Commit Graph

29 Commits

Author SHA1 Message Date
Angus Gratton
b26f93415e secure boot v2: Add anti-FI check that secure boot not enabled yet
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-04-24 15:03:31 +10:00
Angus Gratton
fc4b653729 secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled 2020-04-24 15:03:03 +10:00
Angus Gratton
fc0d6a99f8 secure boot v2: Don't log warnings when BLK2 is empty as expected
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)

If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-04-24 14:43:55 +10:00
Angus Gratton
25aa5b0e28 esp32: Enable flash encryption by setting FLASH_CRYPT_CNT to max
Previous method was to write-protect this efuse, however on ECO3
the write protect field also covers the UART_DOWNLOAD_DIS efuse.

Doing it this way keeps the possibility of disabling UART download
mode, later.
2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f secure boot v2: esp32: Prevent read disabling additional efuses
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Darian Leung
91841a53ff WDT: Add LL and HAL for watchdog timers
This commit updates the watchdog timers (MWDT and RWDT)
in the following ways:

- Add seprate LL for MWDT and RWDT.
- Add a combined WDT HAL for all Watchdog Timers
- Update int_wdt.c and task_wdt.c to use WDT HAL
- Remove most dependencies on LL or direct register access
  in other components. They will now use the WDT HAL
- Update use of watchdogs (including RTC WDT) in bootloader and
  startup code to use the HAL layer.
2020-03-26 02:14:02 +08:00
Renz Christian Bagaporo
2b100789b7 esp32, esp32s2: move panic handling code to new component 2020-03-10 19:56:24 +08:00
Angus Gratton
04ccb84b83 Merge branch 'feature/cpu_abstraction' into 'master'
CPU related operations abstraction

See merge request espressif/esp-idf!7301
2020-02-28 11:54:29 +08:00
Angus Gratton
d40c69375c bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-02-27 14:37:19 +05:30
Angus Gratton
0dacff4df4 secure boot: Encrypt the bootloader signature when enabling flash encryption + secure boot v2 2020-02-27 14:32:42 +05:30
Renz Christian Bagaporo
cefc71cdcd bootloader_support: mem-related initializations using cpu abstractions 2020-02-27 07:14:21 +05:00
Supreet Deshpande
a9ccc5e5c8 feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:28:22 +05:30
Nebojsa Cvetkovic
d649ea96ce soc: Add missing gpio_periph.h header 2020-02-18 13:10:37 +00:00
morris
888316fc64 bootloader_support: refactor to better support multi target 2019-12-23 05:45:17 +00:00
Ivan Grokhotkov
6bddcdac67 bootloader: move esp32 specific code from bootloader_common
Also implements bootloader_clock_get_rated_freq_mhz for esp32s2beta.

Closes IDF-758
2019-10-03 09:38:13 +02:00
Angus Gratton
438d513a95 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-16 16:18:48 +10:00
Ivan Grokhotkov
12c9d9a564 spi_flash: remove duplicate definition of spi_flash_unlock
The other (static) definition is in flash_ops.c, all references are
also in flash_ops.c.
2019-08-23 12:37:55 +08:00
Angus Gratton
309376f51a spi_flash: Force legacy mode for ESP32-S2
Can be removed once IDF-763 is merged
2019-08-13 17:14:16 +10:00
Angus Gratton
04ae56806c Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 15:26:58 +10:00
Angus Gratton
24d26fccde Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 13:44:24 +10:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
Vikram Dattu
eb99b27f2e Bugfix: ota fails with secure boot on for image size greater than 3.2MB
When an OTA image size is larger than 50 MMU pages (approx. 3.2 MB), secure_boot_generate fails while trying to map it into memory:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp32/secure_boot.c#L72
Instead of trying to map the whole image, secure boot code should split the image into chunks and map them one by one, like it is done in esp_image_format.c:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp_image_format.c#L372

Closes https://jira.espressif.com:8443/browse/IDF-709

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
2019-07-01 20:04:15 +00:00
Hemal Gujarathi
a68c7c21e1 Improve flash encryption documentation and add Development & Release modes
This MR improves existing flash encryption document to provide simplified steps
Adds two new modes for user: Development & Release
Adds a simple example
Supports encrypted write through make command
2019-06-25 23:41:18 +00:00
suda-morris
61ce868396 make bootloader_support support esp32s2beta 2019-06-11 13:07:02 +08:00
Angus Gratton
c9bf3a3b17 Merge branch 'bugfix/remove_secure_boot_test_mode' into 'master'
remove secure boot test mode

See merge request idf/esp-idf!5059
2019-06-11 07:25:07 +08:00
Konstantin Kondrashov
399d2d2605 all: Using xxx_periph.h
Using xxx_periph.h in whole IDF instead of xxx_reg.h, xxx_struct.h, xxx_channel.h ... .

Cleaned up header files from unnecessary headers (releated to soc/... headers).
2019-06-03 14:15:08 +08:00
hemal.gujarathi
865b24144e remove secure boot test mode 2019-05-23 14:13:08 +05:30
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
suda-morris
3f2d6a0891 make bootloader_support depend on IDF_TARGET
1. move chip-specific code(e.g. encryption) into IDF_TARGET directory
2. splict app-only code to idf directory which won't be compiled into bootloader
2019-04-16 17:37:56 +08:00