Commit Graph

92 Commits

Author SHA1 Message Date
Mahavir Jain
4c95aa445d fix(ota): additional checks for secure version in anti-rollback case
Some additional checks related to secure version of the application in
anti-rollback case have been added to avoid any attempts to boot lower
security version but valid application (e.g., passive partition image).

- Read secure_version under sha256 protection

- First check has been added in the bootloader to ensure correct secure
  version after application verification and loading stage. This check
  happens before setting up the flash cache mapping and handling over
  the final control to application. This check ensures that application
  was not swapped (e.g., to lower security version but valid image) just
  before the load stage in bootloader.

- Second check has been added in the application startup code to ensure
  that currently booting app has higher security version than the one
  programmed in the eFuse for anti-rollback scenario. This will ensure
  that only the legit application boots-up on the device for
  anti-rollback case.
2024-02-15 15:08:26 +02:00
Mahavir Jain
d3b4acf7a0 fix(esp32h2): program use_hardware_k efuse bit for ECDSA key purpose
In ESP32-H2, the ECDSA peripheral by default uses the TRNG (hardware)
generated k value but it can be overridden to software supplied k.
This can happen through by overriding the `ECDSA_SOFTWARE_SET_K` bit
in the configuration register. Even though the HAL API is not exposed
for this but still it could be achieved by direct register
programming. And for this scenario, if sufficiently random k is not
supplied by the software then it could posses a security risk.

In this change, we are unconditionally programming the efuse
`ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K` bit during startup security
checks itself. Additionally, same is ensured in the `esp_efuse_write_key`
API as well. This always enforces the hardware k mode in the ECDSA
peripheral and ensures strongest possible security.
2023-11-17 07:13:53 +00:00
muhaidong
2b6feac67c change(wifi): update esp_coexist_internal.h and esp_modem_wrapper.h 2023-11-16 11:03:44 +08:00
Alexey Lapshin
a43c509d4b change(newlib): update newlib according to new internal structures 2023-10-09 12:13:02 +04:00
Alexey Lapshin
295f9cdd56 fix(esp_system): add no_sanitize_undefined for init functions
Something wrong with -Og optimization. It started to fail without
reason.
2023-10-09 12:13:02 +04:00
Mahavir Jain
be2c591129 fix(startup): flip the security configuration check order
For cases where the bootloader is not enabled with the security features
ends up receiving an incorrect application with flash encryption enabled
should not really program any security efuses.

In the startup sequence, we first used to program the ROM DL mode
configuration but now we check for the flash encryption related checks
first. If the flash encryption related checks finds that flash
encryption is not enabled on the device then it aborts the boot process.
This is the case with `CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP` enabled.

This would at-least ensure that accidental program of security enabled
application does not really program any ROM DL mode efuses and there is
chance to recover the device.
2023-09-29 03:44:00 +00:00
Sachin Billore
c3e701588e efuse: add efuse hal api
Closes IDF-7215
2023-04-18 13:47:00 +05:30
jingli
9c37441b17 wdt: refactor wdt codes to use unified type 2023-02-15 12:08:55 +08:00
wuzhenghui
44df5b31af feature: add ram loadable app support 2023-02-01 17:57:22 +08:00
Cao Sen Miao
8cc9260f86 ESP32H2: Add system support for ESP32H2 2022-12-07 11:38:51 +08:00
KonstantinKondrashov
1f9260d790 all: Apply new version logic (major * 100 + minor) 2022-11-03 08:36:23 +00:00
wuzhenghui
ab09c07fdd esp32c6: add esp_system support 2022-09-06 09:13:20 +00:00
Darian Leung
fbcde6777f newlib: Add workaround for printf functions using 32-bit time_t on first call
sizeof(time_t) was previously switched from 4 to 8, ROM functions that use
time_t or dependent types (such as "struct stat") are no longer called due as
they still treat sizeof(time_t) as 4 (see commit
24c20d188e).

However, there is a ROM callpath that was left out. If putchar is the first
stdio print related call, the call path will result in cantwrite() ->
__swsetup_r() -> __smakebuf_r() -> __swhatbuf_r() using the ROM "struct stat"
(where sizeof(time_t)==4).

Instead of removing all printf related ROM newlib functions (which will result
in increased binary size), this commit adds a workaround to setup the stdio
files before any print related calls occur.

This results in cantwrite() always returning false, thus the callpath described
above never being reached.

Closes https://github.com/espressif/esp-idf/issues/9269
2022-08-21 15:27:50 +08:00
Laukik Hase
0071ea498f
esp_app_format: Fixed build errors and resolved dependencies 2022-08-17 10:59:31 +05:30
Marius Vikhammer
da91fb7a81 system: moved placement of disable rom log efuse in startup flow
Functions used for burning this efuse would log, but at this point
esp_log is not initialized. Moved to a later point in the startup process.

Closes https://github.com/espressif/esp-idf/issues/9457
2022-08-01 11:16:17 +08:00
Guillaume Souchere
6005cc9163 hal: Deprecate interrupt_controller_hal.h, cpu_hal.h and cpu_ll.h interfaces
This commit marks all functions in interrupt_controller_hal.h, cpu_ll.h and cpu_hal.h as deprecated.
Users should use functions from esp_cpu.h instead.
2022-07-22 00:06:06 +08:00
Ivan Grokhotkov
a334cd50ce
app_trace: perform initialization using ESP_SYSTEM_INIT_FN 2022-07-12 16:58:15 +02:00
Ivan Grokhotkov
0e53b32d2e
esp_hw_support: perform sleep initialization using ESP_SYSTEM_INIT_FN 2022-07-12 16:58:15 +02:00
Ivan Grokhotkov
bb771fb7c4
esp_timer: perform initialization using ESP_SYSTEM_INIT_FN
(startup.c still calls esp_timer_early_init directly)
2022-07-12 16:58:15 +02:00
Ivan Grokhotkov
523aacd413
esp_system: allow defining priorities for startup functions
* Some components have initialization dependencies. To account for
  them, simple numeric priority values are introduced.
* esp_system_init_fn_array moved into Flash from DRAM
* System init functions defined using ESP_SYSTEM_INIT_FN now return
  an error code. This enables simpler and more consistent error
  handling in the init functions. Returning an error from an init
  function is now a valid approach — the startup code will print
  an error and abort.
2022-07-12 16:58:14 +02:00
Cao Sen Miao
a690a87829 spi_flash: Remove legacy spi_flash drivers 2022-07-01 11:01:34 +08:00
Armando
cdad8a02fe esp_psram: remove g_spiram_ok 2022-06-14 15:44:27 +08:00
Armando
38e5043ae8 esp_psram: new psram component 2022-06-14 15:44:27 +08:00
Cao Sen Miao
6a2d3509dc spi_flash: Making XMC flash works more stable when brownout detected 2022-06-02 10:38:55 +08:00
Ivan Grokhotkov
81f2a94f9a
esp_system: make dependencies on vfs and esp_wifi optional 2022-05-02 20:47:17 +02:00
Marius Vikhammer
9274a062fb esp-system: removed esp_phy and nvs dependencies, change app update and pm to weak dependencies 2022-03-22 11:19:32 +08:00
Marius Vikhammer
bb88338118 system: move kconfig options out of target component
Moved the following kconfig options out of the target component:
 * ESP32_X_BROWNOUT_* -> esp_system
 * ESP32_X_DEBUG_OCDAWARE -> esp_system
 * APP_NO_BLOBS -> build type (main kconfig)
2022-03-02 01:22:26 +00:00
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
Ivan Grokhotkov
8df306ab60 freertos,esp_system: make dependencies on some components optional
Dependencies on gdbstub, espcoredump, app_trace will only be added
if these components are present in the build.
2021-12-13 18:39:49 +01:00
Cao Sen Miao
7f0a746e6a move brownout trax cache_int_err to private folder 2021-11-26 18:27:53 +08:00
Cao Sen Miao
eddc196081 esp_clk: refactor target/clk.h to private/esp_clk.h 2021-11-26 14:56:30 +08:00
Erhan Kurubas
4741682c50 startup: timer_early_init before calling esp_apptrace_tmo_init 2021-11-24 01:43:15 +01:00
morris
207891ef6c clk: fix esp32h2 print wrong CPU frequency 2021-11-15 17:40:51 +08:00
Cao Sen Miao
09487761cf ESP8684: add freertos, hal, esp_system support 2021-11-06 17:33:44 +08:00
Cao Sen Miao
adfb7bed96 vfs_usb_serial: set secondary selection for making usb port can output under default menu 2021-11-01 15:48:36 +08:00
Ivan Grokhotkov
249abb3fe8 esp_timer: allow querying the timer before esp_timer_init is called 2021-10-26 19:07:34 +08:00
Li Shuai
a939f7d34b light sleep: add software workaround for esp32s3 gpio reset issue 2021-10-20 11:36:22 +08:00
Chen Yu Dong
f0a96e586d pre-commit fix 2021-10-12 14:05:19 +08:00
alex.li
26d8b7ee17 Add HW external coexist api.
Simplify the external coex flow.

And replace gpio of driver interface with hal one.
2021-10-12 14:05:14 +08:00
Marius Vikhammer
4869b3cd4a WDT: Add support for XTAL32K Watchdog timer 2021-09-02 09:09:00 +08:00
Angus Gratton
c1ca7a35b0 ldgen: Remove some remaining references to TARGET.project.ld.in 2021-07-16 20:14:27 +08:00
Shu Chen
5e3689ae0f esp32h2: update esp_system and esp_hw_support to support esp32h2 2021-07-01 19:53:11 +08:00
Alexey Gerenkov
821869d98d apptrace: Refactors apptrace for better support various tracing HW 2021-06-24 13:16:13 +03:00
Jakob Hasse
64750acbb0 [esp_system]: added __cxx_eh_arena_size_get again
* This function has been accidentally removed.
  It is necessary to provide the emergency
  exception memory pool size for C++ code.
  Since our libstdc++ always has exceptions
  enabled, this function must exist here even if
  -fno-exception is set for user code.
2021-06-22 14:14:08 +08:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Jeroen Domburg
2c75f63f89 * ets_delay_us(1) has too much overhead; change logic
* Fix MR comments
2021-04-28 16:38:24 +08:00
Angus Gratton
94ac251091 Merge branch 'doc/general_notes' into 'master'
doc: Update docs about startup sequence and memory types

Closes IDF-2321, IDF-2409, and IDFGH-1540

See merge request espressif/esp-idf!12636
2021-04-05 23:51:25 +00:00
Renz Bagaporo
7d85c42e52 esp32: move brownout and cache err int setup 2021-03-31 19:13:03 +08:00
Angus Gratton
38af9dffe1 esp_system: Mark the startup array as 'const' to save RAM 2021-03-29 15:11:49 +11:00
Li Shuai
b3bc27972e light sleep: add software workaround for esp32c3 gpio reset issue 2021-03-25 15:03:09 +08:00