state plus set read and write protect for them
soc esp32s2: Add register-level bit definitions for read & wrote protect bits
esp32s2: Fixes for flash encryption
- Write efuses in a batch
- Fix some detection of whether existing efuse blocks are read/write protected
2020-04-24 12:43:47 -03:00
Felipe Neves
6f27992430
flash_encryption: return more clear error codes when bootloader encryption fails
2020-04-24 12:43:47 -03:00
Felipe Neves
b3d8847406
flash_encryption: added wdt feed during encryption process to avoid undesired reset.
2020-04-24 12:43:47 -03:00
Felipe Neves
7635dce502
bootloader/flash_encrypt: added esp32s2 flash encryption code on build system and enabled example
...
flash_enctryption: enabled flash encryption example on esp32s2
bootloader: raise WDT overflow value providing sufficient interval to encrypt app partition
flash_ encrypt: Fixed the TODOs on flash encryption key generation for esp32s2
flash_encryption: added secure boot features to flash enctryption for esp32s2
bootloader: leave only esp32s2 compatible potentially insecure options on menuconfig.
flash_encryption: removed secure boot version 1 from esp32s2 encryption code
flash_encryption: added CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED option for esp32s2
flash_encryption: fixed the count of left plaintext flash
flash_encryption: disable dcache and icache download when using encryption in release mode
flash_encryption: add cache potentally insecure options for s2 chips
flash_encryption: fixed bug which bricked some chips in relase mode
2020-04-24 12:43:47 -03:00
Angus Gratton
b26f93415e
secure boot v2: Add anti-FI check that secure boot not enabled yet
...
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-04-24 15:03:31 +10:00
Angus Gratton
fc4b653729
secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled
2020-04-24 15:03:03 +10:00
Angus Gratton
fc0d6a99f8
secure boot v2: Don't log warnings when BLK2 is empty as expected
...
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)
If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-04-24 14:43:55 +10:00
chenjianqiang
ec9cc27e08
flash: fix spi flash clock config error
...
Closes https://github.com/espressif/esp-idf/issues/5099
2020-04-17 16:26:26 +08:00