69 Commits

Author SHA1 Message Date
Mahavir Jain
eea2536dc4 Merge branch 'feature/conservative_key_revocation_in_secure_boot_v2' into 'master'
feat: Add API to verify the bootloader and application image before revoking...

Closes IDF-7078

See merge request espressif/esp-idf!24572
2023-10-16 12:42:49 +08:00
Harshit Malpani
1df186d4e1
feat: Add API to verify the bootloader and app image
Added an API to verify the bootloader and app image before revoking the key in Secure Boot V2.
This will help in preventing the device to be bricked if the bootloader/application cannot be
verified by any other keys in efuse
2023-10-12 14:53:57 +05:30
harshal.patil
f46a93e565
feat(secure_boot): add secure boot support for esp32p4 2023-10-12 10:12:54 +05:30
KonstantinKondrashov
69838403f9 esp_bootloader_format: Adds bootloader description structure to read bootloader version from app
Closes https://github.com/espressif/esp-idf/issues/8800
Closes https://github.com/espressif/esp-idf/issues/9132
2023-05-10 21:39:52 +08:00
laokaiyao
bf2a7b2df6 esp32h4: removed esp32h4 related codes 2023-04-23 12:03:07 +00:00
Mahavir Jain
d4ccdd48f6
esp32h2: add secure boot feature support
Closes IDF-6281
2023-03-06 16:57:45 +05:30
Sachin Parekh
2bb9499a7e esp32c6: Enable ECDSA based secure boot
- Updated documentation for C6
2023-02-13 13:02:11 +05:30
laokaiyao
8677216576 esp32h2: renaming esp32h2 to esp32h4 2022-11-08 17:05:33 +08:00
Martin Vychodil
c9c7573f71 Storage: Partition APIs moved to the new component 'esp_partition'
All the partition handling API functions and data-types were moved from the 'spi_flash' component to the new one named 'esp_partition'. See Storage 5.x migration guide for more details
2022-11-02 21:54:45 +01:00
Laukik Hase
0519f604db
app_update: Moved app metadata to new component esp_app_format 2022-08-17 10:59:25 +05:30
Jakob Hasse
33a3616635 refactor (bootloader_support, efuse)!: remove target-specific rom includes
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/

* Removed bootloader_reset_reason.h and
  bootloader_common_get_reset_reason() completely.
  Alternative in ROM component is available.

* made esp_efuse.h independent of target-specific rom header
2022-07-13 10:29:02 +08:00
Cao Sen Miao
a690a87829 spi_flash: Remove legacy spi_flash drivers 2022-07-01 11:01:34 +08:00
Shubham Kulkarni
c7361327be app_update: Expose get_ota_partition_count in header file
Closes: https://github.com/espressif/esp-idf/issues/7313
2021-08-02 10:12:46 +05:30
Renz Bagaporo
7c22cccb9c esp32: cleanup build script 2021-07-16 20:14:27 +08:00
Supreet Deshpande
92754bd47e Check if the running app is signed by a valid key before revocation 2021-07-13 13:38:12 +05:30
Konstantin Kondrashov
f339b3fc96 efuse(esp32): Deprecate esp_efuse_burn_new_values() & esp_efuse_write_random_key()
These functions were used only for esp32 in secure_boot and flash encryption.
Use idf efuse APIs instead of efuse regs.
2021-06-17 07:21:36 +08:00
Jan Brudný
b3e37696ba app_update: update copyright notice 2021-05-10 03:48:25 +02:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)
- ESP32 ECO3, ESP32-S2/C3/S3
2021-03-15 12:30:20 +00:00
Angus Gratton
a7da0c894b Merge branch 'feature/c3_master_flash_enc_support' into 'master'
flash encryption: merge C3 flash encryption changes to master

See merge request espressif/esp-idf!12040
2021-01-22 12:58:38 +08:00
Angus Gratton
fe8a891de9 Merge branch 'feature/support_esp32c3_master_cmake_secure_boot' into 'master'
bootloader/esp32c3: Support secure boot

Closes IDF-2115

See merge request espressif/esp-idf!11797
2021-01-21 08:42:49 +08:00
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00
Marius Vikhammer
03fa63b0c9 bootloader: add flash encryption support for C3
Adds flash encryption support for C3 and updates docs for S2 & C3
2021-01-18 14:10:54 +08:00
morris
753a929525 global: fix sign-compare warnings 2021-01-12 14:05:08 +08:00
lucastcox
d5d722c66f app_update: Add definition for esp_ota_abort
Closes: https://github.com/espressif/esp-idf/issues/5329
Merges: https://github.com/espressif/esp-idf/pull/5331

Signed-off-by: Shubham Kulkarni <shubham.kulkarni@espressif.com>
2020-12-03 14:49:52 +05:30
Peter Hoddie
3a768f51c3 app_update: add support for incremental flash erase
This patch modifies the OTA implementation to incremental erase flash sectors
as they are written, rather than bulk erasing them all at once when OTA begins.

This solves several problems:
- The bulk flash erase can take so long that it triggers the watchdog timer.
  Disabling the watchdog is an undesirable risk.
- The bulk erase interferes with the responsiveness of the system to user input.
- Incremental erasing eliminates the need to pass the firmware image size to
  esp_ota_begin to avoid erasing more flash sectors than required.
- When installing an OTA received via HTTP, the size of the firmware image is
  known when the content-length header is received. Calling esp_ota_begin at that
  time causes a long delay to do the bulk erase which causes the TCP transfer
  speed to be measurably slowed when the transfer resumes after the erase.
  Incremental erasing eliminates this TCP slowdown.

Update:
Rework so erase optimization is only applied when image_size is set to
OTA_WITH_SEQUENTIAL_WRITES #5246

Merges https://github.com/espressif/esp-idf/pull/5246
2020-09-04 12:05:02 +05:30
Supreet Deshpande
e640e148cf Secure boot v2 support for ESP32-S2 2020-07-27 00:01:10 +00:00
morris
a34409cffc esp_rom: extract common CRC apis into esp_rom_crc.h 2020-06-23 16:40:14 +08:00
Shubham Kulkarni
6a1b3221c4 app_update: Add API to write data in a non contiguous manner 2020-05-28 10:18:55 +05:30
Shubham Kulkarni
c82a4d59ee esp_ota_ops.c: Fix size calculation to erase partition range for OTA image
Closes https://github.com/espressif/esp-idf/issues/4953
2020-03-31 14:58:32 +00:00
suda-morris
dd248ffc32 Add chip revision into image header
Check chip id and chip revision before boot app image

Closes https://github.com/espressif/esp-idf/issues/4000
2019-09-16 18:13:53 +08:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
Konstantin Kondrashov
399d2d2605 all: Using xxx_periph.h
Using xxx_periph.h in whole IDF instead of xxx_reg.h, xxx_struct.h, xxx_channel.h ... .

Cleaned up header files from unnecessary headers (releated to soc/... headers).
2019-06-03 14:15:08 +08:00
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Mahavir Jain
816fe38f3a app_update: remove redundant (additional) check for signature verification
Call `esp_image_verify` takes care of validating image signature.
2019-04-01 15:47:01 +05:30
morris
c159984264 separate rom from esp32 component to esp_rom
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
2019-03-21 18:51:45 +08:00
morris
fae39dc326 merge esp_flash_data_types into esp_flash_partitions 2019-03-18 08:51:55 +00:00
Konstantin Kondrashov
e916cf52a3 bootloader: Add support of anti-rollback
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.

Closes: TW26335
2019-02-14 18:51:43 +08:00
Angus Gratton
ad200227d2 Merge branch 'feature/add_rollback_flags' into 'master'
bootloader/app_update: Add a support of an app rollback.

See merge request idf/esp-idf!3547
2018-12-19 14:28:11 +08:00
Supreet Deshpande
1d4bb7cc4d bugfix/ota_magic_byte_issue: Fix indent and replace constant by macro
Replace 0xE9 by ESP_IMAGE_HEADER_MAGIC.
2018-12-17 09:56:18 +05:30
Konstantin Kondrashov
dde1fd9b94 bootloader: Add support flags for rollback app
Added
* Set actual ota_seq if both ota are init or incorrect.
* Description of rollback
* UT tests

Closes TW15459
2018-12-11 11:54:21 +08:00
Supreet Deshpande
55d5ee1e79 bugfix/ota_magic_byte_issue: Fixes OTA magic byte error
On enabling flash encryption, OTA fails with magic byte error in the second chunk
if the http data is split into two or more chunks and first chunk is less than 16.
2018-12-10 17:16:38 +05:30
Konstantin Kondrashov
f9522a0eb6 bootloader app_update: Refactoring otadata part 2018-12-05 11:20:03 +08:00
Konstantin Kondrashov
3b9cb25fe1 esp32: Add firmware version to app
Added a new structure esp_app_desc_t. It has info about firmware:
version, secure_version, project_name, time/date build and IDF version.
Added the ability to add a custom structure with a description of the firmware.

The esp_app_desc_t is located in fixed place in start of ROM secotor. It is located after structures esp_image_header_t and esp_image_segment_header_t.

app_version is filed from PROJECT_VER variable (if set in custom make file) or PROJECT_PATH/version.txt or git repo (git describe).

Add API to get app_desc from partition.
2018-12-03 16:52:04 +08:00
Mahavir Jain
26845936b3 app_update: remove unrequired static attribute from mmap handle 2018-10-18 04:38:31 +00:00
Mahavir Jain
b3aff63db4 app_update: fix intermittent failure with firmware updates
Routine `spi_flash_cache2phys` sometimes return incorrect value,
resulting in failure in getting currently running ota partition.
This in turn aborts firmware update process.This issue was more
prominent with SPIRAM enabled cases.

Fix ensures proper cache guards during `spi_flash_cache2phys`, and
also for few other similar APIs.

In addition, `esp_ota_get_running_partition` has also been optimized
to save currently running partition for subsequent invocations.

Fixes https://github.com/espressif/esp-idf/issues/2451
2018-10-18 04:38:31 +00:00
Angus Gratton
b355854d4d Merge branch 'master' into feature/cmake 2018-09-05 10:35:04 +08:00
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Angus Gratton
ff2404a272 Merge branch 'master' into feature/cmake 2018-08-16 17:14:17 +10:00
Konstantin Kondrashov
117c79eae5 app_update: Add API for getting sha256_of_partition
Added bootloader_common_get_sha256_of_partition() and esp_partition_get_sha256() - get or calculate SHA-256
digest for app and data partitions.
Added bootloader_sha256_hex_to_str() - helps to print SHA-256 digest
Added esp_partition_check_identity() - compares two partitions by SHA-256 digest

Refactoring a function esp_image_load() in bootloader space to esp_image_verify() and
bootloader_load_image(). Old name function esp_image_load is deprecated
and will remove in V4.0 version.

spi_flash/sim: Fix error test_host. Add stub for bootloader_common_get_sha256_of_partition in sim/stubs
2018-08-13 13:59:07 +05:00
Angus Gratton
5cbc4e976b app_update: Don't double-verify secure boot signature during OTA
esp_image_load() already verifies the signature
2018-07-17 15:33:47 +10:00