Commit Graph

428 Commits

Author SHA1 Message Date
harshal.patil
8176a0341e
feat(bootloader_support): Encrypt only the app image instead of the whole partition
Currently, when flash encryption is enabled, the whole partition gets encrypted.
This can be optimised by encrypting only the app image instead of encrypting the whole partition.

Closes https://github.com/espressif/esp-idf/issues/12576
2024-01-17 14:06:49 +05:30
Mahavir Jain
f2077b13fb Merge branch 'bugfix/fix_condition_to_verify_when_no_SB_v5.0' into 'release/v5.0'
fix(bootloader_support): Fix condition for checking signature in the application (v5.0)

See merge request espressif/esp-idf!26226
2023-09-27 18:14:46 +08:00
Harshit Malpani
c71801f9fa
fix(bootloader): Update kconfig option 2023-09-26 13:31:58 +05:30
harshal.patil
9bf94cb7e1
feat(bootloader): Update micro-ecc version to v1.1
This fix ensures that https://nvd.nist.gov/vuln/detail/CVE-2020-27209 is not
reported by the ESP-IDF SBOM tool. Please note that, this CVE was anyways not
applicable for ESP32 platform, as the bootloader (user of micro-ecc library)
do not perform signing on the device, its only verification that happens in
secure-boot-v1 case.
2023-09-22 10:50:00 +05:30
Marius Vikhammer
124a43e9ec build-system: replace ADDITIONAL_MAKE_CLEAN_FILES with ADDITIONAL_CLEAN_FILES
ADDITIONAL_MAKE_CLEAN_FILES is deprecated and only worked with make.
Replaced with the new ADDITIONAL_CLEAN_FILES (CMake 3.15) which also works with ninja.
2023-05-10 09:56:15 +08:00
Armando
fbe7d6fca9 ld: fixed bootloader and app potential overlap issue 2023-03-02 10:45:40 +08:00
KonstantinKondrashov
823024c10c all: Apply new version logic (major * 100 + minor) 2023-01-06 02:00:52 +08:00
Mahavir Jain
88c3e0b4d4
docs: Fix Secure DL mode documentation about flash read being unsupported
Simple flash read command is not supported if Secure DL mode is enabled on the target.
Remove reference of this from the relevant docs part.

Related: https://github.com/espressif/esptool/issues/810
Related: ESPTOOL-567
Closes IDF-6468
2022-12-16 11:51:52 +05:30
Zim Kalinowski
9af06d112c Merge branch 'bugfix/rtc_retain_mem_always_erased_v5.0' into 'release/v5.0'
Bootloader: retained memory can now be kept after reboot when custom data enabled (backport v5.0)

See merge request espressif/esp-idf!21232
2022-12-05 16:38:08 +08:00
Omar Chebib
62ad5c2258 Bootloader: retained memory can now be kept after reboot when custom data enabled
User's custom data are not taken into account during the CRC calculation anymore.
Which means taht the retained mem structure is not systematically erased
on each reboot anymore.
2022-11-24 17:35:55 +08:00
Alexey Lapshin
2e9f175ae5 tools: fixed elf symbols load if gdbinit specified
ROM and bootloader symbols add to use in GDB (via 'idf.py gdb')
2022-10-03 18:48:16 +04:00
Marius Vikhammer
3056d6e53d bootloader: allow skip image validation on C2
BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP is not supported on C2 due to
no RTC memory, but BOOTLOADER_SKIP_VALIDATE_ALWAYS should still be
supported.
2022-09-06 14:21:47 +08:00
wuzhenghui
5e8ba9cea8 use enum and designated initializers in soc_memory_type define 2022-07-29 17:07:41 +08:00
wuzhenghui
2ad49a9be5 update bootloader.ld rom_boot ram usage info 2022-07-29 10:51:47 +08:00
wuzhenghui
d6461d91e2 update bootloader memory allocation 2022-07-29 10:51:47 +08:00
Jakob Hasse
33a3616635 refactor (bootloader_support, efuse)!: remove target-specific rom includes
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/

* Removed bootloader_reset_reason.h and
  bootloader_common_get_reset_reason() completely.
  Alternative in ROM component is available.

* made esp_efuse.h independent of target-specific rom header
2022-07-13 10:29:02 +08:00
Omar Chebib
3c9856bdd1 (Xtensa) Build: add .xt.prop and .xt.lit to the compiled ELF file
Adding prop and lit sections to the ELF will let the debugger and the disassembler
have more info about data bytes present in the middle of the Xtensa
instructions, usually used for padding.
2022-07-05 04:39:29 +00:00
Alexey Lapshin
69b317368e esp_system: Fix esp32c2/esp32c3/esp32h2 TLS size
The change fixes thread-local-storage size by removing .srodata section
from it. It initially was included in TLS section by mistake.
The issue was found when stack size increased after building applications
with GCC-11.1 compiler. Stack size became bigger because some new data
appeared in .srodata. See more details here:
adce62f53d
2022-06-27 03:29:08 +00:00
Ivan Grokhotkov
8ee3decdba
bootloader, esp_system: increase static allocation space for esp32s3
The previously used splits between memory allocated for ROM code,
2nd stage bootloader and the app were somewhat safe and conservative.
This resulted in some space being unavailable for static allocation
in the app.

This commit increases the space available for static allocation to the
maximum possible amount.

1. Some of the ROM code static allocation is only used in UART/USB/SPI
   download modes. This region ("shared buffers") has been placed at
   the lower end of ROM memory area, to be reusable in flash boot
   mode. The 2nd stage bootloader linker script is modified to "pack"
   all sections exactly up to the end but with roughly 8K margin between
   startup stacks.
2. Instead of calculating the sections placement and hardcoding the
   addresses in the LD script again, rewrite it to calculate the
   start address of each memory region automatically based on the
   logic above.
3. Adjust the app memory layout (SRAM_IRAM_END) accordingly,
   increasing the space available for static allocation.

Overall these changes increase the space available for static
allocation by about 78kB.

The downside of these changes is that the 2nd stage bootloader .data
segment is now directly adjacent to the startup stack on the PRO CPU.
Previously, there was effectively about 78kB of extra stack space for
the PRO CPU, before the stack would run into the data segment.
2022-06-15 17:57:11 +05:30
KonstantinKondrashov
b4d14902e7 bootloader: Allows app partition length not 64KB aligned for NO SECURE BOOT 2022-06-02 22:40:12 +08:00
Djordje Nedic
facab8c5a7 tools: Increase the minimal supported CMake version to 3.16
This updates the minimal supported version of CMake to 3.16, which in turn enables us to use more CMake features and have a cleaner build system.
This is the version that provides most new features and also the one we use in our latest docker image for CI.
2022-06-01 06:35:02 +00:00
KonstantinKondrashov
505e18237a bootloader: Support Flash Encryption for ESP32-C2 2022-05-31 11:12:21 +00:00
jingli
e70c434780 fix compile error for esp32c2, since esp32c2 no longer support RTC fast mem 2022-05-27 19:29:38 +08:00
Marius Vikhammer
0687daf2c8 kconfig: move remaining kconfig options out of target component
The kconfig options are moved to the component where they are used,
mostly esp_hw_support and esp_system.
2022-05-23 17:57:45 +08:00
Sachin Parekh
2c725264f7
esp32c2: Support Secure Boot V2 based on ECDSA scheme 2022-05-11 18:00:03 +05:30
Gustavo Henrique Nihei
8ffb157791 bootloader: Create option for enabling memory region protection
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2022-05-03 09:58:25 -03:00
Marius Vikhammer
d2872095f9 soc: moved kconfig options out of the target component.
Moved the following kconfig options out of the target component:
 * CONFIG_ESP*_DEFAULT_CPU_FREQ* -> esp_system
 * ESP*_REV_MIN -> esp_hw_support
 * ESP*_TIME_SYSCALL -> newlib
 * ESP*_RTC_* -> esp_hw_support

Where applicable these target specific konfig names were merged into
a single common config, e.g;
CONFIG_ESP*_DEFAULT_CPU_FREQ -> CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
2022-04-21 12:09:43 +08:00
Mahavir Jain
03aafb5d52 bootloader: use SOC capability macros for security features related configuration 2022-04-01 09:38:34 +00:00
KonstantinKondrashov
754a563750 esp32c3: Adds ECO4 revision 2022-03-30 00:09:46 +08:00
Michael (XIAO Xufeng)
aab535fe4a Merge branch 'bugfix/regi2c_ctrl_spinlock_s2' into 'master'
hw_support: fixed regi2c not protected by lock on ESP32S2

See merge request espressif/esp-idf!16653
2022-03-13 02:47:53 +08:00
Michael (XIAO Xufeng)
d5bdf95580 hw_support: fixed regi2c not protected by lock on ESP32S2 2022-03-13 00:24:08 +08:00
Armando (Dou Yiwen)
6ed3ffbbf1 Merge branch 'refactor/remove_redundant_rom_cache_dependency' into 'master'
cache: remove redundant rom cache dependency in bootloader

Closes IDF-4523

See merge request espressif/esp-idf!17077
2022-03-12 10:11:39 +08:00
Armando
c1cbd7bbf6 cache/mmu: implememnt cache and mmu hal APIs in bootloader 2022-03-11 22:43:11 +08:00
KonstantinKondrashov
21dd929c72 bootloader: Adds a level selection for the app's test pin.
Closes https://github.com/espressif/esp-idf/issues/8332
2022-03-09 19:52:37 +08:00
KonstantinKondrashov
9605f3eb1a soc: Adds efuse hal
Replaced eFuse ROM funcs with hal layer
2022-02-24 22:20:09 +08:00
KonstantinKondrashov
ebdc52d4e2 efuse(esp32c2): Support eFuse key APIs 2022-02-01 17:30:31 +08:00
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
morris
869bed1bb5 soc: don't expose unstable soc header files in public api 2022-01-06 23:10:22 +08:00
Cao Sen Miao
3a4db97cec spi_flash: move patch files to common rom patch folder 2021-12-30 14:05:12 +08:00
Jakob Hasse
64a355eba8 feat (bootloader): added rng sampling
Set maximum RNG query frequency to save value known from tests
2021-12-27 13:59:20 +08:00
Ivan Grokhotkov
7056fd3129 bootloader: don't add nonexistent directories to EXTRA_COMPONENT_DIRS 2021-12-14 19:17:53 +01:00
Cao Sen Miao
e81841318f CI: Enable ESP8684 build stage CI on master 2021-12-13 19:18:47 +08:00
Roland Dobai
766aa57084 Build & config: Remove leftover files from the unsupported "make" build system 2021-11-11 15:32:36 +01:00
Cao Sen Miao
bf6fa70812 ESP8684: update bootloader, bootloader_support, esp_rom 2021-11-06 17:33:44 +08:00
Sachin Parekh
8ff3dbc05d secure_boot: Added Kconfig option for aggressive key revoke
Applicable to S2, C3, and S3
2021-10-22 12:20:14 +05:30
Ivan Grokhotkov
5bfd10113a bootloader: fix adding bootloader_components to EXTRA_COMPONENT_DIRS 2021-10-06 10:17:19 +02:00
Mahavir Jain
8c3287e0db Merge branch 'docs/add_note_for_esp32_sec_dl_mode' into 'master'
bootloader: add note about secure download mode for ESP32 target

Closes IDFGH-5857

See merge request espressif/esp-idf!15304
2021-09-30 04:00:50 +00:00
Mahavir Jain
3cff291f95
bootloader: add note about secure download mode for ESP32 target
Closes IDFGH-5857
Closes https://github.com/espressif/esp-idf/issues/7557
2021-09-22 15:37:40 +05:30
Sachin Parekh
c4e445b6f3 secure_boot: Enable --no-stub if secure boot enabled
ROM code doesn't allow loader stub to be executed in case secure boot in
enabled. Providing --no-stub flag to esptool allows user to flash new
firmware, given download mode hasn't been disabled
2021-09-22 12:45:46 +05:30
Sachin Parekh
bf1dde7233 bootloader: Enable clock glitch detection
Reset the device when clock glitch detected. Clock glitch detection is
only active in bootloader
2021-09-02 12:25:12 +05:30