Commit Graph

543 Commits

Author SHA1 Message Date
KonstantinKondrashov
7f40717eb2 secure_boot/SIGNED_ON_UPDATE_NO_SECURE_BOOT: Only the first position of signature blocks is used to verify any update 2021-03-25 12:27:05 +00:00
KonstantinKondrashov
cbbd1e88a5 secure_boot_v1: Adds a help message in case when sig_block.version is not valid
if sig_block.version is not valid then probably the image without a signature.
2021-03-25 20:01:52 +08:00
Angus Gratton
fa2946d651 Merge branch 'feature/support_esp32s3_beta_3' into 'master'
Support ESP32S3 beta 3 target

Closes IDF-2908

See merge request espressif/esp-idf!12661
2021-03-23 10:17:58 +00:00
Marius Vikhammer
2aead8ba57 Support ESP32S3 Beta 3 target
Update ROM API. Port changes from bringup branch.
2021-03-18 10:24:22 +08:00
KonstantinKondrashov
a90f29fced wdt: Updates 2021-03-18 02:31:28 +08:00
Angus Gratton
6a29b45bd4 secure boot v2: Fix issue checking multiple signature blocks on OTA update 2021-03-15 12:30:20 +00:00
Angus Gratton
d709631393 secure boot: Add boot check for SBV2 "check app signature on update"
As this mode uses the public keys attached to the existing app's signatures to
verify the next app, checking that a signature block is found on boot prevents
the possibility of deploying a non-updatable device from the factory.
2021-03-15 12:30:20 +00:00
KonstantinKondrashov
95564b4687 secure_boot: Secure Boot V2 verify app signature on update (without Secure boot)
- ESP32 ECO3, ESP32-S2/C3/S3
2021-03-15 12:30:20 +00:00
Angus Gratton
fd164b82b6 Merge branch 'refactor/move_from_xtensa' into 'master'
Movements from xtensa

Closes IDF-2164

See merge request espressif/esp-idf!10556
2021-03-11 00:24:25 +00:00
Angus Gratton
6f362b9383 bootloader: Add config options to skip validation of app for minimum boot time 2021-03-10 14:00:46 +11:00
Angus Gratton
32ea7dc812 Merge branch 'feature/bootloader_disable_logs_unnecessary_warnings' into 'master'
bootloader: Disables unnecessary warning logs when invalid magic byte

Closes IDF-1900

See merge request espressif/esp-idf!12514
2021-03-09 06:28:46 +00:00
Angus Gratton
d6f4d99d93 core system: Fix warnings in compilation when assertions are disabled
Adds a CI config for hello world that sets this, to catch future regressions
2021-03-03 10:26:57 +11:00
KonstantinKondrashov
87aeef65a8 bootloader: Disables unnecessary warning logs when invalid magic byte 2021-03-01 20:34:54 +08:00
Renz Bagaporo
0f03f450ff esp_hw_support: create esp_cpu
Create a esp_cpu header that contains CPU-related functions and
utilities.
2021-02-26 13:34:29 +08:00
Angus Gratton
cbc58b85e2 Merge branch 'feature/adds_check_in_app_that_flash_enc_is_on' into 'master'
bootloader: Adds a check that app is run under FE

Closes IDF-640

See merge request espressif/esp-idf!12368
2021-02-25 22:39:13 +00:00
KonstantinKondrashov
90f2d3199a secure_boot: Checks secure boot efuses
ESP32 V1 and V2 - protection bits.
ESP32xx V2: revoke bits, protection bits

- refactor efuse component
- adds some APIs for esp32 chips as well as for esp32xx chips
2021-02-23 03:56:21 +08:00
KonstantinKondrashov
11a2f2acd3 bootloader: Adds a check that app is run under FE 2021-02-15 20:33:50 +08:00
Angus Gratton
2c39010b3b Merge branch 'bugfix/anti_rollback_without_test_app' into 'master'
bootloader: Anti-rollback mode doesn't run test_app

See merge request espressif/esp-idf!12225
2021-02-09 14:16:51 +08:00
Michael (XIAO Xufeng)
423a5458dc Merge branch 'bugfix/support_new_BYflash_chip_boot' into 'master'
spi_flash: add external flash support on esp32c3

Closes IDF-2650, IDF-2651, and IDF-2399

See merge request espressif/esp-idf!12121
2021-02-05 20:03:24 +08:00
Cao Sen Miao
cc1c6c30be flash: check boya chip support 2021-02-04 14:44:50 +08:00
KonstantinKondrashov
25ac1d4d28 bootloader: Anti-rollback mode doesn't run test_app
- Cmake shows an error if the partition table has a test app.
- BOOTLOADER_APP_TEST depends on !BOOTLOADER_APP_ANTI_ROLLBACK.
- Bootloader does not boot the test app if secure version is low.

Closes: https://www.esp32.com/viewtopic.php?f=13&t=19164&p=71302#p71302
2021-02-01 23:24:23 +08:00
KonstantinKondrashov
3ed226c362 efuse(esp32c3): Adds getting chip_revision and chip_pkg 2021-01-25 19:37:40 +08:00
Cao Sen Miao
9905da46e0 spi_flash: Add auto suspend mode on esp32c3 2021-01-25 11:14:02 +08:00
Angus Gratton
a7da0c894b Merge branch 'feature/c3_master_flash_enc_support' into 'master'
flash encryption: merge C3 flash encryption changes to master

See merge request espressif/esp-idf!12040
2021-01-22 12:58:38 +08:00
Angus Gratton
fe8a891de9 Merge branch 'feature/support_esp32c3_master_cmake_secure_boot' into 'master'
bootloader/esp32c3: Support secure boot

Closes IDF-2115

See merge request espressif/esp-idf!11797
2021-01-21 08:42:49 +08:00
KonstantinKondrashov
88c5fe49b8 soc: Adds a soc_caps define for all chips to define the number of boot key digests 2021-01-19 20:51:13 +08:00
KonstantinKondrashov
98f726fa4b bootloader/esp32c3: Adds secure boot (not yet supported) 2021-01-19 20:51:13 +08:00
Marius Vikhammer
03fa63b0c9 bootloader: add flash encryption support for C3
Adds flash encryption support for C3 and updates docs for S2 & C3
2021-01-18 14:10:54 +08:00
morris
753a929525 global: fix sign-compare warnings 2021-01-12 14:05:08 +08:00
fuzhibo
312a0ad6c1 fix: support bootloader random enable for esp32c3 2021-01-11 14:41:09 +08:00
Angus Gratton
c535d569aa Merge branch 'bugfix/secure_boot_sig_failed_crash' into 'master'
secure boot: Fix crash if signature verification fails in app

Closes IDFGH-4376

See merge request espressif/esp-idf!11846
2021-01-08 16:23:29 +08:00
Angus Gratton
7069736c2a Merge branch 'feature/bootloader_uses_efuse_keys_api' into 'master'
bootloader: Add using of efuse APIs for keys, purposes, wr/rd-protection bits

See merge request espressif/esp-idf!11110
2021-01-08 11:29:50 +08:00
Konstantin Kondrashov
fbba2cb356 bootloader/esp32s2: Add using of efuse APIs for keys, purposes, wr/rd-protection bits for flash encryption, secure boot 2021-01-08 11:29:46 +08:00
Morozov-5F
a8837aa378 secure boot v2: Fix crash if signature verification fails in app
sha_handle is "finished" when verify_secure_boot_signature() returns and
should be nulled out.

Alternative version of fix submitted in https://github.com/espressif/esp-idf/pull/6210

Closes https://github.com/espressif/esp-idf/pull/6210

Signed-off-by: Angus Gratton <angus@espressif.com>
2020-12-31 14:43:47 +05:30
Marius Vikhammer
68608f804c esp32c3: Misc fixes needed to build & run 2020-12-31 15:20:05 +11:00
Marius Vikhammer
eb788deb03 esp_hw_support: merge C3 changes to master
Merge RTC related C3 changes to master
2020-12-30 12:20:41 +08:00
Angus Gratton
7a40b1695c Merge branch 'feature/esp32c3_small_changes' into 'master'
esp32c3: Merge small target support changes

Closes IDF-2361

See merge request espressif/esp-idf!11714
2020-12-24 12:36:12 +08:00
Marius Vikhammer
4ff8c7ae98 esp_rom/esp_system: Add flag for ROM multiple UART output, esp32c3 console
From internal commit 6d894813
2020-12-24 14:18:01 +11:00
Angus Gratton
adbf182bc5 bootloder_support: esp32c3 only supports XTS-AES-128 flash encryption 2020-12-24 13:40:01 +11:00
Supreet Deshpande
c4cf6d6d26 Secure boot v2: Fixes the issue of passing the flash calculated digest for ota verification. 2020-12-21 11:32:37 +05:30
Supreet Deshpande
e517b4953f Secure Boot v2: Fix the double padding of the image length during flash encryption
Fixes https://github.com/espressif/esp-idf/issues/6236
2020-12-21 11:32:37 +05:30
Angus Gratton
f50dd23872 Merge branch 'feature/merge_esp32c3_bootloader_support' into 'master'
esp32c3: add initial bootloader and target component support

Closes IDF-2435 and IDF-2436

See merge request espressif/esp-idf!11433
2020-12-11 15:36:28 +08:00
morris
3f287800eb bootloader_support: added esp32-c3 support 2020-12-11 11:45:10 +08:00
Marius Vikhammer
0c3714de1c bootloader_support: re-enable S2 unit test
Re-enable "Verify unit test app image"
2020-12-10 08:04:09 +00:00
Ivan Grokhotkov
89d39308a0 bootloader: avoid printing load addresses with '0x'
Since idf_monitor decodes anything that looks like a code address and
starts with 0x, bootloader logs often get annotated with function
names such as WindowOverflow and other random and scary looking things
unrelated to the issue the user is facing. Print the addresses without
0x to avoid confusion by decoded function names. Print hexadecimal
size with 'h' suffix to distinguish it from the decimal value that
follows.
2020-12-02 16:33:43 +01:00
Angus Gratton
5228d9f9ce esp32c3: Apply one-liner/small changes for ESP32-C3 2020-12-01 10:58:50 +11:00
Supreet Deshpande
73d1be4281 Secure Boot V2: Fix an issue leading to manual enablement of Secure Boot v2.
Fixes https://github.com/espressif/esp-idf/issues/6050
2020-11-23 06:52:44 +00:00
Angus Gratton
420aef1ffe Updates for riscv support
* Target components pull in xtensa component directly
* Use CPU HAL where applicable
* Remove unnecessary xtensa headers
* Compilation changes necessary to support non-xtensa gcc types (ie int32_t/uint32_t is no
  longer signed/unsigned int).

Changes come from internal branch commit a6723fc
2020-11-13 07:49:11 +11:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
morris
9de6cba434 ci: add more build test for esp32-s3 2020-10-27 17:22:17 +08:00
Michael (XIAO Xufeng)
8926216723 Merge branch 'bugfix/esp32s2_adc_rng_registers' into 'master'
esp32s2: Use regi2c registers to enable bootloader RNG

See merge request espressif/esp-idf!10941
2020-10-26 13:55:05 +08:00
Angus Gratton
57d6026f97 Merge branch 'feature/efuse_support_for_esp32s3' into 'master'
efuse: Adds support for esp32-s3 chip

See merge request espressif/esp-idf!10491
2020-10-22 13:53:01 +08:00
Angus Gratton
cb12365221 Merge branch 'feature/add_inttypes_for_esp_app_format' into 'master'
bootloader_support: Add missing inttypes include in esp_app_format.h

Closes IDFGH-3950

See merge request espressif/esp-idf!10921
2020-10-22 12:16:22 +08:00
Angus Gratton
639e97437f esp32s2: Use regi2c registers to enable bootloader RNG 2020-10-22 14:39:59 +11:00
sU8U7SfkcwTJVH7PjaVmej7D
092b63f491 bootloader_support: Add missing inttypes include in esp_app_format.h
Signed-off-by: KonstantinKondrashov <konstantin@espressif.com>

Closes: https://github.com/espressif/esp-idf/pull/5837
2020-10-20 21:49:07 +08:00
Angus Gratton
4504318a28 Merge branch 'feature/esp32s2_bootloader_random' into 'master'
bootloader_support: Enable RNG entropy source for ESP32-S2

Closes IDF-1347

See merge request espressif/esp-idf!8965
2020-10-19 07:12:59 +08:00
Michael (XIAO Xufeng)
647dea9395 soc: combine xxx_caps.h into one soc_caps.h
During HAL layer refactoring and new chip bringup, we have several
caps.h for each part, to reduce the conflicts to minimum. But this is
The capabilities headers will be relataive stable once completely
written (maybe after the featues are supported by drivers).

Now ESP32 and ESP32-S2 drivers are relative stable, making it a good
time to combine all these caps.h into one soc_caps.h

This cleanup also move HAL config and pin config into separated files,
to make the responsibilities of these headers more clear. This is
helpful for the stabilities of soc_caps.h because we want to make it
public some day.
2020-10-17 16:10:15 +08:00
Angus Gratton
04ecdd95cf bootloader_support makefile: Use consistent indentation 2020-10-16 18:48:26 +11:00
Angus Gratton
b35cb43caf bootloader_support: Add dummy ESP32-S3 RNG support 2020-10-16 18:48:26 +11:00
Angus Gratton
9311b1e7be esp32s2: Enable 8M clock source for RNG also
Either of these options is sufficient to pass dieharder test suite with
bootloader random output, having both enabled is a bonus.
2020-10-16 18:48:26 +11:00
Angus Gratton
699742acc6 esp32s2: Support bootloader_random_enable() 2020-10-16 18:48:26 +11:00
Angus Gratton
a416452657 Merge branch 'feature/skip_sha256_error_on_fpga' into 'master'
bootloader: Skip a sha256 error on FPGA

See merge request espressif/esp-idf!10836
2020-10-16 14:43:06 +08:00
Michael (XIAO Xufeng)
465e5050b6 Merge branch 'bugfix/fix_spi_flash_clock_config_error_s2' into 'master'
bootloader_support: fix spi flash clock config error

See merge request espressif/esp-idf!10628
2020-10-16 12:04:32 +08:00
KonstantinKondrashov
3c57d5e0a1 bootloader: Skip a sha256 error on FPGA 2020-10-15 13:27:54 +08:00
KonstantinKondrashov
66b9b589cb efuse: Adds support for esp32-s2 chip 2020-10-14 16:26:51 +08:00
Supreet Deshpande
2356be7c7a Secure Boot V2: Fixes the OTA regression with secure boot in ESP32-V3
Closes https://github.com/espressif/esp-idf/issues/5905
2020-10-12 07:15:16 +00:00
Michael (XIAO Xufeng)
637ca4b15d bootloader_support: fix fix spi flash clock config error
Relates to: https://github.com/espressif/esp-idf/issues/5099
2020-10-03 04:37:52 +00:00
Mahavir Jain
ab988ab5ca bootloader_support: move anti rollback API to common loader section
API `bootloader_common_get_partition_description` is required for
anti-rollback feature and should be part of common loader code.
2020-09-30 11:13:13 +05:30
Mahavir Jain
5b344610c9 bootloader_support: fix issue in memory mapping for getting app descriptor
For getting secure_version field in anti rollback case, bootloader tries
to map whole firmware partition but fails for cases where partition size
is beyond available MMU free pages capacity.

Fix here insures to map only required length upto application descriptor
size in firmware partition.

Closes https://github.com/espressif/esp-idf/issues/5911
2020-09-30 11:13:13 +05:30
morris
6225932201 bootloader_support: add esp32-s3 initial support 2020-09-22 15:15:03 +08:00
Michael (XIAO Xufeng)
3b2e8648eb bootloader: create public bootloader_flash.h header
Move non-public functions into bootloader_flash_priv.h header
2020-09-19 10:52:02 +08:00
Michael (XIAO Xufeng)
fefdee1349 bootloader: fix the WRSR format for ISSI flash chips
1. The 2nd bootloader always call `rom_spiflash_unlock()`, but never help to clear the WEL bit when exit. This may cause system unstability.

   This commit helps to clear WEL when flash configuration is done.

   **RISK:** When the app starts, it didn't have to clear the WEL before it actually write/erase. But now the very first write/erase operation should be done after a WEL clear. Though the risk is little (all the following write/erase also need to clear the WEL), we still have to test this carefully, especially for those functions used by the OTA.

2. The `rom_spiflash_unlock()` function in the patch of ESP32 may (1) trigger the QPI, (2) clear the QE or (3) fail to unlock the ISSI chips.

   Status register bitmap of ISSI chip and GD chip:

| SR | ISSI | GD25LQ32C |
| -- | ---- | --------- |
| 0  | WIP  | WIP       |
| 1  | WEL  | WEL       |
| 2  | BP0  | BP0       |
| 3  | BP1  | BP1       |
| 4  | BP2  | BP2       |
| 5  | BP3  | BP3       |
| 6  | QE   | BP4       |
| 7  | SRWD | SRP0      |
| 8  |      | SRP1      |
| 9  |      | QE        |
| 10 |      | SUS2      |
| 11 |      | LB1       |
| 12 |      | LB2       |
| 13 |      | LB3       |
| 14 |      | CMP       |
| 15 |      | SUS1      |

   QE bit of other chips are at the bit 9 of the status register (i.e. bit 1 of SR2), which should be read by RDSR2 command.

   However, the RDSR2 (35H, Read Status 2) command for chip of other vendors happens to be the QIOEN (Enter QPI mode) command of ISSI chips. When the `rom_spiflash_unlock()` function trys to read SR2, it may trigger the QPI of ISSI chips.

   Moreover, when `rom_spiflash_unlock()` try to clear the BP4 bit in the status register, QE (bit 6) of ISSI chip may be cleared by accident. Or if the ISSI chip doesn't accept WRSR command with argument of two bytes (since it only have status register of one byte), it may fail to clear the other protect bits (BP0~BP3) as expected.

   This commit makes the `rom_spiflash_unlock()` check whether the vendor is issi. if so, `rom_spiflash_unlock()` only send RDSR to read the status register, send WRSR with only 1 byte argument, and also avoid clearing the QE bit (bit 6).

3. `rom_spiflash_unlock()` always send WRSR command to clear protection bits even when there is no protection bit active. And the execution of clearing status registers, which takes about 700us, will also happen even when there's no bits cleared.

   This commit skips the clearing of status register if there is no protection bits active.

Also move the execute_flash_command to be a bootloader API; move
implementation of spi_flash_wrap_set to the bootloader
2020-09-19 10:51:51 +08:00
KonstantinKondrashov
2373f115fc efuse/esp32: Expands PKG_VER from 3 bit to 4 bits
Closes: IDF-1919
2020-09-17 07:44:37 +00:00
KonstantinKondrashov
09af4a9fad bootloader: Fix esp_get_flash_encryption_mode(). RELEASE = (CRYPT_CNT == max) or (CRYPT_CNT.write_protect == true)
If the CRYPT_CNT efuse is max it means the same as a write protection bit for this efuse.

Closes: https://github.com/espressif/esp-idf/issues/5747
2020-09-11 04:20:23 +00:00
Ivan Grokhotkov
b6467257b9 Merge branch 'feature/cmock_component' into 'master'
cmock as component replacing unity

See merge request espressif/esp-idf!9859
2020-09-10 16:06:20 +08:00
Ivan Grokhotkov
26016534d8 bootloader: move rtc_retain_mem functions back into .iram_loader.text
Introduced 66a32c17 when bootloader_common was moved out of the loader
section.

Also add a test for this configuration.
2020-09-09 10:35:29 +02:00
Ivan Grokhotkov
66a32c1707 bootloader: fix section placement issues found by the check script
Summary of changes:

- bootloader_clock split into *_clock_init and *_clock_loader.
  Only esp_clk_apb_freq is in *_clock_loader.
- bootloader_common moved out of loader; functions needed in loader
  (or, referenced from bootloader_utility) were moved into
  bootloader_common_loader.c.
- assert and abort moved into bootloader_panic, made part of the
  loader
- rtc_clk and rtc_time made part of loader
2020-09-03 18:14:17 +02:00
Michael (XIAO Xufeng)
9e7eda9770 Merge branch 'feat/spi_flash_override_size' into 'master'
spi_flash: add config option to override flash size in bootloader header

See merge request espressif/esp-idf!10131
2020-09-03 02:57:31 +08:00
Jakob Hasse
20c068ef3b cmock: added cmock as component
* changing dependencies from unity->cmock
* added component.mk and Makefile.projbuild
* ignore test dir in gen_esp_err_to_name.py
* added some brief introduction of CMock in IDF
2020-09-02 16:38:37 +08:00
Michael (XIAO Xufeng)
37423083bb spi_flash: add config option to override flash size in bootloader header
Sometimes the flash size read from bootloader is not correct. This may
forbid SPI Flash driver from reading the the area larger than the size
in bootloader header.

When the new config option is enabled, the latest configured
ESPTOOLPY_FLAHSIZE in the app header will be used to override the value
read from bootloader header.
2020-09-02 00:35:53 +08:00
Michael (XIAO Xufeng)
5425ef4ee4 hal: extract hal component from soc component 2020-09-01 13:25:32 +08:00
Sachin Billore
f1dae0d6e1 ESP32 SecureBoot V2: eFuse write operations are updated to use the eFuse Manager APIs
Closes IDF-2034

Closes https://github.com/espressif/esp-idf/issues/5771
2020-08-27 04:24:04 +00:00
Angus Gratton
a2dc60b254 Merge branch 'feature/secure_boot_esp32s2' into 'master'
Feature/secure boot esp32s2

See merge request espressif/esp-idf!8254
2020-07-28 16:39:34 +08:00
morris
2917651478 esp_rom: extract common ets apis into esp_rom_sys.h 2020-07-27 15:27:01 +08:00
Angus Gratton
a91bd4078f secure boot: Fixes for ESP32-S2 first boot logic 2020-07-27 00:01:10 +00:00
Angus Gratton
bfc3f85826 bootloader esp32s2: Fix return type of ROM function signature verification 2020-07-27 00:01:10 +00:00
Supreet Deshpande
e640e148cf Secure boot v2 support for ESP32-S2 2020-07-27 00:01:10 +00:00
Angus Gratton
c871c349f2 Merge branch 'bugfix/bootloader_common_get_sha256_of_partition' into 'master'
bootloader_support: Fix bootloader_common_get_sha256_of_partition(), can handle a long image

Closes IDFGH-3594

See merge request espressif/esp-idf!9509
2020-07-23 13:27:48 +08:00
morris
ab0537c079 esp_rom: extract common MD5 hash apis into esp_rom_md5.h 2020-07-21 17:01:28 +08:00
Angus Gratton
442736c5d6 Merge branch 'refactor/common_rom_uart_apis' into 'master'
esp_rom: extract common uart apis into esp_rom_uart.h

See merge request espressif/esp-idf!9313
2020-07-21 15:24:21 +08:00
Angus Gratton
3755fb6597 Merge branch 'feature/add_esp32s3_bootloader_ld_file' into 'master'
move part of esp32-s3 codes to master (bootloader linker, esp32s3 empty componnet)

See merge request espressif/esp-idf!9608
2020-07-21 14:51:04 +08:00
KonstantinKondrashov
d95c89a1eb bootloader_support: Fix bootloader_common_get_sha256_of_partition, can handle a long image
Closes: IDFGH-3594
2020-07-20 10:55:41 +00:00
Angus Gratton
c09fdc0b09 esp32: Use package identifier to look up SPI flash/PSRAM WP Pin, unless overridden
Allows booting in QIO/QOUT mode or with PSRAM on ESP32-PICO-V3 and
ESP32-PICO-V3-O2 without any config changes.

Custom WP pins (needed for fully custom circuit boards) should still be compatible.
2020-07-20 14:08:49 +08:00
chenjianqiang
e9dd4f283a feat(esp32): support for esp32-pico-v3-02 2020-07-20 12:21:32 +08:00
morris
6316e6eba2 esp_system: add CONFIG_ESP_SYSTEM_RTC_EXT_CRYS 2020-07-20 11:15:24 +08:00
morris
b587428e5d bootloader: make bootloader offset address in flash configurable 2020-07-20 10:51:05 +08:00
morris
345606e7f3 esp_rom: extract common uart apis into esp_rom_uart.h 2020-07-17 16:00:59 +08:00
morris
458b14a8ea esp_rom: extract common efuse apis into esp_rom_efuse.h 2020-07-15 10:40:50 +08:00
morris
a4d0033c03 esp_rom: extract common GPIO apis into esp_rom_gpio.h 2020-07-07 11:40:19 +08:00
Ivan Grokhotkov
6dfb2d83a7 bootloader: combine console code for ESP32 and S2, add USB support 2020-06-26 15:38:49 +02:00
Ivan Grokhotkov
5ee75165f2 esp_common: add "USB CDC" option for console output 2020-06-26 15:38:49 +02:00
Ivan Grokhotkov
0620890028 bootloader, rtc: don't disable PLL if it is already enabled 2020-06-24 15:50:51 +02:00
morris
a34409cffc esp_rom: extract common CRC apis into esp_rom_crc.h 2020-06-23 16:40:14 +08:00
Angus Gratton
a5683f2263 Merge branch 'bugfix/efuse_logs' into 'master'
esp32/esp32s2: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization in startup code

Closes IDFGH-3367

See merge request espressif/esp-idf!8904
2020-06-16 13:47:02 +08:00
morris
067b1b91c2 global: add new target name: esp32-s3
add target name, chip ID, toochain descriptions for ESP32-S3
2020-06-11 21:40:08 +08:00
Angus Gratton
067ce3ef32 Merge branch 'bugfix/bootloader_skip_verify_jtag' into 'master'
bootloader_support: don't check signature when JTAG is attached

Closes IDFGH-2816 and IDFGH-2660

See merge request espressif/esp-idf!7865
2020-06-10 16:09:32 +08:00
KonstantinKondrashov
5cfdf1aa70 efuse: Add some fields in efuse_table and update esp_efuse_get_pkg_ver()
Closes: IDF-1077
2020-06-08 22:35:08 +08:00
Angus Gratton
e6151c4394 bootloader: Force bootloader_image_hdr to be word aligned
Possible due to linker order for this file to be placed unaligned,
causing failure from bootloader_flash_read() function.
2020-06-02 18:13:37 +10:00
KonstantinKondrashov
3bb2d581c6 esp32: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization
After setting _GLOBAL_REENT, ESP_LOGIx can be used instead of ESP_EARLY_LOGx.

Closes: https://github.com/espressif/esp-idf/issues/5343
2020-06-01 20:36:08 +08:00
Ivan Grokhotkov
07bf1e23db bootloader_support: don't check signature when JTAG is attached
If an insecure configuration is enabled (no hardware secure boot, just
software signature check), skip the signature check in bootloader if
JTAG debugger is attached. This allows the debugger to set breakpoints
in Flash before the application runs.

Closes https://github.com/espressif/esp-idf/issues/4734
Closes https://github.com/espressif/esp-idf/issues/4878
2020-05-31 18:14:09 +02:00
Angus Gratton
f64ae4fa99 efuse: Add 'disable Download Mode' & ESP32-S2 'Secure Download Mode' functionality 2020-05-28 17:50:45 +10:00
Angus Gratton
48d9c14c28 efuse: Add new esp_efuse_read_field_bit() convenience function 2020-05-28 17:45:09 +10:00
Angus Gratton
1dd5a4dba4 efuse: Add new esp_efuse_write_field_bit() convenience function 2020-05-28 17:45:09 +10:00
Angus Gratton
9b822a3d2e esp32s2: Disable legacy boot mode & ROM remap modes if either Secure Boot or Flash Encryption is on 2020-05-28 17:45:09 +10:00
Angus Gratton
3e7ba2f389 bootloader: Don't print an error message after WDT reset in unicore mode
Caused some confusion here: https://github.com/espressif/esp-idf/issues/4388
2020-05-19 03:35:53 +00:00
Angus Gratton
cecf4622bc Merge branch 'bugfix/secure_boot_v2_fixes' into 'master'
Small secure boot v2 fixes

See merge request espressif/esp-idf!8462
2020-05-05 11:13:30 +08:00
Angus Gratton
d4d4d7324a efuse: Don't need to burn WR_CRYPT_CNT if CRYPT_CNT is already max
Reduces write cycles, and useful on ESP32 ECO3 as UART_DIS_DL is protected by
the same efuse.

Also fixes accidental macro definition introduced in 7635dce502
2020-05-01 16:16:47 +10:00
Felipe Neves
95bc186846 flash_encryption: Fix next spi boot crypt counter value after a plaintext flash 2020-04-24 12:43:47 -03:00
Felipe Neves
f7ccc081a5 flash_encryption: replace spi crypt count efuse burning function by a esp_efuse_API
flash_encryption: modify additional efuses burning method to fix them are not being written

flass_encryption: burn efuse to disable boot from RAM space

flash_encryption: added better checking for key generation state plus set read and write protect for them

soc esp32s2: Add register-level bit definitions for read & wrote protect bits

esp32s2: Fixes for flash encryption

- Write efuses in a batch
- Fix some detection of whether existing efuse blocks are read/write protected
2020-04-24 12:43:47 -03:00
Felipe Neves
6f27992430 flash_encryption: return more clear error codes when bootloader encryption fails 2020-04-24 12:43:47 -03:00
Felipe Neves
b3d8847406 flash_encryption: added wdt feed during encryption process to avoid undesired reset. 2020-04-24 12:43:47 -03:00
Felipe Neves
7635dce502 bootloader/flash_encrypt: added esp32s2 flash encryption code on build system and enabled example
flash_enctryption: enabled flash encryption example on esp32s2

bootloader: raise WDT overflow value providing sufficient interval to encrypt app partition

flash_ encrypt: Fixed the TODOs on flash encryption key generation for esp32s2

flash_encryption: added secure boot features to flash enctryption for esp32s2

bootloader: leave only esp32s2 compatible potentially insecure options on menuconfig.

flash_encryption: removed secure boot version 1 from esp32s2 encryption code

flash_encryption:  added  CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED option for esp32s2

flash_encryption: fixed the count of left plaintext flash

flash_encryption: disable dcache and icache download when using encryption in release mode

flash_encryption:  add cache potentally insecure options for s2 chips

flash_encryption: fixed bug which bricked some chips in relase mode
2020-04-24 12:43:47 -03:00
Angus Gratton
b26f93415e secure boot v2: Add anti-FI check that secure boot not enabled yet
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-04-24 15:03:31 +10:00
Angus Gratton
fc4b653729 secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled 2020-04-24 15:03:03 +10:00
Angus Gratton
fc0d6a99f8 secure boot v2: Don't log warnings when BLK2 is empty as expected
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)

If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-04-24 14:43:55 +10:00
chenjianqiang
ec9cc27e08 flash: fix spi flash clock config error
Closes https://github.com/espressif/esp-idf/issues/5099
2020-04-17 16:26:26 +08:00
Angus Gratton
25aa5b0e28 esp32: Enable flash encryption by setting FLASH_CRYPT_CNT to max
Previous method was to write-protect this efuse, however on ECO3
the write protect field also covers the UART_DOWNLOAD_DIS efuse.

Doing it this way keeps the possibility of disabling UART download
mode, later.
2020-03-30 18:13:42 +11:00
Angus Gratton
142f69448f secure boot v2: esp32: Prevent read disabling additional efuses
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-30 18:00:40 +11:00
Darian Leung
91841a53ff WDT: Add LL and HAL for watchdog timers
This commit updates the watchdog timers (MWDT and RWDT)
in the following ways:

- Add seprate LL for MWDT and RWDT.
- Add a combined WDT HAL for all Watchdog Timers
- Update int_wdt.c and task_wdt.c to use WDT HAL
- Remove most dependencies on LL or direct register access
  in other components. They will now use the WDT HAL
- Update use of watchdogs (including RTC WDT) in bootloader and
  startup code to use the HAL layer.
2020-03-26 02:14:02 +08:00
Angus Gratton
62426a6c90 Merge branch 'refactor/use_new_component_registration_functions' into 'master'
CMake: Use new component registration function

See merge request espressif/esp-idf!8068
2020-03-25 08:02:42 +08:00
Renz Bagaporo
3d0967a58a test: declare requirements and include dirs private 2020-03-23 10:58:50 +08:00
Mahavir Jain
409b3db22f bootloader_support: initialize mbedtls_ctr_drbg_context per mbedtls v2.16.5 requirement
In commit 02d2903e39, mbedtls was
updated to release v2.16.5, where it was made mandatory to initialize
mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant
but missed out in secure boot v2 verification code. This commit
fixes that.
2020-03-20 20:48:22 +05:30
Angus Gratton
207914a13a Merge branch 'refactor/common_code_panic_handler' into 'master'
Panic handling common code refactor

See merge request espressif/esp-idf!7489
2020-03-19 11:23:57 +08:00
Renz Christian Bagaporo
2b100789b7 esp32, esp32s2: move panic handling code to new component 2020-03-10 19:56:24 +08:00
Angus Gratton
df9d3c6e43 Merge branch 'refactor/print_app_description_on_startup' into 'master'
esp32s2: print app description on startup

See merge request espressif/esp-idf!7899
2020-03-09 14:05:04 +08:00
morris
ddcba3d574 bootloader_support: read random from register 2020-03-06 15:32:01 +08:00
Ivan Grokhotkov
22516b256f bootloader_support: force alignment of flash_read argument 2020-03-04 09:56:01 +01:00
Angus Gratton
04ccb84b83 Merge branch 'feature/cpu_abstraction' into 'master'
CPU related operations abstraction

See merge request espressif/esp-idf!7301
2020-02-28 11:54:29 +08:00
Angus Gratton
d40c69375c bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-02-27 14:37:19 +05:30
Angus Gratton
0dacff4df4 secure boot: Encrypt the bootloader signature when enabling flash encryption + secure boot v2 2020-02-27 14:32:42 +05:30
Renz Christian Bagaporo
cefc71cdcd bootloader_support: mem-related initializations using cpu abstractions 2020-02-27 07:14:21 +05:00
Supreet Deshpande
a9ccc5e5c8 feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:28:22 +05:30
Ivan Grokhotkov
40cff27053 Merge branch 'feature/esp32s2_pm' into 'master'
esp32s2: power management (DFS and auto light sleep)

Closes IDF-670, IDF-527, and IDFGH-231

See merge request espressif/esp-idf!7578
2020-02-19 18:26:33 +08:00
Ivan Grokhotkov
f69f05ecd7 bootloader: esp32s2: fix enabling custom console pins 2020-02-19 08:13:23 +01:00
Nebojsa Cvetkovic
d649ea96ce soc: Add missing gpio_periph.h header 2020-02-18 13:10:37 +00:00
Ivan Grokhotkov
490bf29767 esp32s2: fix enabling 32k XTAL clock
On the ESP32S2, rtc_clk_cal(RTC_CAL_RTC_MUX) measures the frequency
of the 90kHz RTC clock regardless of the selected slow clock
frequency. Keep track which clock is selected and pass the argument
to rtc_clk_cal accordingly.

fix clock choices

update rtc 32k xtal code for s2

missed api in rtc.h

bootloader_clock: update for S2
2020-02-17 17:33:56 +01:00
Ivan Grokhotkov
74ac618287 soc/rtc: update frequency switching APIs to match the master branch
esp32s2 code was based in IDF v3.1, and used outdated APIs.

Closes IDF-670
2020-02-17 17:23:32 +01:00
Ivan Grokhotkov
0d69ed8620 bootloader_support: add esp_chip_id_t value for ESP32-S2 2020-02-06 19:50:14 +01:00
morris
e30cd361a8 global: rename esp32s2beta to esp32s2 2020-01-22 12:14:38 +08:00
morris
2422c52851 global: hello world on real esp32-s2 2020-01-16 17:43:59 +08:00
Wangjialin
fad639f0d4 feature(psram): update psram initialization.
1. use spi functions in rom
2. remove unnecessary GPIO configurations.
3. remove unnecessary dummy settings.
4. enable dummy out function
5. flash and psram have independent timing setting registers.
6. no need to set 1.9v for LDO in 80Mhz
7. set IO driver ability to 1 by default.
8. no need to use GPIO matrix on esp32s2, IO MUX is recommended
9. enable spi clock mode and IO mode settings
2020-01-16 17:41:31 +08:00
morris
a8d31b0385 rtc: enable super wdt auto feed 2020-01-16 17:41:31 +08:00
morris
1c2cc5430e global: bring up esp32s2(not beta) 2020-01-16 17:41:31 +08:00
duyi
9c5a981ef1 remove unnecessary function in bootloader_support
1. Delete bootloader_clock_get_rated_freq_mhz, esp32s2 do not need it right now
2. Remove bootloader_flash_gpio_config () because it has the same function as bootloader_flash_dummy_config
2020-01-16 17:41:31 +08:00
suda-morris
1ffb546135 esp32s2:remove unsupported xtal choice
ESP32-S2 only supports 40MHz XTAL and doesn't have XTAL autodetection.
2020-01-09 13:09:21 +08:00
michael
4220752aed ut: Move tests back from "esp32" subfolder
DISABLED_FOR_TARGETS macros are used

Partly revert "ci: disable unavailable tests for esp32s2beta"

This partly reverts commit 76a3a5fb48.

Partly revert "ci: disable UTs for esp32s2beta without runners"

This partly reverts commit eb158e9a22.

Partly revert "fix unit test and examples for s2beta"

This partly reverts commit 9baa7826be.

Partly revert "efuse: Add support for esp32s2beta"

This partly reverts commit db84ba868c.
2020-01-06 17:13:53 +08:00
Angus Gratton
ba3f47efd6 bootloader_support: fix crash in image verification is SHA doesn't match 2019-12-30 13:48:11 +11:00
Angus Gratton
b2ed553bbf bootloader_support: Reduce log spam about chip revisions
* Don't bother checking the chip revision if it looks like the partition
  doesn't really contain an app
* Don't print the "info" level about the revision & min revision unless
  we're in the bootloader (otherwise it gets printed at random times
  during the OTA process)
2019-12-30 13:48:11 +11:00
Angus Gratton
5139934767 bootloader_common: Fix esp_partition_get_sha256(), add unit tests
Regression in 438d513a95

Reported here: https://esp32.com/viewtopic.php?f=13&t=13250&p=52460
2019-12-30 13:47:47 +11:00
morris
888316fc64 bootloader_support: refactor to better support multi target 2019-12-23 05:45:17 +00:00
morris
01ca687caa esp32s2beta: only support unicore 2019-12-09 09:48:37 +08:00
Angus Gratton
fd27c0a113 Merge branch 'bugfix/bootloader_unicore_cache_enable' into 'master'
bootloader: revert support for booting dual-core apps on single-core bootloader

See merge request espressif/esp-idf!6609
2019-11-27 08:01:59 +08:00
wanglei
7b2348baad fix bug that wrap mode not disabled in none-QIO mode 2019-11-15 15:59:07 +00:00
Angus Gratton
ba72de2099 Merge branch 'bugfix/i2s-bootloader-random-disable' into 'master'
bugfix(bootloader): fix  bootloader_random_disable bug

Closes IDFGH-1747 and IDFGH-1739

See merge request espressif/esp-idf!6522
2019-11-08 11:04:15 +08:00
Angus Gratton
75488f1806 Merge branch 'bugfix/cmake_secure_boot' into 'master'
secure boot: CMake bug fixes

See merge request espressif/esp-idf!6523
2019-11-08 10:58:04 +08:00
Ivan Grokhotkov
a8e3ad6bd9 bootloader: revert support for booting dual-core apps on single-core bootloader 2019-11-05 14:42:43 +01:00
Chen Zheng Wei
b4a02c57c2 bugfix(i2s_bootloader_random_disable): fix bug about i2s bootloader_random_disable
bootloader_random_disable disables the ADC incorrectly, causing the ADC to sometimes fail to work. Fix this bug

closes https://github.com/espressif/esp-idf/issues/3973
2019-11-05 10:36:53 +08:00
Angus Gratton
e8881352c5 secure boot: Fix bug where verification key was not embedded in app 2019-10-29 12:46:09 +11:00
Angus Gratton
7ce75a42c7 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-25 15:13:52 +11:00
Angus Gratton
5bec9fb010 Merge branch 'bugfix/random_en_dis_for_app' into 'master'
bootloader_support: Fix using shared CLK_EN and RST_EN regs for random

See merge request espressif/esp-idf!6198
2019-10-23 13:18:01 +08:00
Angus Gratton
496ede9bcd Merge branch 'master' into feature/esp32s2beta_merge 2019-10-15 14:59:27 +11:00
Mahavir Jain
99659091fb bootloader_support: fix logging prints around chip revision 2019-10-11 14:35:22 +05:30
KonstantinKondrashov
807826f796 bootloader_support: Fix using shared CLK_EN and RST_EN regs for random
bootloader_random_enable() and bootloader_random_disable() functions
can be used in app.
This MR added the protection for shared CLK_EN and RST_EN registers.
2019-10-07 06:47:00 +00:00
Ivan Grokhotkov
6bddcdac67 bootloader: move esp32 specific code from bootloader_common
Also implements bootloader_clock_get_rated_freq_mhz for esp32s2beta.

Closes IDF-758
2019-10-03 09:38:13 +02:00
Ivan Grokhotkov
5830f529d8 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-02 19:01:39 +02:00
suda-morris
cbab3c34f8 bootloader: shrink bin size
1. write a bootloader version of "getting chip revision" function.
2. reduce wordy log.
2019-09-27 10:58:30 +08:00
KonstantinKondrashov
6f102125b4 bootloader: Add support esp32s2beta 2019-09-20 16:57:33 +10:00
Angus Gratton
adfc06a530 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-20 10:28:37 +10:00
Angus Gratton
83680bd96b Merge branch 'feature/esp32s2beta' into feature/esp32s2beta_merge 2019-09-19 21:08:20 +10:00
Jiang Jiang Jian
d78831ab2b Merge branch 'bugfix/remove_v40_deprecations' into 'master'
Remove features deprecated before ESP-IDF V4.0

Closes IDF-507

See merge request espressif/esp-idf!5841
2019-09-19 16:07:01 +08:00
suda-morris
dd248ffc32 Add chip revision into image header
Check chip id and chip revision before boot app image

Closes https://github.com/espressif/esp-idf/issues/4000
2019-09-16 18:13:53 +08:00
Angus Gratton
438d513a95 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-16 16:18:48 +10:00
Angus Gratton
62c06047da bootloader_support: Remove deprecated partition load/verify functions
Deprecated since v3.2
2019-09-13 09:44:07 +10:00
KonstantinKondrashov
d3637cd06b rtc_wdt: re-enable RTC_WDT 2019-09-13 00:03:52 +08:00
Angus Gratton
b547aef2a0 flash encryption: Ensure flash encryption can't be disabled if Secure Boot is on 2019-09-10 11:28:11 +10:00
Angus Gratton
35147119f1 Merge branch 'feature/support_ut_esp32s2beta' into 'feature/esp32s2beta'
ci: support build and run UT for esp32s2beta

See merge request espressif/esp-idf!5702
2019-09-09 08:34:16 +08:00
Li Shuai
bd29202520 1. Fix backtrace is incomplete
2. Optimization code style
2019-09-05 18:40:33 +08:00
Michael (XIAO Xufeng)
76a3a5fb48 ci: disable unavailable tests for esp32s2beta 2019-09-04 10:53:25 +10:00
Michael (XIAO Xufeng)
55859f59cb support for esp32s2beta 2019-09-04 10:53:25 +10:00
Michael (XIAO Xufeng)
9baa7826be fix unit test and examples for s2beta 2019-09-04 10:53:25 +10:00
Angus Gratton
abd6d40796 secure boot: Ensure mbedTLS enables ECDSA if signatures are checked in app
and all ECDSA to be disabled if secure boot is not enabled

Previously if ECDSA disabled in config then secure_boot_signatures.c would
fail to build (whether or not secure boot was enabled).

To avoid breaking apps that might be using the signature scheme with custom OTA
without enabling secure boot signatures in config, this change just disables
this functionality if unavailable in mbedTLS config.

Possible fix for root cause of https://github.com/espressif/esp-idf/pull/3703
2019-08-30 14:56:11 +10:00
Angus Gratton
06898325e6 Merge branch 'bugfix/bootloader_efuse_build_regression' into 'master'
bootloader: add definition of esp_clk_apb_freq

Closes IDFGH-1734

See merge request espressif/esp-idf!5913
2019-08-29 08:35:48 +08:00
Angus Gratton
a21ca2270a Merge branch 'feature/deep_sleep_fast_wake' into 'master'
bootloader: Reduce the time spent in image validation when waking from deep sleep

See merge request espressif/esp-idf!5140
2019-08-28 08:54:28 +08:00
Ivan Grokhotkov
fb72a6f629 bootloader: add definition of esp_clk_apb_freq
Commit 8cd04c80 has added a dependency of efuse component on
esp_clk_apb_freq, however there was no definition of this function in
the bootloader context.

Reported at https://esp32.com/viewtopic.php?f=13&t=12035
2019-08-27 12:01:11 +02:00
Ivan Grokhotkov
12c9d9a564 spi_flash: remove duplicate definition of spi_flash_unlock
The other (static) definition is in flash_ops.c, all references are
also in flash_ops.c.
2019-08-23 12:37:55 +08:00
KonstantinKondrashov
c543aac91e bootloader: API for the fast wakeup and custom using RTC mem
Added "Reserve RTC FAST memory for custom purposes" option.
Added a boot counter.
2019-08-21 11:44:37 +00:00
Tim Nordell
43393cf4d1 bootloader: Support for skipping validation upon wake from deep sleep
This saves time when waking up from deep sleep, but potentially decreases
the security of the system.  If the application able to modify itself
(especially areas that are loaded into RAM) in flash while running
without crashing or is modifies the cached bits of information about
what was last booted from the bootloader, this could cause security
issues if the user does a "deep sleep reset" since the full validation
is skipped.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Tim Nordell
82984f0539 bootloader: Do not obfuscate RAM if we are not doing image validation
No need to take this step if we are not doing image validation.  The
obfuscation only buys us a tiny bit of "security" anyways since the
main parts of flash are memory mapped, too.  This saves a little bit of
wake-up time when waking up from deep sleep when the
BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP option is set.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Tim Nordell
1e32fa2cf7 bootloader: Remove extraneous newlines from some debug statements
ESP_LOGD(...) provides its own new lines so remove these from these
debug strings.

Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
2019-08-21 11:44:37 +00:00
Angus Gratton
6990a7cd54 Merge branch 'master' into feature/esp32s2beta_update 2019-08-19 15:03:43 +10:00