Commit Graph

257 Commits

Author SHA1 Message Date
Supreet Deshpande
18b4ae2a65 Secure Boot V2: Fix an issue leading to manual enablement of Secure Boot v2.
Fixes https://github.com/espressif/esp-idf/issues/6050
2020-11-13 11:36:29 +05:30
Mahavir Jain
f7f81c33f7 bootloader_support: fix issue in memory mapping for getting app descriptor
For getting secure_version field in anti rollback case, bootloader tries
to map whole firmware partition but fails for cases where partition size
is beyond available MMU free pages capacity.

Fix here ensures to map only required length upto application descriptor
size in firmware partition.

Closes https://github.com/espressif/esp-idf/issues/5911
2020-10-06 14:42:45 +05:30
KonstantinKondrashov
66acb32665 bootloader: Fix esp_get_flash_encryption_mode(). RELEASE = (CRYPT_CNT == max) or (CRYPT_CNT.write_protect == true)
If the CRYPT_CNT efuse is max it means the same as a write protection bit for this efuse.

Closes: https://github.com/espressif/esp-idf/issues/5747
2020-10-01 14:29:43 +08:00
Ivan Grokhotkov
42e694bb8f bootloader_support: don't check signature when JTAG is attached
If an insecure configuration is enabled (no hardware secure boot, just
software signature check), skip the signature check in bootloader if
JTAG debugger is attached. This allows the debugger to set breakpoints
in Flash before the application runs.

Closes https://github.com/espressif/esp-idf/issues/4734
Closes https://github.com/espressif/esp-idf/issues/4878
2020-09-09 23:42:24 +02:00
KonstantinKondrashov
55fafa887c bootloader_support: Fix bootloader_common_get_sha256_of_partition, can handle a long image
Closes: IDFGH-3594
2020-08-05 22:09:15 +08:00
KonstantinKondrashov
0a1919abff esp32: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization
After setting _GLOBAL_REENT, ESP_LOGIx can be used instead of ESP_EARLY_LOGx.

Closes: https://github.com/espressif/esp-idf/issues/5343
2020-06-17 15:53:45 +08:00
Ivan Grokhotkov
bd3caffdcd bootloader_support: force alignment of flash_read argument 2020-06-04 21:01:56 +10:00
Angus Gratton
a5b4fda207 bootloader: Force bootloader_image_hdr to be word aligned
Possible due to linker order for this file to be placed unaligned,
causing failure from bootloader_flash_read() function.
2020-06-04 20:53:46 +10:00
Angus Gratton
b00f38f91c secure boot v2: Add anti-FI check that secure boot not enabled yet
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-06-02 16:14:01 +10:00
Angus Gratton
3c6b1b4c0a secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled 2020-06-02 16:14:01 +10:00
Angus Gratton
2c531d5bb3 secure boot v2: Don't log warnings when BLK2 is empty as expected
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)

If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-06-02 16:14:01 +10:00
chenjianqiang
eb5bafeb65 flash: fix spi flash clock config error
Closes https://github.com/espressif/esp-idf/issues/5099
2020-04-27 16:56:58 +08:00
Angus Gratton
c17d55eb9b esp32: Enable flash encryption by setting FLASH_CRYPT_CNT to max
Previous method was to write-protect this efuse, however on ECO3
the write protect field also covers the UART_DOWNLOAD_DIS efuse.

Doing it this way keeps the possibility of disabling UART download
mode, later.
2020-03-31 17:31:59 +11:00
Angus Gratton
cf8dd62fc4 secure boot v2: esp32: Prevent read disabling additional efuses
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-31 17:31:56 +11:00
Mahavir Jain
b8fe1fdf27 bootloader_support: initialize mbedtls_ctr_drbg_context per mbedtls v2.16.5 requirement
In commit 02d2903e39, mbedtls was
updated to release v2.16.5, where it was made mandatory to initialize
mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant
but missed out in secure boot v2 verification code. This commit
fixes that.
2020-03-23 11:22:20 +05:30
Angus Gratton
32756b165e bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-03-06 01:16:04 +05:30
Angus Gratton
74b299c4c7 secure boot: Encrypt the bootloader signature when enabling flash encryption + secure boot v2 2020-03-06 01:16:04 +05:30
Supreet Deshpande
60fed38c0f feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30
suda-morris
1ffb546135 esp32s2:remove unsupported xtal choice
ESP32-S2 only supports 40MHz XTAL and doesn't have XTAL autodetection.
2020-01-09 13:09:21 +08:00
michael
4220752aed ut: Move tests back from "esp32" subfolder
DISABLED_FOR_TARGETS macros are used

Partly revert "ci: disable unavailable tests for esp32s2beta"

This partly reverts commit 76a3a5fb48.

Partly revert "ci: disable UTs for esp32s2beta without runners"

This partly reverts commit eb158e9a22.

Partly revert "fix unit test and examples for s2beta"

This partly reverts commit 9baa7826be.

Partly revert "efuse: Add support for esp32s2beta"

This partly reverts commit db84ba868c.
2020-01-06 17:13:53 +08:00
Angus Gratton
ba3f47efd6 bootloader_support: fix crash in image verification is SHA doesn't match 2019-12-30 13:48:11 +11:00
Angus Gratton
b2ed553bbf bootloader_support: Reduce log spam about chip revisions
* Don't bother checking the chip revision if it looks like the partition
  doesn't really contain an app
* Don't print the "info" level about the revision & min revision unless
  we're in the bootloader (otherwise it gets printed at random times
  during the OTA process)
2019-12-30 13:48:11 +11:00
Angus Gratton
5139934767 bootloader_common: Fix esp_partition_get_sha256(), add unit tests
Regression in 438d513a95

Reported here: https://esp32.com/viewtopic.php?f=13&t=13250&p=52460
2019-12-30 13:47:47 +11:00
morris
888316fc64 bootloader_support: refactor to better support multi target 2019-12-23 05:45:17 +00:00
morris
01ca687caa esp32s2beta: only support unicore 2019-12-09 09:48:37 +08:00
Angus Gratton
fd27c0a113 Merge branch 'bugfix/bootloader_unicore_cache_enable' into 'master'
bootloader: revert support for booting dual-core apps on single-core bootloader

See merge request espressif/esp-idf!6609
2019-11-27 08:01:59 +08:00
wanglei
7b2348baad fix bug that wrap mode not disabled in none-QIO mode 2019-11-15 15:59:07 +00:00
Angus Gratton
ba72de2099 Merge branch 'bugfix/i2s-bootloader-random-disable' into 'master'
bugfix(bootloader): fix  bootloader_random_disable bug

Closes IDFGH-1747 and IDFGH-1739

See merge request espressif/esp-idf!6522
2019-11-08 11:04:15 +08:00
Angus Gratton
75488f1806 Merge branch 'bugfix/cmake_secure_boot' into 'master'
secure boot: CMake bug fixes

See merge request espressif/esp-idf!6523
2019-11-08 10:58:04 +08:00
Ivan Grokhotkov
a8e3ad6bd9 bootloader: revert support for booting dual-core apps on single-core bootloader 2019-11-05 14:42:43 +01:00
Chen Zheng Wei
b4a02c57c2 bugfix(i2s_bootloader_random_disable): fix bug about i2s bootloader_random_disable
bootloader_random_disable disables the ADC incorrectly, causing the ADC to sometimes fail to work. Fix this bug

closes https://github.com/espressif/esp-idf/issues/3973
2019-11-05 10:36:53 +08:00
Angus Gratton
e8881352c5 secure boot: Fix bug where verification key was not embedded in app 2019-10-29 12:46:09 +11:00
Angus Gratton
7ce75a42c7 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-25 15:13:52 +11:00
Angus Gratton
5bec9fb010 Merge branch 'bugfix/random_en_dis_for_app' into 'master'
bootloader_support: Fix using shared CLK_EN and RST_EN regs for random

See merge request espressif/esp-idf!6198
2019-10-23 13:18:01 +08:00
Angus Gratton
496ede9bcd Merge branch 'master' into feature/esp32s2beta_merge 2019-10-15 14:59:27 +11:00
Mahavir Jain
99659091fb bootloader_support: fix logging prints around chip revision 2019-10-11 14:35:22 +05:30
KonstantinKondrashov
807826f796 bootloader_support: Fix using shared CLK_EN and RST_EN regs for random
bootloader_random_enable() and bootloader_random_disable() functions
can be used in app.
This MR added the protection for shared CLK_EN and RST_EN registers.
2019-10-07 06:47:00 +00:00
Ivan Grokhotkov
6bddcdac67 bootloader: move esp32 specific code from bootloader_common
Also implements bootloader_clock_get_rated_freq_mhz for esp32s2beta.

Closes IDF-758
2019-10-03 09:38:13 +02:00
Ivan Grokhotkov
5830f529d8 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-02 19:01:39 +02:00
suda-morris
cbab3c34f8 bootloader: shrink bin size
1. write a bootloader version of "getting chip revision" function.
2. reduce wordy log.
2019-09-27 10:58:30 +08:00
KonstantinKondrashov
6f102125b4 bootloader: Add support esp32s2beta 2019-09-20 16:57:33 +10:00
Angus Gratton
adfc06a530 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-20 10:28:37 +10:00
Angus Gratton
83680bd96b Merge branch 'feature/esp32s2beta' into feature/esp32s2beta_merge 2019-09-19 21:08:20 +10:00
Jiang Jiang Jian
d78831ab2b Merge branch 'bugfix/remove_v40_deprecations' into 'master'
Remove features deprecated before ESP-IDF V4.0

Closes IDF-507

See merge request espressif/esp-idf!5841
2019-09-19 16:07:01 +08:00
suda-morris
dd248ffc32 Add chip revision into image header
Check chip id and chip revision before boot app image

Closes https://github.com/espressif/esp-idf/issues/4000
2019-09-16 18:13:53 +08:00
Angus Gratton
438d513a95 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-16 16:18:48 +10:00
Angus Gratton
62c06047da bootloader_support: Remove deprecated partition load/verify functions
Deprecated since v3.2
2019-09-13 09:44:07 +10:00
KonstantinKondrashov
d3637cd06b rtc_wdt: re-enable RTC_WDT 2019-09-13 00:03:52 +08:00
Angus Gratton
b547aef2a0 flash encryption: Ensure flash encryption can't be disabled if Secure Boot is on 2019-09-10 11:28:11 +10:00
Angus Gratton
35147119f1 Merge branch 'feature/support_ut_esp32s2beta' into 'feature/esp32s2beta'
ci: support build and run UT for esp32s2beta

See merge request espressif/esp-idf!5702
2019-09-09 08:34:16 +08:00