Currently, when flash encryption is enabled, the whole partition gets encrypted.
This can be optimised by encrypting only the app image instead of encrypting the whole partition.
Closes https://github.com/espressif/esp-idf/issues/12576
Fixed the value of the image_length field of the image metadata populated by esp_image_verfiy()
to include the size of the signature sector when Secure Boot V1 is enabled.
Many places in the ESP_SYSTEM are using CONFIG_FREERTOS_UNICORE instead of CONFIG_ESP_SYSTEM_SINGLE_CORE_MODE (GitHub PR)
Closes IDFGH-11333
See merge request espressif/esp-idf!27435
1st bootloader won't help to initialize the MSPI & cache properly as it
usually do when loading from flash. And the ram app doesn't have valid
headers.
Since there is no enough space in 2nd bootloader, we replace the
`bootloader_init_spi_flash` in the ram_app (!pure_ram_app), with an
customized alternative of it for the ram_app.
This alternative helps to initialize the MSPI & cache properly, without
the help of 1st bootloader or image headers.
On ESP32-S3 with the default efuse settings, USB PHY is connected to
the USB_SERIAL_JTAG peripheral. If USB OTG peripheral is used for the
console, we need to additionally switch the PHY to USB OTG, otherwise
we won't get any output.
Closes https://github.com/espressif/esp-idf/issues/12437
Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2.
This will help in preventing the device to be bricked if the bootloader/application cannot be
verified by any other keys in efuse
For the following configuration case:
- CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
- CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
- CONFIG_SECURE_BOOT_ALLOW_SHORT_APP_PARTITION
verification of the application was failing because the externally
padded bytes were not considered in the hash (checksum) process.
This commit fixes the problem by enabling relevant code for secure OTA
without secure boot case.
Closes https://github.com/espressif/esp-idf/issues/11995
There are some register description errors in parts of rom/gpio.h
This commit update the incorrect comments in rom/gpio.h And now
esp_rom_gpio.h is recommend instead of rom/gpio.h. So this commit adds
macro SIG_GPIO_OUT_IDX in esp_rom_gpio_connect_out_signal
function and removes the reference to gpio.h in some source files.
Closes https://github.com/espressif/esp-idf/issues/11737
esp_hw_support: Fix invalid system time if s_esp_rtc_time_us & s_rtc_last_ticks were moved around
Closes IDFGH-7930
See merge request espressif/esp-idf!23030
The commit fixes the case:
If variables in RTC RAM have been moved around by the linker,
they will be filled with garbage data. Any reset other than OTA would work fine
because the variables would still be initialized from the initial bootup.
So now system time will be valid even after OTA.
Closes https://github.com/espressif/esp-idf/issues/9448
* The RNG reading frequency of 200 KHz has been too high for
C6 and H2 since on these chips the RNG output is combined
with the RTC slow clock which is only 150KHz. Reduced the max
reading frequency via esp_random() from 200KHz to 62.5KHz,
which show best results in tests.
Also updated the bootloader_fill_random() max frequency to the
same value to be in line, even though it was just 83KHz.
