Commit Graph

477 Commits

Author SHA1 Message Date
Marius Vikhammer
4144451bdc bootloader: increase iram_loader_seq size on S2
Segment was full when compiling with -O0
2022-11-28 15:16:48 +08:00
laokaiyao
8677216576 esp32h2: renaming esp32h2 to esp32h4 2022-11-08 17:05:33 +08:00
KonstantinKondrashov
1f9260d790 all: Apply new version logic (major * 100 + minor) 2022-11-03 08:36:23 +00:00
wuzhenghui
66fb86972d bootloader: update bootloader memory map 2022-09-29 11:13:06 +08:00
wuzhenghui
1c820b0a6d esp32c6: add bootloader support 2022-09-26 20:24:52 +08:00
Roland Dobai
d08898aabc Merge branch 'fix/tools-gdbinit-with-elf-symbols' into 'master'
tools: fixed elf symbols load if gdbinit specified

Closes IDF-4991 and GCC-246

See merge request espressif/esp-idf!18089
2022-09-26 16:20:19 +08:00
Alexey Lapshin
29655fe22a tools: fixed elf symbols load if gdbinit specified
ROM and bootloader symbols add to use in GDB (via 'idf.py gdb')
2022-09-21 22:39:03 +04:00
Ivan Grokhotkov
c392c06216
cmake: remove -D prefix from COMPILE_DEFINITIONS property
Unlike COMPILE_OPTIONS, COMPILE_DEFINITIONS CMake property assumes
values without the -D prefix, such as NAME or NAME=VAL.
Previously, IDF build system was passing COMPILE_DEFINITIONS build
property to CMake COMPILE_OPTIONS property, so -D prefix was not
a problem.
Now that COMPILE_DEFINITIONS CMake property is used, -D prefix has
to be removed.

(Note that this doesn't affect 'target_compile_definitions' function,
which strips -D prefix before adding the definition to the property.)
2022-09-20 11:08:02 +02:00
Marius Vikhammer
572e79530c Merge branch 'bugfix/c2_skip_validate' into 'master'
bootloader: allow skip image validation on C2

Closes IDF-5827

See merge request espressif/esp-idf!19755
2022-09-06 14:21:15 +08:00
Omar Chebib
26c4550e6d Bootloader: retained memory can now be kept after reboot when custom data enabled
User's custom data are not taken into account during the CRC calculation anymore.
Which means taht the retained mem structure is not systematically erased
on each reboot anymore.
2022-08-31 03:23:30 +00:00
Marius Vikhammer
c36cd5238c bootloader: allow skip image validation on C2
BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP is not supported on C2 due to
no RTC memory, but BOOTLOADER_SKIP_VALIDATE_ALWAYS should still be
supported.
2022-08-25 16:51:44 +08:00
wuzhenghui
5e8ba9cea8 use enum and designated initializers in soc_memory_type define 2022-07-29 17:07:41 +08:00
wuzhenghui
2ad49a9be5 update bootloader.ld rom_boot ram usage info 2022-07-29 10:51:47 +08:00
wuzhenghui
d6461d91e2 update bootloader memory allocation 2022-07-29 10:51:47 +08:00
Jakob Hasse
33a3616635 refactor (bootloader_support, efuse)!: remove target-specific rom includes
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/

* Removed bootloader_reset_reason.h and
  bootloader_common_get_reset_reason() completely.
  Alternative in ROM component is available.

* made esp_efuse.h independent of target-specific rom header
2022-07-13 10:29:02 +08:00
Omar Chebib
3c9856bdd1 (Xtensa) Build: add .xt.prop and .xt.lit to the compiled ELF file
Adding prop and lit sections to the ELF will let the debugger and the disassembler
have more info about data bytes present in the middle of the Xtensa
instructions, usually used for padding.
2022-07-05 04:39:29 +00:00
Alexey Lapshin
69b317368e esp_system: Fix esp32c2/esp32c3/esp32h2 TLS size
The change fixes thread-local-storage size by removing .srodata section
from it. It initially was included in TLS section by mistake.
The issue was found when stack size increased after building applications
with GCC-11.1 compiler. Stack size became bigger because some new data
appeared in .srodata. See more details here:
adce62f53d
2022-06-27 03:29:08 +00:00
Ivan Grokhotkov
8ee3decdba
bootloader, esp_system: increase static allocation space for esp32s3
The previously used splits between memory allocated for ROM code,
2nd stage bootloader and the app were somewhat safe and conservative.
This resulted in some space being unavailable for static allocation
in the app.

This commit increases the space available for static allocation to the
maximum possible amount.

1. Some of the ROM code static allocation is only used in UART/USB/SPI
   download modes. This region ("shared buffers") has been placed at
   the lower end of ROM memory area, to be reusable in flash boot
   mode. The 2nd stage bootloader linker script is modified to "pack"
   all sections exactly up to the end but with roughly 8K margin between
   startup stacks.
2. Instead of calculating the sections placement and hardcoding the
   addresses in the LD script again, rewrite it to calculate the
   start address of each memory region automatically based on the
   logic above.
3. Adjust the app memory layout (SRAM_IRAM_END) accordingly,
   increasing the space available for static allocation.

Overall these changes increase the space available for static
allocation by about 78kB.

The downside of these changes is that the 2nd stage bootloader .data
segment is now directly adjacent to the startup stack on the PRO CPU.
Previously, there was effectively about 78kB of extra stack space for
the PRO CPU, before the stack would run into the data segment.
2022-06-15 17:57:11 +05:30
KonstantinKondrashov
b4d14902e7 bootloader: Allows app partition length not 64KB aligned for NO SECURE BOOT 2022-06-02 22:40:12 +08:00
Djordje Nedic
facab8c5a7 tools: Increase the minimal supported CMake version to 3.16
This updates the minimal supported version of CMake to 3.16, which in turn enables us to use more CMake features and have a cleaner build system.
This is the version that provides most new features and also the one we use in our latest docker image for CI.
2022-06-01 06:35:02 +00:00
KonstantinKondrashov
505e18237a bootloader: Support Flash Encryption for ESP32-C2 2022-05-31 11:12:21 +00:00
jingli
e70c434780 fix compile error for esp32c2, since esp32c2 no longer support RTC fast mem 2022-05-27 19:29:38 +08:00
Marius Vikhammer
0687daf2c8 kconfig: move remaining kconfig options out of target component
The kconfig options are moved to the component where they are used,
mostly esp_hw_support and esp_system.
2022-05-23 17:57:45 +08:00
Sachin Parekh
2c725264f7
esp32c2: Support Secure Boot V2 based on ECDSA scheme 2022-05-11 18:00:03 +05:30
Gustavo Henrique Nihei
8ffb157791 bootloader: Create option for enabling memory region protection
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2022-05-03 09:58:25 -03:00
Marius Vikhammer
d2872095f9 soc: moved kconfig options out of the target component.
Moved the following kconfig options out of the target component:
 * CONFIG_ESP*_DEFAULT_CPU_FREQ* -> esp_system
 * ESP*_REV_MIN -> esp_hw_support
 * ESP*_TIME_SYSCALL -> newlib
 * ESP*_RTC_* -> esp_hw_support

Where applicable these target specific konfig names were merged into
a single common config, e.g;
CONFIG_ESP*_DEFAULT_CPU_FREQ -> CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
2022-04-21 12:09:43 +08:00
Mahavir Jain
03aafb5d52 bootloader: use SOC capability macros for security features related configuration 2022-04-01 09:38:34 +00:00
KonstantinKondrashov
754a563750 esp32c3: Adds ECO4 revision 2022-03-30 00:09:46 +08:00
Michael (XIAO Xufeng)
aab535fe4a Merge branch 'bugfix/regi2c_ctrl_spinlock_s2' into 'master'
hw_support: fixed regi2c not protected by lock on ESP32S2

See merge request espressif/esp-idf!16653
2022-03-13 02:47:53 +08:00
Michael (XIAO Xufeng)
d5bdf95580 hw_support: fixed regi2c not protected by lock on ESP32S2 2022-03-13 00:24:08 +08:00
Armando (Dou Yiwen)
6ed3ffbbf1 Merge branch 'refactor/remove_redundant_rom_cache_dependency' into 'master'
cache: remove redundant rom cache dependency in bootloader

Closes IDF-4523

See merge request espressif/esp-idf!17077
2022-03-12 10:11:39 +08:00
Armando
c1cbd7bbf6 cache/mmu: implememnt cache and mmu hal APIs in bootloader 2022-03-11 22:43:11 +08:00
KonstantinKondrashov
21dd929c72 bootloader: Adds a level selection for the app's test pin.
Closes https://github.com/espressif/esp-idf/issues/8332
2022-03-09 19:52:37 +08:00
KonstantinKondrashov
9605f3eb1a soc: Adds efuse hal
Replaced eFuse ROM funcs with hal layer
2022-02-24 22:20:09 +08:00
KonstantinKondrashov
ebdc52d4e2 efuse(esp32c2): Support eFuse key APIs 2022-02-01 17:30:31 +08:00
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
morris
869bed1bb5 soc: don't expose unstable soc header files in public api 2022-01-06 23:10:22 +08:00
Cao Sen Miao
3a4db97cec spi_flash: move patch files to common rom patch folder 2021-12-30 14:05:12 +08:00
Jakob Hasse
64a355eba8 feat (bootloader): added rng sampling
Set maximum RNG query frequency to save value known from tests
2021-12-27 13:59:20 +08:00
Ivan Grokhotkov
7056fd3129 bootloader: don't add nonexistent directories to EXTRA_COMPONENT_DIRS 2021-12-14 19:17:53 +01:00
Cao Sen Miao
e81841318f CI: Enable ESP8684 build stage CI on master 2021-12-13 19:18:47 +08:00
Roland Dobai
766aa57084 Build & config: Remove leftover files from the unsupported "make" build system 2021-11-11 15:32:36 +01:00
Cao Sen Miao
bf6fa70812 ESP8684: update bootloader, bootloader_support, esp_rom 2021-11-06 17:33:44 +08:00
Sachin Parekh
8ff3dbc05d secure_boot: Added Kconfig option for aggressive key revoke
Applicable to S2, C3, and S3
2021-10-22 12:20:14 +05:30
Ivan Grokhotkov
5bfd10113a bootloader: fix adding bootloader_components to EXTRA_COMPONENT_DIRS 2021-10-06 10:17:19 +02:00
Mahavir Jain
8c3287e0db Merge branch 'docs/add_note_for_esp32_sec_dl_mode' into 'master'
bootloader: add note about secure download mode for ESP32 target

Closes IDFGH-5857

See merge request espressif/esp-idf!15304
2021-09-30 04:00:50 +00:00
Mahavir Jain
3cff291f95
bootloader: add note about secure download mode for ESP32 target
Closes IDFGH-5857
Closes https://github.com/espressif/esp-idf/issues/7557
2021-09-22 15:37:40 +05:30
Sachin Parekh
c4e445b6f3 secure_boot: Enable --no-stub if secure boot enabled
ROM code doesn't allow loader stub to be executed in case secure boot in
enabled. Providing --no-stub flag to esptool allows user to flash new
firmware, given download mode hasn't been disabled
2021-09-22 12:45:46 +05:30
Sachin Parekh
bf1dde7233 bootloader: Enable clock glitch detection
Reset the device when clock glitch detected. Clock glitch detection is
only active in bootloader
2021-09-02 12:25:12 +05:30
Sachin Parekh
2d82560ed5 bootloader: Enable Secure boot V2 for ESP32-S3 2021-08-19 14:08:12 +05:30
Mahavir Jain
012c9e26a4 Merge branch 'fixes/secure_boot' into 'master'
secure_boot/esp32(s2,c3): Disable read protecting of efuses

See merge request espressif/esp-idf!14769
2021-08-17 05:05:00 +00:00
Sachin Parekh
f430e86c0f secure_boot/esp32(s2,c3): Disable read protecting of efuses
When secure boot is enabled, disable the ability to read protect
efuses that contain the digest.
2021-08-13 13:41:59 +05:30
Michael (XIAO Xufeng)
dd40123129 bootloader: add xmc spi_flash startup flow to improve reliability 2021-08-12 17:22:42 +08:00
Wu Zheng Hui
fb7894382b Merge branch 'bugfix/fix_c3_bootloader_ld_addr_err' into 'master'
update c3 bootloader ld rom addr info

See merge request espressif/esp-idf!14168
2021-07-31 05:43:58 +00:00
SalimTerryLi
2347e68e6b
soc: move peripheral linker scripts out of target component 2021-07-22 12:55:01 +08:00
KonstantinKondrashov
4ccb5515ef fpga/bootloader: Fix LoadProhibited error when bootloader_fill_random() is not in iram_loader_seg 2021-07-16 10:50:06 +10:00
Angus Gratton
072232a934 docs: Expand bootloader section
- Cover customization options
- Cross-link to the "general notes" section which explains the low-level details

Closes IDF-313
2021-07-13 17:33:53 +10:00
Angus Gratton
4fe4df8770 Merge branch 'feature/bootloader_pin_level_pr7089' into 'master'
bootloader: Add configurable pin level for factory reset (PR)

Closes IDFGH-5337

See merge request espressif/esp-idf!13956
2021-07-13 05:39:25 +00:00
Angus Gratton
6bbb58c8c2 bootloader: Small cleanup and docs for factory reset level config
- Add to docs & config descriptions
- Change to a "choice" to become self-documenting
- Keep the bootloader_common_check_long_hold_gpio() function for compatibility
2021-07-05 12:08:36 +08:00
chegewara
fb7234a13d bootloader: Add selectable level for factory reset pin
Closes https://github.com/espressif/esp-idf/pull/7089
2021-07-05 12:08:36 +08:00
Omar Chebib
a79acb413e bootloader: override the 2nd stage bootloader
Add the possibility to have user bootloader components. This is performed
from an application/project, by creating bootloader components. To do so,
it is required to create a `bootloader_component` directory containing
the custom modules to be compiled with the bootloader.

Thanks to this, two solutions are available to override the bootloader now:
- Using hooks within a user bootloader component
- Using a user defined `main` bootloader component to totally override the
  old implementation

Please check the two new examples in `examples/custom_bootloader`

* Closes https://github.com/espressif/esp-idf/issues/7043
2021-07-05 10:25:32 +08:00
Shu Chen
75bd02bd46 esp32h2: add some more fixes and TODOs 2021-07-01 20:36:39 +08:00
wuzhenghui
112372d598 update rom bootloader addr info 2021-07-01 19:53:50 +08:00
Shu Chen
2df4ddf998 esp32h2: fixes after rebase 2021-07-01 19:53:50 +08:00
Shu Chen
c0056813f2 esp32h2: add bootloader support 2021-07-01 19:53:11 +08:00
wuzhenghui
a59eb2d607 update c3 bootloader ld addr info 2021-06-28 10:51:06 +08:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Anton Maklakov
343cc5025b make build system: fix build for undefined _lock_* funcs 2021-06-07 12:53:45 +07:00
Jan Brudný
dffe49f305 bootloader: update copyright notice 2021-06-02 14:22:09 +02:00
Michael (XIAO Xufeng)
d6680b689b Merge branch 'feature/s3beta3_crypto_bringup' into 'master'
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc

Closes IDF-3004

See merge request espressif/esp-idf!12960
2021-05-19 11:22:05 +00:00
Marius Vikhammer
9b4ba3d707 crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc 2021-05-18 11:25:41 +08:00
Angus Gratton
ede477ea65 paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-05-18 01:32:59 +00:00
Jakob Hasse
fc22e3c645 [system]: Made longjmp save for context switch
* Patched longjmp to be context-switch safe
  longjmp modifies the windowbase and windowstart
  registers, which isn't safe if a context switch
  occurs during the modification. After a context
  switch, windowstart and windowbase will be
  different, leading to a wrongly set windowstart
  bit due to longjmp writing it based on the
  windowbase before the context switch. This
  corrupts the registers at the next window
  overflow reaching that wrongly set bit.

  The solution is to disable interrupts during
  this code. It is only 6 instructions long,
  the impact shouldn't be significant.

  The fix is implemented as a wrapper which
  replaces the original first instructions of
  longjmp which are buggy. Then, it jumps back
  to execute the rest of the original longjmp
  function.

  Added a comparably reliable test to the
  test apps.
2021-04-23 15:55:31 +08:00
Angus Gratton
6f6b4c3983 cmake partition_table: Check binaries fit in partition spaces at build time
- Bootloader is checked not to overlap partition table
- Apps are checked not to overlap any app partition regions

Supported for CMake build system only.

Closes https://github.com/espressif/esp-idf/pull/612
Closes https://github.com/espressif/esp-idf/issues/5043
Probable fix for https://github.com/espressif/esp-idf/issues/5456
2021-04-16 16:40:47 +10:00
KonstantinKondrashov
fd867a11df bootloader: Suppress a Cmake warning - variables were not used by the project
Manually-specified variables were not used by the project: SECURE_BOOT_SIGNING_KEY
2021-04-13 11:28:13 +00:00
KonstantinKondrashov
9f932a2a18 bootloader: Fix error in Make build system when signature options is on 2021-04-13 11:28:13 +00:00
KonstantinKondrashov
4e23f9f3b7 secure_boot_v2: Adds support SB_V2 for ESP32-C3 ECO3 2021-04-07 19:52:44 +08:00
Angus Gratton
97ea00f355 Merge branch 'doc/flash_encryption_development' into 'master'
doc: Mention Flash Encryption on the host is possible in Release mode

Closes IDFGH-4074

See merge request espressif/esp-idf!12721
2021-04-06 08:13:43 +00:00
Angus Gratton
e97ae26f48 doc: Mention pre-encrypting on the host is possible in Release mode
Closes https://github.com/espressif/esp-idf/issues/5945
2021-04-06 16:58:58 +10:00
Angus Gratton
fda565a5bf Merge branch 'bugfix/partition_table_depends_esptoolpy' into 'master'
esptool_py: Fix issue where build with limited components doesn't include esptool_py

Closes IDFGH-4876 and IDFGH-4874

See merge request espressif/esp-idf!12653
2021-03-31 01:30:33 +00:00
Marius Vikhammer
8ac74082f1 soc: add dummy bytes to ensure instr prefetch always valid
The CPU might prefetch instructions, which means it in some cases
will try to fetch instruction located after the last instruction in
flash.text.

Add dummy bytes to ensure fetching these wont result in an error,
 e.g. MMU exceptions
2021-03-29 13:50:03 +08:00
Aditya Patwardhan
2095148b31 bootloader/ ESP32_ECO3: Do not disable UART download mode by default 2021-03-23 08:15:32 +00:00
Angus Gratton
1581744c10 Merge branch 'feature/main_task_affinity_pr6627' into 'master'
Allow selection of different core for main task

Closes IDFGH-4828

See merge request espressif/esp-idf!12654
2021-03-22 06:46:24 +00:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)
- ESP32 ECO3, ESP32-S2/C3/S3
2021-03-15 12:30:20 +00:00
Angus Gratton
6f362b9383 bootloader: Add config options to skip validation of app for minimum boot time 2021-03-10 14:00:46 +11:00
0xFEEDC0DE64
6928db7670 Allow selection of different core for main task
Closes https://github.com/espressif/esp-idf/pull/6627
2021-03-09 10:13:28 +11:00
Angus Gratton
9c03f04769 esptool_py: Add esptool_py as a dependency for any component that uses it
Many components uses esptool_py_flash_target function, they all should
explicitly requier the esptool_py component.

Related to https://github.com/espressif/esp-idf/issues/6670
2021-03-08 19:47:38 +11:00
Angus Gratton
90ec0b0327 bootloader: Allow 'silent assert' config to work in bootloader
Requires adding the 'newlib' component to the bootloader project, for
platform_include header.
2021-03-03 10:26:57 +11:00
Angus Gratton
cbc58b85e2 Merge branch 'feature/adds_check_in_app_that_flash_enc_is_on' into 'master'
bootloader: Adds a check that app is run under FE

Closes IDF-640

See merge request espressif/esp-idf!12368
2021-02-25 22:39:13 +00:00
Angus Gratton
501af6dfa2 Merge branch 'feature/secure_boot_revoke_check' into 'master'
secure_boot: Checks secure boot efuses

Closes IDF-2609

See merge request espressif/esp-idf!12148
2021-02-25 22:38:42 +00:00
Renz Bagaporo
5e8799bbfe esp_common: move some headers 2021-02-24 12:16:37 +08:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
11a2f2acd3 bootloader: Adds a check that app is run under FE 2021-02-15 20:33:50 +08:00
Angus Gratton
2c39010b3b Merge branch 'bugfix/anti_rollback_without_test_app' into 'master'
bootloader: Anti-rollback mode doesn't run test_app

See merge request espressif/esp-idf!12225
2021-02-09 14:16:51 +08:00
Yann Pomarède
ee400f8b68 bootloader: SECURE_ENABLE_SECURE_ROM_DL_MODE cannot be y when SECURE_DISABLE_ROM_DL_MODE=y
Closes: https://github.com/espressif/esp-idf/pull/6442
2021-02-05 18:38:17 +08:00
KonstantinKondrashov
25ac1d4d28 bootloader: Anti-rollback mode doesn't run test_app
- Cmake shows an error if the partition table has a test app.
- BOOTLOADER_APP_TEST depends on !BOOTLOADER_APP_ANTI_ROLLBACK.
- Bootloader does not boot the test app if secure version is low.

Closes: https://www.esp32.com/viewtopic.php?f=13&t=19164&p=71302#p71302
2021-02-01 23:24:23 +08:00
Mahavir Jain
e712a91488 spi_flash: add config option to enable encrypted partition read/write
This feature can be disabled to save some IRAM (approx 1KB) for cases
where flash encryption feature is not required.
2021-01-28 12:19:21 +00:00
Angus Gratton
fe8a891de9 Merge branch 'feature/support_esp32c3_master_cmake_secure_boot' into 'master'
bootloader/esp32c3: Support secure boot

Closes IDF-2115

See merge request espressif/esp-idf!11797
2021-01-21 08:42:49 +08:00
Li Shuai
6ef2a7def0 bootloader: fix external 32k xtal not found error 2021-01-20 16:51:20 +08:00
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00