Commit Graph

105 Commits

Author SHA1 Message Date
Jiang Jiang Jian
303ad716b6 Merge branch 'bugfix/bootloader_custom_rtc_data_crc' into 'release/v4.4'
fix(bootloader): add legacy retained memory CRC calculation (backport v4.4)

See merge request espressif/esp-idf!28142
2024-03-04 10:36:39 +08:00
Xiao Xufeng
87182c9c76 doc(spi_flash): hide unsupported optional features 2024-02-02 10:33:59 +08:00
Xiao Xufeng
7bfc2b0418 spi_flash: fixed issue that enabling HPM-DC by default may cause app unable to restart 2024-02-02 10:33:59 +08:00
Omar Chebib
dbe4d156fe fix(bootloader): add legacy retained memory CRC calculation
* Closes https://github.com/espressif/esp-idf/issues/12849

In former versions of ESP-IDF, the user custom memory data in the retained memory
was taken into account during the CRC calculation. This was changed in a later
commit, the custom memory was ignored, therefore this can seen as a breaking change.
This commit gives the possibility to choose between the former (legacy) or new way of calculating the CRC.
2023-12-28 11:01:33 +08:00
KonstantinKondrashov
2c46d5442f kconfigs: Fix config issues raised by gen_kconfig_doc.py 2023-03-03 22:26:39 +00:00
KonstantinKondrashov
a86c80e3ec all: Apply new version logic (major * 100 + minor) 2023-03-03 22:26:39 +00:00
Mahavir Jain
7a8fe58dd6
docs: Fix Secure DL mode documentation about flash read being unsupported
Simple flash read command is not supported if Secure DL mode is enabled on the target.
Remove reference of this from the relevant docs part.

Related: https://github.com/espressif/esptool/issues/810
Related: ESPTOOL-567
Closes IDF-6468
2022-12-16 11:52:54 +05:30
Omar Chebib
465577dd28 Bootloader: retained memory can now be kept after reboot when custom data enabled
User's custom data are not taken into account during the CRC calculation anymore.
Which means taht the retained mem structure is not systematically erased
on each reboot anymore.
2022-12-01 16:34:59 +08:00
Gustavo Henrique Nihei
477d11e9c1 bootloader: Create option for enabling memory region protection
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2022-05-16 09:39:51 -03:00
KonstantinKondrashov
73164b87ae esp32c3: Adds ECO4 revision 2022-04-20 08:40:56 +00:00
Sachin Parekh
7fe2a4815d secure_boot: Added Kconfig option for aggressive key revoke
Applicable to S2, C3, and S3
2021-11-09 15:19:47 +05:30
Mahavir Jain
8c3287e0db Merge branch 'docs/add_note_for_esp32_sec_dl_mode' into 'master'
bootloader: add note about secure download mode for ESP32 target

Closes IDFGH-5857

See merge request espressif/esp-idf!15304
2021-09-30 04:00:50 +00:00
Mahavir Jain
3cff291f95
bootloader: add note about secure download mode for ESP32 target
Closes IDFGH-5857
Closes https://github.com/espressif/esp-idf/issues/7557
2021-09-22 15:37:40 +05:30
Sachin Parekh
c4e445b6f3 secure_boot: Enable --no-stub if secure boot enabled
ROM code doesn't allow loader stub to be executed in case secure boot in
enabled. Providing --no-stub flag to esptool allows user to flash new
firmware, given download mode hasn't been disabled
2021-09-22 12:45:46 +05:30
Sachin Parekh
2d82560ed5 bootloader: Enable Secure boot V2 for ESP32-S3 2021-08-19 14:08:12 +05:30
Mahavir Jain
012c9e26a4 Merge branch 'fixes/secure_boot' into 'master'
secure_boot/esp32(s2,c3): Disable read protecting of efuses

See merge request espressif/esp-idf!14769
2021-08-17 05:05:00 +00:00
Sachin Parekh
f430e86c0f secure_boot/esp32(s2,c3): Disable read protecting of efuses
When secure boot is enabled, disable the ability to read protect
efuses that contain the digest.
2021-08-13 13:41:59 +05:30
Michael (XIAO Xufeng)
dd40123129 bootloader: add xmc spi_flash startup flow to improve reliability 2021-08-12 17:22:42 +08:00
Angus Gratton
072232a934 docs: Expand bootloader section
- Cover customization options
- Cross-link to the "general notes" section which explains the low-level details

Closes IDF-313
2021-07-13 17:33:53 +10:00
Angus Gratton
6bbb58c8c2 bootloader: Small cleanup and docs for factory reset level config
- Add to docs & config descriptions
- Change to a "choice" to become self-documenting
- Keep the bootloader_common_check_long_hold_gpio() function for compatibility
2021-07-05 12:08:36 +08:00
chegewara
fb7234a13d bootloader: Add selectable level for factory reset pin
Closes https://github.com/espressif/esp-idf/pull/7089
2021-07-05 12:08:36 +08:00
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Michael (XIAO Xufeng)
d6680b689b Merge branch 'feature/s3beta3_crypto_bringup' into 'master'
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc

Closes IDF-3004

See merge request espressif/esp-idf!12960
2021-05-19 11:22:05 +00:00
Marius Vikhammer
9b4ba3d707 crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc 2021-05-18 11:25:41 +08:00
Angus Gratton
ede477ea65 paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-05-18 01:32:59 +00:00
KonstantinKondrashov
4e23f9f3b7 secure_boot_v2: Adds support SB_V2 for ESP32-C3 ECO3 2021-04-07 19:52:44 +08:00
Angus Gratton
e97ae26f48 doc: Mention pre-encrypting on the host is possible in Release mode
Closes https://github.com/espressif/esp-idf/issues/5945
2021-04-06 16:58:58 +10:00
Aditya Patwardhan
2095148b31 bootloader/ ESP32_ECO3: Do not disable UART download mode by default 2021-03-23 08:15:32 +00:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)
- ESP32 ECO3, ESP32-S2/C3/S3
2021-03-15 12:30:20 +00:00
Angus Gratton
6f362b9383 bootloader: Add config options to skip validation of app for minimum boot time 2021-03-10 14:00:46 +11:00
Angus Gratton
cbc58b85e2 Merge branch 'feature/adds_check_in_app_that_flash_enc_is_on' into 'master'
bootloader: Adds a check that app is run under FE

Closes IDF-640

See merge request espressif/esp-idf!12368
2021-02-25 22:39:13 +00:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
11a2f2acd3 bootloader: Adds a check that app is run under FE 2021-02-15 20:33:50 +08:00
Angus Gratton
2c39010b3b Merge branch 'bugfix/anti_rollback_without_test_app' into 'master'
bootloader: Anti-rollback mode doesn't run test_app

See merge request espressif/esp-idf!12225
2021-02-09 14:16:51 +08:00
Yann Pomarède
ee400f8b68 bootloader: SECURE_ENABLE_SECURE_ROM_DL_MODE cannot be y when SECURE_DISABLE_ROM_DL_MODE=y
Closes: https://github.com/espressif/esp-idf/pull/6442
2021-02-05 18:38:17 +08:00
KonstantinKondrashov
25ac1d4d28 bootloader: Anti-rollback mode doesn't run test_app
- Cmake shows an error if the partition table has a test app.
- BOOTLOADER_APP_TEST depends on !BOOTLOADER_APP_ANTI_ROLLBACK.
- Bootloader does not boot the test app if secure version is low.

Closes: https://www.esp32.com/viewtopic.php?f=13&t=19164&p=71302#p71302
2021-02-01 23:24:23 +08:00
Mahavir Jain
e712a91488 spi_flash: add config option to enable encrypted partition read/write
This feature can be disabled to save some IRAM (approx 1KB) for cases
where flash encryption feature is not required.
2021-01-28 12:19:21 +00:00
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
morris
9de6cba434 ci: add more build test for esp32-s3 2020-10-27 17:22:17 +08:00
KonstantinKondrashov
5f975a8168 bootloader: Change range of the factory reset pin in Kconfig
Closes: https://github.com/espressif/esp-idf/issues/5489
2020-10-20 21:28:37 +08:00
me-no-dev
b64fd872bc Allow esptool's download stub to be disabled by other options and applications
Currently USB CDC Download requires the `--no-stub` option of `esptool`. This change inverts the Kconfig option to negative, so that it can be `selected` by other options or enabled in applications through `sdkconfig.defaults`.
2020-09-16 03:25:53 +00:00
Supreet Deshpande
e640e148cf Secure boot v2 support for ESP32-S2 2020-07-27 00:01:10 +00:00
Angus Gratton
3755fb6597 Merge branch 'feature/add_esp32s3_bootloader_ld_file' into 'master'
move part of esp32-s3 codes to master (bootloader linker, esp32s3 empty componnet)

See merge request espressif/esp-idf!9608
2020-07-21 14:51:04 +08:00
Angus Gratton
5c58564f90 Merge branch 'feature/support_for_esp32_pico_v3_02' into 'master'
psram: support for esp32-pico-v3-02

See merge request espressif/esp-idf!9405
2020-07-21 13:28:26 +08:00
Angus Gratton
c09fdc0b09 esp32: Use package identifier to look up SPI flash/PSRAM WP Pin, unless overridden
Allows booting in QIO/QOUT mode or with PSRAM on ESP32-PICO-V3 and
ESP32-PICO-V3-O2 without any config changes.

Custom WP pins (needed for fully custom circuit boards) should still be compatible.
2020-07-20 14:08:49 +08:00
morris
b587428e5d bootloader: make bootloader offset address in flash configurable 2020-07-20 10:51:05 +08:00
Ivan Grokhotkov
eff6a1eaab bootloader: fix SECURE_TARGET_HAS_SECURE_ROM_DL_MODE enabled for esp32 2020-07-17 21:04:08 +02:00
Angus Gratton
f64ae4fa99 efuse: Add 'disable Download Mode' & ESP32-S2 'Secure Download Mode' functionality 2020-05-28 17:50:45 +10:00
Felipe Neves
6f27992430 flash_encryption: return more clear error codes when bootloader encryption fails 2020-04-24 12:43:47 -03:00