28 Commits

Author SHA1 Message Date
Angus Gratton
c572e0bf5f paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-06-02 16:30:02 +10:00
Mahavir Jain
d82adb482b spi_flash: add config option to enable encrypted partition read/write
This feature can be disabled to save some IRAM (approx 1KB) for cases
where flash encryption feature is not required.
2021-01-29 11:45:50 +05:30
Mahavir Jain
9c169a1812 Revert "esp_partition: disable encrypted reads/writes if flash encryption is disabled"
This reverts commit bf35ef1ce7b7db30d499d4058d6a4f39ba467fca.

It has been noticed that there are scenarios where even though firmware is not enabled
with flash encryption config feature, it should be able to write to encrypted partitions.

This revert adds the feature back which was removed around v4.0 timelines, and same
change will be backported to all releases (upto v4.0) for consistency.
2021-01-29 11:45:50 +05:30
Ivan Grokhotkov
0fc30f4379 spi_flash: load partition table before adding an external partition
esp_partition_register_external did not call load_partitions, so if
it was called before any call to esp_partition_find, then the main
partition table would never be loaded. Introduce new function,
ensure_partitions_loaded, and call it both from esp_partition_find and
esp_partition_register_external.

Closes https://github.com/espressif/esp-idf/issues/4116
2019-10-18 11:14:32 +02:00
Martin Thierer
d6c2dad101 esp_partition_erase_range(): rename parameter "start_addr" to "offset"
The name "start_addr" (which goes straight into the docs) implies
it's an absolute address while in fact it's an offset into the
partition like what's used in all the other esp_partition_*
functions.

So in order to avoid confusion make the name consistent with the
parameter names used for the other partition functions and call it
"offset".

Merges https://github.com/espressif/esp-idf/pull/3750
2019-07-08 17:29:05 +10:00
Ivan Grokhotkov
1c17558e6e spi_flash: use same argument types in .h and .c files
Fixes compilations on targets where size_t != uint32_t
2019-07-02 10:26:06 +02:00
Ivan Grokhotkov
ec427a5b43 spi_flash: support for partitions in external flash 2019-07-02 10:26:06 +02:00
Michael (XIAO Xufeng)
1036a091fe spi_flash: support working on differnt buses and frequency 2019-06-18 06:32:52 +00:00
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Tim Nordell
7892cf6a03 partition: Fix "encrypted" read/write when encryption is disabled
According to the documentation[1][2] for partitions, setting the encrypted
flag for partitions should be a no-op when system level encryption isn't
enabled.  The current implementation, however, does not actually match
the documentation and it ends up with an unreadable partition via the
partition API if a partition flag is marked as encrypted without
system-level encryption enabled.  (This is because the writes go through
the encryption block, and reads do not go through the encryption block
when this situation occurs causing unreadable data to the application
running.) This fixes up the read-back of the partition table to match
whether or not the partition is currently encrypted under the hood.

This should not affect the bootloader's code for reading/writing encrypted
partitions as the bootloader directly invokes the spi_flash_write*(...)
APIs.

[1] https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/partition-tables.html#flags
[2] https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html#encrypted-partition-flag

Closes https://github.com/espressif/esp-idf/pull/3328

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-05-03 15:03:04 +05:30
morris
c159984264 separate rom from esp32 component to esp_rom
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
2019-03-21 18:51:45 +08:00
morris
fae39dc326 merge esp_flash_data_types into esp_flash_partitions 2019-03-18 08:51:55 +00:00
Ivan Grokhotkov
bf35ef1ce7 esp_partition: disable encrypted reads/writes if flash encryption is disabled
Saves 400 bytes of IRAM.
2019-01-10 21:51:09 +08:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Konstantin Kondrashov
117c79eae5 app_update: Add API for getting sha256_of_partition
Added bootloader_common_get_sha256_of_partition() and esp_partition_get_sha256() - get or calculate SHA-256
digest for app and data partitions.
Added bootloader_sha256_hex_to_str() - helps to print SHA-256 digest
Added esp_partition_check_identity() - compares two partitions by SHA-256 digest

Refactoring a function esp_image_load() in bootloader space to esp_image_verify() and
bootloader_load_image(). Old name function esp_image_load is deprecated
and will remove in V4.0 version.

spi_flash/sim: Fix error test_host. Add stub for bootloader_common_get_sha256_of_partition in sim/stubs
2018-08-13 13:59:07 +05:00
Anton Maklakov
f42b91fe46 spi_flash: fix errors for GCC 8 support
components/spi_flash/partition.c: In function 'load_partitions':
components/spi_flash/partition.c:179:66: error: argument to 'sizeof' in 'strncpy' call is the same expression as the source; did you mean to use the size of the destination? [-Werror=sizeof-pointer-memaccess]
         strncpy(item->info.label, (const char*) it->label, sizeof(it->label));
                                                                  ^
2018-07-02 09:05:00 +00:00
Konstantin Kondrashov
3e0ac4db79 partition_table: Expanding the space under the bootloader
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.

TW14125
2018-06-08 18:47:29 +05:00
Jeroen Domburg
93b7eaf5b2 esp_partition_mmap could map a page less than needed because it did not take the region offset into account. 2017-07-03 18:02:28 +08:00
Ivan Grokhotkov
fa09c8af61 spi_flash: fix partitions order
Pointer to the tail of linked list was never set, so partitions were
added to the head, instead of adding them to the tail.
2017-03-04 15:34:03 +08:00
Angus Gratton
4170b8c32e partition iterator: Free iterator when reaching end of linked list 2017-02-22 10:26:04 +11:00
Angus Gratton
902382f622 ota ops: Verify partition argument passed to esp_ota_begin() 2017-02-22 10:26:04 +11:00
Angus Gratton
eea2788f5a OTA: Fix issues with encrypted OTA
- OTA source can write non-16-byte multiples of data
- Assumption that empty ota_data is 0xFFFFFFFF untrue when encrypted
2017-01-26 18:52:35 +11:00
Deomid Ryabkov
71ab455c87 Allow writes to encrypted partitions
There is a size alignment requirement but it is checked by
spi_flash_write_encrypted. However, this check flat-out bans encrypted
writes.
2017-01-17 12:32:01 +08:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Tian Zhong Xing
72422b32dc feature/fota_ops_api: add ota core api implement 2016-11-28 17:12:57 +08:00
Ivan Grokhotkov
c581229e1d partition API: separate type and subtype into two enums 2016-10-27 17:58:42 +08:00
Ivan Grokhotkov
b6693225c1 spi_flash: implement partition API, drop trivial wrappers
This implements esp_partition_read, esp_partition_write, esp_partition_erase_range, esp_partition_mmap.
Also removed getters which didn't add much sugar after all.
2016-10-27 17:58:42 +08:00
Ivan Grokhotkov
079d9ea018 spi_flash: implement partition API 2016-10-27 17:58:42 +08:00