Commit Graph

22 Commits

Author SHA1 Message Date
Angus Gratton
f8b191cfae secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-23 13:45:55 +10:00
Angus Gratton
6b5a15e3da partition_table: Support same fallback logic as bootloader for default boot partition
Generates correct "make flash" command even when partition table has no factory partition.

Also adds unit tests for parttool.py

Closes https://github.com/espressif/esp-idf/issues/2086
2018-06-25 05:36:55 +00:00
Konstantin Kondrashov
3e0ac4db79 partition_table: Expanding the space under the bootloader
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.

TW14125
2018-06-08 18:47:29 +05:00
Angus Gratton
8fbdad5b0c partition table: Fix regression with make 3.81
"undefine" was added in make 3.8.2

Namespace the global partition table option variables to minimise scope leakage.
2018-04-26 12:07:27 +10:00
Angus Gratton
fa3205737f partition_table: Check configured flash size fits in partition table
Check happens at build time, so flash size config may need to be changed.

Also fixes MD5_OPT undefined warning, closes https://github.com/espressif/esp-idf/issues/1867
2018-04-26 09:51:55 +10:00
Roland Dobai
4017cf3516 partition_table: Optionally disable the MD5 checksum in partition tables 2018-02-22 07:46:41 +01:00
Anton Maklakov
301751ede0 build system: Fix undefined variables
make/project.mk:315: warning: undefined variable `CC'
    make/project.mk:316: warning: undefined variable `LD'
    make/project.mk:317: warning: undefined variable `AR'
    make/project.mk:62: warning: undefined variable `MAKECMDGOALS'
    components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY'
2017-12-28 19:21:34 +08:00
Ivan Grokhotkov
b52e3fae64 build system: fix warning about undefined variable 'quote' 2017-10-19 21:35:23 +08:00
Angus Gratton
d664e32394 build system: Use component.mk for all components, refactor bootloader build
For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1"

Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader
project works, it's now mostly independent from the parent.
2017-07-19 09:10:48 +10:00
Deomid Ryabkov
74f78540ae Allow providing custom PARTITION_TABLE_CSV_PATH
Provide direct absolute path to CSV, without project_path
2017-01-25 00:30:29 +00:00
Angus Gratton
d6fafd00db Secure boot: Option for app & partition table signing to happen outside build system 2016-12-19 13:12:05 +11:00
Angus Gratton
a9d5e26748 Secure boot: Correctly re-sign if signing key changes, better error if missing 2016-12-01 23:49:12 -08:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Angus Gratton
c15024e629 Merge branch 'master' into feature/build_component_project_vars 2016-11-14 14:54:41 +11:00
Angus Gratton
e459f803da secure boot: Functional partition table & app signature verification 2016-11-14 11:08:42 +11:00
Angus Gratton
7402a1b973 partition_table: Move from 0x4000 to 0x8000
Also fix a bug with correctly padding bootloader image when length is
already a multiple of 16.
2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399 Secure boot: initial image signature support 2016-11-14 11:08:42 +11:00
Angus Gratton
341593f7d2 build system: Remove need for $(Q) macro in recipes, use --silent in MAKEFLAGS instead 2016-11-11 12:32:47 +11:00
Angus Gratton
d793d23b94 Remove bin/ directory in favour of an add_path.sh script that can be sourced
Remaining file in bin/ will be moved out as part of !34
2016-09-01 18:45:10 +10:00
Angus Gratton
f853f94335 Use IDF_PATH instead of SDK_PATH for the environment variable pointing to esp-idf
This will require a matching change in all projects using ESP-IDF.
2016-08-19 15:01:49 +08:00
Angus Gratton
14eb490bb3 make: 'make all' default target builds everything, 'make flash' flashes everything
Also added 'make help' target which prints some useful usage summary.
2016-08-18 21:42:37 +08:00
Ivan Grokhotkov
bd6ea4393c Initial public version 2016-08-17 23:08:22 +08:00