Commit Graph

17 Commits

Author SHA1 Message Date
morris
458b14a8ea esp_rom: extract common efuse apis into esp_rom_efuse.h 2020-07-15 10:40:50 +08:00
Angus Gratton
d40c69375c bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-02-27 14:37:19 +05:30
Supreet Deshpande
a9ccc5e5c8 feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:28:22 +05:30
morris
e30cd361a8 global: rename esp32s2beta to esp32s2 2020-01-22 12:14:38 +08:00
Angus Gratton
24d26fccde Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 13:44:24 +10:00
Angus Gratton
c8570ffa6d bootloader_support: Add C++ header guards
As reported on forum https://esp32.com/viewtopic.php?f=13&t=11173&p=45470
2019-06-26 11:26:56 +10:00
suda-morris
61ce868396 make bootloader_support support esp32s2beta 2019-06-11 13:07:02 +08:00
Konstantin Kondrashov
399d2d2605 all: Using xxx_periph.h
Using xxx_periph.h in whole IDF instead of xxx_reg.h, xxx_struct.h, xxx_channel.h ... .

Cleaned up header files from unnecessary headers (releated to soc/... headers).
2019-06-03 14:15:08 +08:00
Anurag Kar
62b0d51c02 Enable secure boot only after encrypting flash
This prevents a device from being bricked in case when both secure boot & flash encryption are enabled and encryption gets interrupted during first boot. After interruption, all partitions on the device need to be reflashed (including the bootloader).

List of changes:
* Secure boot key generation and bootloader digest generation logic, implemented inside function esp_secure_boot_permanently_enable(), has been pulled out into new API esp_secure_boot_generate_digest(). The enabling of R/W protection of secure boot key on EFUSE still happens inside esp_secure_boot_permanently_enable()
* Now esp_secure_boot_permanently_enable() is called only after flash encryption process completes
* esp_secure_boot_generate_digest() is called before flash encryption process starts
2019-04-10 18:17:58 +05:30
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Angus Gratton
17adb40ca8 bootloader: Calculate SHA256 hash of image on every boot
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
2017-07-19 18:31:59 +10:00
Angus Gratton
43b99edf2b bootloader: Calculate SHA-256 of image while loading/verifying 2017-07-19 18:25:17 +10:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Angus Gratton
e459f803da secure boot: Functional partition table & app signature verification 2016-11-14 11:08:42 +11:00
Angus Gratton
fe66dd85f0 secure boot: Enable based on sdkconfig, remove "secure boot flag" from binary image 2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399 Secure boot: initial image signature support 2016-11-14 11:08:42 +11:00
Angus Gratton
98a0387854 bootloader_support: Move secure boot code to bootloader_support 2016-11-08 11:13:54 +11:00