Commit Graph

159 Commits

Author SHA1 Message Date
Angus Gratton
3eaf8f1a84 Merge branch 'bugfix/secure_boot_padding_v3_1' into 'release/v3.1'
secure boot: Fix padding issue (backport v3.1)

See merge request idf/esp-idf!2833
2018-07-25 08:59:31 +08:00
Angus Gratton
f8b191cfae secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-23 13:45:55 +10:00
Angus Gratton
0b1c461e63 bootloader: Fix warning building reflashable Secure Boot image 2018-07-16 16:59:36 +10:00
Angus Gratton
ce634ef221 bootloader: Fix secure boot & flash encryption functionality
Fixes regression in 3e0ac4db79.
2018-07-16 16:59:36 +10:00
Angus Gratton
d0b8f2865f docs: Switch base URL from esp-idf.readthedocs.io to docs.espressif.com 2018-06-19 11:23:33 +00:00
Angus Gratton
43b6c76bba Merge branch 'feature/expansion_space_for_bootloader' into 'master'
partition_table: Moving to custom offset

See merge request idf/esp-idf!2263
2018-06-18 12:34:53 +08:00
Ivan Grokhotkov
b2f498f7da build: allow EXCLUDE_COMPONENTS to contain quotes
'dequote' macro can’t be used at this point yet, use subst directly.
Also prevent EXCLUDE_COMPONENTS from being passed to bootloader build.
2018-06-11 23:26:56 +08:00
Konstantin Kondrashov
3e0ac4db79 partition_table: Expanding the space under the bootloader
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.

TW14125
2018-06-08 18:47:29 +05:00
Konstantin Kondrashov
ae10abff2f bootloader: Add factory reset and start test app
Added feature:
- reset firmware to Factory app.(by long pressing of the button)
- boot Test app. (by long pressing of the button)
- Added feature erase data partitions from factory reset.

TW10281
TW10280
2018-05-24 16:56:49 +05:00
Konstantin Kondrashov
86256b3541 bootloader: Refactoring
Need to make the bootloader modular so that users can redefine its functional part.

- refactoring and moving functions to the bootloader_support component
- Changed function to `void` bootloader_utility_load_image(...);

TW19596
2018-04-17 16:36:49 +05:00
Roland Dobai
744c2dcdd9 Resolve problems found by enabling -Wwrite-strings compilation flag 2018-04-10 08:53:43 +02:00
Angus Gratton
da27816314 Merge branch 'feat/add_efuse_cpu_freq_rating' into 'master'
efuse/add cpu freq rating

See merge request idf/esp-idf!1994
2018-03-29 05:59:52 +08:00
Liu Zhi Fu
072b353b45 bootloader: force SDIO 1.9V if flash is 80M
If the SPI flash frequency is 80M, the voltage of SDIO is 1.9V,
otherwise, it can configured to 1.8V or 1.9V via menuconfig.
2018-03-19 16:39:54 +08:00
Darian Leung
8b1277c55f efuse/add cpu freq rating
This commit adds support for CPU max freqeuency rating
bits in CPU. Bootloader will now print an error if attempting
to 160MHz rated ESP32 at 240MHz.

EFUSE_CHIP_VER_RESERVE has been replaced by the
frequency rating bits. Dependancies on EFUSE_CHIP_VER_RESERVE
have been changed to use EFUSE_CHIP_VER_PKG
2018-03-07 12:16:51 +08:00
Anton Maklakov
301751ede0 build system: Fix undefined variables
make/project.mk:315: warning: undefined variable `CC'
    make/project.mk:316: warning: undefined variable `LD'
    make/project.mk:317: warning: undefined variable `AR'
    make/project.mk:62: warning: undefined variable `MAKECMDGOALS'
    components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY'
2017-12-28 19:21:34 +08:00
Angus Gratton
c69af42b96 esp32: Fix backwards compatibility for pre-v2.1 bootloaders
Older bootloaders don't set RTC_XTAL_FREQ_REG or call rtc_clk_init(),
app needs to pick this up.

Reported at
https://esp32.com/viewtopic.php?f=2&t=3939&p=17836
2017-12-18 13:45:57 +11:00
Ivan Grokhotkov
bad8d3ce57 bootloader: don't log anything before uart_console_configure is called 2017-12-08 13:15:40 +08:00
Angus Gratton
fccc30d2d5 bootloader: Only apply VDDSDIO 1.8V->1.9V if regulator is enabled
Fixes bug if regulator is disabled via efuse.
2017-11-27 10:33:41 +11:00
Alexey Gerenkov
692a890232 esp32: Adds Stack Smashing Protection Feature
These changes add posibility to enable GCC stack protector via menuconfig
for all source files in project.
2017-11-17 12:08:36 +03:00
Ivan Grokhotkov
afa9a85396 bootloader: wait for UART FIFO to be empty before switching frequency 2017-11-09 13:17:58 +08:00
Wangjialin
d034bc9ca0 bootloader: add configuration of flash pins and VDDIO boost 2017-11-03 16:29:56 +08:00
Ivan Grokhotkov
5a88f90a33 soc/rtc: warn if detected XTAL frequency does not match configured one
Since 9a8c0392, XTAL frequency is set to 40MHz by default, and users
of 26MHz boards need to select 26MHz manually. Most users are not aware
of this change, and existing getting started guides do not mention that
XTAL frequency needs to be set for some boards. So users are left with
garbage output from UART without any clue what to check.

This change adds a warning in case specific XTAL frequency was set, and
it does not match automatically detected one. This should help users
fix the issue.
2017-09-11 11:42:26 +08:00
krzychb
672390c458 Mass replacement of http with https urls, fixed broken urls 2017-09-06 08:16:01 +02:00
Angus Gratton
8670844acf build system: Restore ifdef/ifndef in Makefiles, clean up examples build 2017-09-05 16:11:03 +10:00
Deomid Ryabkov
9903ea1c11 Add --warn-undefined-variables to MAKEFLAGS
Fix warnings where undefined vars are used.

Make Kconfig emit "FOO=" for unset bool options
To ensure make variables are always defined, even if empty.

When writing auto.conf, include symbols disabled by dependency to make sure all make variables are always defined.

Fixes espressif/esp-idf#137

Cherry-picked from https://github.com/espressif/esp-idf/pull/138
2017-09-05 16:10:46 +10:00
Angus Gratton
11a87ca811 Merge branch 'bugfix/bootloader_ota_sel' into 'master'
Fix bootloader OTA regression

See merge request !1205
2017-09-05 07:25:08 +08:00
Angus Gratton
f487bb19d7 Merge branch 'bugfix/ci_build_examples_more' into 'master'
CI build_examples: Fix build flakiness

See merge request !1191
2017-09-04 16:02:12 +08:00
Angus Gratton
c275ad4ca4 build system: Add dependencies to component clean steps
Build directory must exist, component_project_vars.mk must be generated if it is going to be.
2017-09-04 17:40:15 +10:00
Angus Gratton
1cd2ce2471 bootloader: Fix regression preventing OTA updates
Regression introduced in 43e231c.

Thanks to @yanbe for pointing out issue in https://github.com/espressif/esp-idf/pull/955

This is a different fix, tries to keep the behaviour that 43e231c was aiming to correct (unnecessarily testing an
invalid slot more than once.)
2017-09-04 17:37:28 +10:00
Jeroen Domburg
34372a091c Add initial SPI RAM support. This adds support for an ESP-PSRAM32 chip connected to the default flash pins and GPIO 16 and 17. The RAM is mapped to address 0x3F800000, but otherwise ignored by esp-idf as of yet. 2017-09-04 12:05:49 +08:00
Jeroen Domburg
518edac42f Add GD chip into qio data, so (at least my) ESP-WROVER uses QIO mode succesfully. 2017-09-01 16:53:05 +08:00
Angus Gratton
7a18575af8 flash encryption: Also always disable ROM BASIC console when enabling flash encryption 2017-08-29 14:52:00 +10:00
Angus Gratton
43e231c916 bootloader: Don't unnecessarily test OTA app slots more than once per boot
Would loop more than once through each OTA possibility, but really only
needs to try each slot once.
2017-08-23 11:19:42 +10:00
Angus Gratton
5eef5e7a5d bootloader: Fallback if OTA data is invalid
Make bootloader more robust if either OTA data or some OTA app slots are corrupt.
2017-08-15 09:42:19 +10:00
Ivan Grokhotkov
967611cfaa Revert "bootloader: Add option to build with Link Time Optimisation enabled"
This reverts commit d1b66a08c1.
2017-07-24 05:14:31 +08:00
Angus Gratton
871ba41a09 bootloader: Remove unnecessary KEEP on data/bss sections, save static RAM 2017-07-19 18:31:59 +10:00
Angus Gratton
d1b66a08c1 bootloader: Add option to build with Link Time Optimisation enabled 2017-07-19 18:31:59 +10:00
Angus Gratton
17adb40ca8 bootloader: Calculate SHA256 hash of image on every boot
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
2017-07-19 18:31:59 +10:00
Angus Gratton
0c8888d68f bootloader: Combine loading from flash & verifying to save boot time
Still needs updating to account for secure boot.
2017-07-19 18:25:17 +10:00
Angus Gratton
ec64fa3416 bootloader flash QIO mode: Restore DIO/DOUT mode if enabling quad fails
Previously, flash was degraded to single I/O mode.
2017-07-19 15:04:09 +10:00
Angus Gratton
0715d1f8c1 bootloader: When customising SPI flash pins in efuse, set WP pin in menuconfig
Allows custom configurations for QIO/QOUT mode.
2017-07-19 15:04:08 +10:00
Angus Gratton
d664e32394 build system: Use component.mk for all components, refactor bootloader build
For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1"

Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader
project works, it's now mostly independent from the parent.
2017-07-19 09:10:48 +10:00
Angus Gratton
2b0f623259 bootloader/early boot: Error out if >192KB of static DRAM is allocated (temporary fix)
Currently the last 128KB of DRAM is reserved for the bootloader & early boot stacks. This means if >192KB of static DRAM
is allocated, the only available heap is this region - which is disabled until the scheduler starts. As a result, you
get either heap corruption on early boot if the static data overlaps startup heap (leading to very weird errors), or
FreeRTOS will fail to start when it can't malloc() anything.

Long term fix is to move the stacks & bootloader data to the very end of RAM, and only reserve that part for early
boot. This is a little fiddly because of also wanting to make sure this memory is not preemptively fragmented when it
gets reintroduced to the heap. This will become more important if/when we have more static allocation options in the
future.

For now, these errors make it clear why the boot has failed.

Ref TW13909
2017-07-12 13:06:56 +08:00
Ivan Grokhotkov
75658ee29b bootloader: workaround for clock switching bug in ESP32 rev. 0
In ESP32 rev. 0, switching between 240MHz and 80MHz (even via an
intermediate frequency of 40MHz) may cause the chip to lock up.
The bootloader used to enable 80MHz CPU clock at startup, which could
cause lock up after software reset. With this change, if 240MHz CPU
clock is enabled in menuconfig, bootloader will also use 240MHz to avoid
lock-up.
2017-06-15 18:15:35 +08:00
jack
ba32dd30a1 bugfix:Fix bug that wdt reset information for CPU1 was not correct 2017-06-05 18:26:14 +08:00
Tian Hao
26a3cb93c7 component/soc : move dport access header files to soc
1. move dport access header files to soc
2. reduce dport register write protection. Only protect read operation
2017-05-09 18:06:00 +08:00
Tian Hao
f7e8856520 component/esp32 : fix dualcore bug
1. When dual core cpu run access DPORT register, must do protection.
2. If access DPORT register, must use DPORT_REG_READ/DPORT_REG_WRITE and DPORT_XXX register operation macro.
2017-05-08 21:53:43 +08:00
Ivan Grokhotkov
fe695a9af8 Merge branch 'feature/cpu_restart_sequence' into 'master'
Restart sequence requires set up for app cpu.

These changes required to make correct restart of CPU form JTAG.

See merge request !703
2017-04-27 09:30:42 +08:00
Ivan Grokhotkov
0fe765a977 Merge branch 'feature/32k_xtal' into 'master'
add support for 32k XTAL as RTC_SLOW_CLK source

- RTC_CNTL_SLOWCLK_FREQ define is removed; rtc_clk_slow_freq_get_hz
  function can be used instead to get an approximate RTC_SLOW_CLK
  frequency

- Clock calibration is performed at startup. The value is saved and used
  for timekeeping and when entering deep sleep.

- When using the 32k XTAL, startup code will wait for the oscillator to
  start up. This can be possibly optimized by starting a separate task
  to wait for oscillator startup, and performing clock switch in that
  task.

- Fix a bug that 32k XTAL would be disabled in rtc_clk_init.

- Fix a rounding error in rtc_clk_cal, which caused systematic frequency
  error.

- Fix an overflow bug which caused rtc_clk_cal to timeout early if the
  slow_clk_cycles argument would exceed certain value

- Improve 32k XTAL oscillator startup time by introducing bootstrapping
  code, which uses internal pullup/pulldown resistors on 32K_N/32K_P
  pins to set better initial conditions for the oscillator.

Ref TW11683.

Ref https://esp32.com/viewtopic.php?f=13&t=1570

Fixes https://github.com/espressif/esp-idf/issues/337.

See merge request !696
2017-04-26 14:01:59 +08:00
Dmitry Yakovlev
00aa73c6cf Restart sequence requires set up for app cpu. 2017-04-26 07:47:37 +03:00