Commit Graph

43 Commits

Author SHA1 Message Date
Angus Gratton
5a4091a2c0 efuse: Add ESP32 V3 'disable Download Mode' functionality 2021-07-16 10:59:51 +10:00
Angus Gratton
c572e0bf5f paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-06-02 16:30:02 +10:00
Mahavir Jain
d82adb482b spi_flash: add config option to enable encrypted partition read/write
This feature can be disabled to save some IRAM (approx 1KB) for cases
where flash encryption feature is not required.
2021-01-29 11:45:50 +05:30
Angus Gratton
904b85e365 secure boot: Ensure mbedTLS enables ECDSA if signatures are checked in app
and all ECDSA to be disabled if secure boot is not enabled

Previously if ECDSA disabled in config then secure_boot_signatures.c would
fail to build (whether or not secure boot was enabled).

To avoid breaking apps that might be using the signature scheme with custom OTA
without enabling secure boot signatures in config, this change just disables
this functionality if unavailable in mbedTLS config.

Possible fix for root cause of https://github.com/espressif/esp-idf/pull/3703

Closes https://github.com/espressif/esp-idf/issues/4758
2020-04-01 16:42:41 +11:00
Roland Dobai
fc738680f8 Fix Kconfig issues discovered by upstream Kconfiglib 2019-09-25 08:25:51 +02:00
Ivan Grokhotkov
a0256b9e9d flash encryption: add option to require flash encryption to be enabled
In testing environment, to avoid accidentally enabling flash
encryption on a device, CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
can be set. If set, the bootloader will refuse to boot if flash
encryption is not enabled, instead of enabling it.
2019-09-10 17:19:08 +02:00
Hemal Gujarathi
a68c7c21e1 Improve flash encryption documentation and add Development & Release modes
This MR improves existing flash encryption document to provide simplified steps
Adds two new modes for user: Development & Release
Adds a simple example
Supports encrypted write through make command
2019-06-25 23:41:18 +00:00
hemal.gujarathi
865b24144e remove secure boot test mode 2019-05-23 14:13:08 +05:30
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Roland Dobai
997b29a9ca Rename Kconfig options (components/esptool_py) 2019-05-21 09:32:55 +02:00
Roland Dobai
0ae53691ba Rename Kconfig options (components/esp32) 2019-05-21 09:09:01 +02:00
Mahavir Jain
202f689baa bootloader: use mbedTLS for secure boot verification in firmware 2019-04-01 15:46:52 +05:30
Konstantin Kondrashov
e916cf52a3 bootloader: Add support of anti-rollback
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.

Closes: TW26335
2019-02-14 18:51:43 +08:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Konstantin Kondrashov
dde1fd9b94 bootloader: Add support flags for rollback app
Added
* Set actual ota_seq if both ota are init or incorrect.
* Description of rollback
* UT tests

Closes TW15459
2018-12-11 11:54:21 +08:00
Angus Gratton
f53fef9936 Secure Boot & Flash encryption: Support 3/4 Coding Scheme
Includes esptool update to v2.6-beta1
2018-10-16 16:24:10 +11:00
Angus Gratton
2ec0fd8fd6 Merge branch 'feature/signature_verify_updates' into 'master'
secure boot: Support signed app verification without hardware secure boot

See merge request idf/esp-idf!2814
2018-09-04 18:56:47 +08:00
Konstantin Kondrashov
9c715d7946 bootloader_support: Fix enable rtc_wdt for resolve issue with varying supply
Eliminates the issue with the lock up in the bootloader due to a power drawdown during its operation.

Closes https://github.com/espressif/esp-idf/issues/1814
2018-09-03 05:43:01 +00:00
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Angus Gratton
57b601ab7f secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-17 15:33:47 +10:00
Angus Gratton
d0b8f2865f docs: Switch base URL from esp-idf.readthedocs.io to docs.espressif.com 2018-06-19 11:23:33 +00:00
Konstantin Kondrashov
ae10abff2f bootloader: Add factory reset and start test app
Added feature:
- reset firmware to Factory app.(by long pressing of the button)
- boot Test app. (by long pressing of the button)
- Added feature erase data partitions from factory reset.

TW10281
TW10280
2018-05-24 16:56:49 +05:00
Liu Zhi Fu
072b353b45 bootloader: force SDIO 1.9V if flash is 80M
If the SPI flash frequency is 80M, the voltage of SDIO is 1.9V,
otherwise, it can configured to 1.8V or 1.9V via menuconfig.
2018-03-19 16:39:54 +08:00
Angus Gratton
fccc30d2d5 bootloader: Only apply VDDSDIO 1.8V->1.9V if regulator is enabled
Fixes bug if regulator is disabled via efuse.
2017-11-27 10:33:41 +11:00
Wangjialin
d034bc9ca0 bootloader: add configuration of flash pins and VDDIO boost 2017-11-03 16:29:56 +08:00
krzychb
672390c458 Mass replacement of http with https urls, fixed broken urls 2017-09-06 08:16:01 +02:00
Angus Gratton
7a18575af8 flash encryption: Also always disable ROM BASIC console when enabling flash encryption 2017-08-29 14:52:00 +10:00
Ivan Grokhotkov
967611cfaa Revert "bootloader: Add option to build with Link Time Optimisation enabled"
This reverts commit d1b66a08c1.
2017-07-24 05:14:31 +08:00
Angus Gratton
d1b66a08c1 bootloader: Add option to build with Link Time Optimisation enabled 2017-07-19 18:31:59 +10:00
Angus Gratton
0715d1f8c1 bootloader: When customising SPI flash pins in efuse, set WP pin in menuconfig
Allows custom configurations for QIO/QOUT mode.
2017-07-19 15:04:08 +10:00
Angus Gratton
7c7edab328 flash encryption/secure boot: Restructure documentation
Also add steps to disable flash encryption, as some people seem to
accidentally enable it.

Explicitly mark the flash encryption and secure boot as "READ DOCS
FIRST" in menuconfig.
2017-02-15 09:42:46 +11:00
Angus Gratton
d6fafd00db Secure boot: Option for app & partition table signing to happen outside build system 2016-12-19 13:12:05 +11:00
Angus Gratton
506c8cd964 secure boot & flash encryption: Rework configuration options
Add UART bootloader disable options for flash encryption
2016-12-01 23:49:12 -08:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
2016-12-01 23:49:12 -08:00
Angus Gratton
8691b54758 secure boot: Rename efuse option for UART bootloader to option for ROM interpreter 2016-11-14 11:08:42 +11:00
Angus Gratton
fe66dd85f0 secure boot: Enable based on sdkconfig, remove "secure boot flag" from binary image 2016-11-14 11:08:42 +11:00
Angus Gratton
64f3893cb9 secure boot: Derive secure bootloader key from private key
Means only one key needs to be managed.
2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399 Secure boot: initial image signature support 2016-11-14 11:08:42 +11:00
Angus Gratton
04beb8baba Add documentation for bootloader secure boot stage 2016-11-02 10:41:59 +11:00
Angus Gratton
4ba1b73eba build system: Add espefuse/espsecure support for secure boot 2016-11-02 10:41:59 +11:00
Ivan Grokhotkov
69278b28bf components/log: fix bugs, add options to override log level for files, components, and bootloader 2016-09-18 20:24:31 +08:00
Ivan Grokhotkov
716cec5ded components/log: add implementation, update a few components to use it
This also removes logging implementation from bootloader and replaces it
with the one provided by the log component. Some occurrences of printf
and ets_printf have been changed to ESP_LOGx APIs.
2016-09-15 00:53:33 +08:00
Angus Gratton
3061ae40c0 bootloader: Add bootloader Kconfig
Allow debug level & colour highlighting to be configured
2016-09-13 14:18:17 +10:00