Commit Graph

32 Commits

Author SHA1 Message Date
Angus Gratton
52413e9925 Merge branch 'feature/signature_verify_updates_v3.1' into 'release/v3.1'
secure boot: Support signed app verification without hardware secure boot  (backport v3.1)

See merge request idf/esp-idf!3184
2018-09-18 07:56:12 +08:00
Renz Bagaporo
7edf2bf66c cmake: make main a component again 2018-09-13 11:13:27 +08:00
Angus Gratton
b069b31a2c secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-09-04 19:10:02 +08:00
Angus Gratton
7f50bb7e7f Merge branch 'release/v3.1' into feature/cmake_v3.1 2018-08-17 14:14:10 +10:00
Angus Gratton
e1e4e08fa8 app_update: Don't double-verify secure boot signature during OTA
esp_image_load() already verifies the signature
2018-07-23 13:45:55 +10:00
Angus Gratton
6b9784cc45 Merge branch 'master' into feature/cmake_update 2018-05-31 14:46:23 +10:00
Ivan Grokhotkov
cb649e452f remove executable permission from source files 2018-05-29 20:07:45 +08:00
Nicola Lunghi
ed1f4e50df cmakelists: move spi_flash to COMPONENT_REQUIRES
in the include file esp_ota_ops.h "esp_partition.h" is included.
This is from spi_flash so component that requires app_update also will need that

this fixes this error:

  In file included from ../components/esp32-homie/ota.c:11:0:
  /esp-idf/components/app_update/include/esp_ota_ops.h:22:27: fatal error: esp_partition.h: No such file or directory

Signed-off-by: Nicola Lunghi <25422924+nicola-lunghi@users.noreply.github.com>

Merges https://github.com/espressif/esp-idf/pull/1947
2018-05-29 16:34:45 +10:00
Angus Gratton
1cb5712463 cmake: Add component dependency support
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
4f1a856dbf cmake: Remove defaults for COMPONENT_SRCDIRS, COMPONENT_SRCS, COMPONENT_ADD_INCLUDEDIRS
* Philosophical: "explicit is better than implicit".
* Practical: Allows useful errors if invalid directories given in components as the defaults aren't
  always used. Also trims the -I path from a number of components that have no actual include
  directory.
* Simplifies knowing which components will be header-only and which won't
2018-04-30 09:59:20 +10:00
Angus Gratton
c671a0c3eb build system: Initial cmake support, work in progress 2018-04-30 09:59:20 +10:00
Angus Gratton
2f318d16fa log: Make ESP_LOGx macros into single statements
Requires a semicolon after any use (previously this was optional due to trailing } after expansion)

Closes https://github.com/espressif/esp-idf/issues/1757
2018-04-26 09:08:07 +10:00
Angus Gratton
3dfcc312c8 ota_ops: Fix get_selected_boot_partition() in case there is no factory partition
get_selected_boot_partition() now follows the same basic logic as the bootloader to find the
default boot partition.
2017-09-04 17:37:28 +10:00
Angus Gratton
5eef5e7a5d bootloader: Fallback if OTA data is invalid
Make bootloader more robust if either OTA data or some OTA app slots are corrupt.
2017-08-15 09:42:19 +10:00
Angus Gratton
17adb40ca8 bootloader: Calculate SHA256 hash of image on every boot
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
2017-07-19 18:31:59 +10:00
Angus Gratton
0c8888d68f bootloader: Combine loading from flash & verifying to save boot time
Still needs updating to account for secure boot.
2017-07-19 18:25:17 +10:00
Deomid Ryabkov
516c708fc7 Enable checks for encrypted flash in OTA
Even if firmware is compiled without CONFIG_FLASH_ENCRYPTION_ENABLED
Rayionale: CONFIG_FLASH_ENCRYPTION_ENABLED controls whether boot loader
generates keys for encryption or not, but flash encryption can be
configured externally. With this change, it's possible to have boot
loader not generate keys but still have encryption working.

Also fix use of it->part
2017-04-11 19:10:26 +08:00
Tian Zhong Xing
c3d5f8e766 app_update: fix logic error when update ota info 2017-02-22 10:26:04 +11:00
Angus Gratton
080350a745 ota ops: Rewrite esp_ota_get_next_update_partition() to be more predictable, add unit tests 2017-02-22 10:26:04 +11:00
Angus Gratton
902382f622 ota ops: Verify partition argument passed to esp_ota_begin() 2017-02-22 10:26:04 +11:00
Angus Gratton
25f739c183 ota ops: Add new functions esp_ota_get_next_update_partition / esp_ota_get_running_partition
* Update OTA example to use these.
* Refactor esp_ota_begin() to return ESP_ERR_OTA_PARTITION_CONFLICT as documented
2017-02-22 10:24:42 +11:00
Angus Gratton
1f3a2e900c docs: Improve/clarify partition, OTA & SPI flash docs
Related to #313 https://github.com/espressif/esp-idf/issues/313
2017-02-20 15:31:42 +11:00
Angus Gratton
2d5162dc3c OTA: Always clean up OTA handle regardless of esp_ota_end() result
As reported on forum: http://esp32.com/viewtopic.php?f=14&t=1093
2017-02-03 10:07:30 +11:00
Angus Gratton
eea2788f5a OTA: Fix issues with encrypted OTA
- OTA source can write non-16-byte multiples of data
- Assumption that empty ota_data is 0xFFFFFFFF untrue when encrypted
2017-01-26 18:52:35 +11:00
Angus Gratton
67336672bd OTA: Improve verification of OTA image before writing, incl. secure boot
Verify 0xE9 magic byte on first write, verify entire image before
switching.

Enable verification for secure boot signature (was using invalid ifdef
guard)
2017-01-26 16:20:06 +11:00
Angus Gratton
813395adcb OTA: Fall back to factory partition if ota data partition is invalid 2017-01-26 16:20:06 +11:00
Chen Wu
d0fccbce15 examples: Add OTA demo 2016-12-29 17:37:17 +08:00
tzx
25e4e21226 app_update: clean up warning log when compile any project 2016-12-07 13:49:53 -08:00
Wu Jian Gang
099e3030bf Merge branch 'bugfix/init_factory_bin' into 'master'
bugfix/init_factory_bin: fix inconsistency between bootloader and OTA code

init_factory_bin: 2nd bootloader use a wrong logic select factory  image to boot,and some bug in OTA code 

See merge request !266
2016-12-01 16:14:42 +08:00
tzx
9b2cad4174 docs: fix return error of ota docs and fix ota.rst 2016-12-01 13:54:25 +08:00
tzx
2092d14e45 app_update: fix inconsistency between bootloader and OTA code 2016-12-01 13:46:02 +08:00
Tian Zhong Xing
72422b32dc feature/fota_ops_api: add ota core api implement 2016-11-28 17:12:57 +08:00