Morozov-5F
cca370df47
secure boot v2: Fix crash if signature verification fails in app
...
sha_handle is "finished" when verify_secure_boot_signature() returns and
should be nulled out.
Alternative version of fix submitted in https://github.com/espressif/esp-idf/pull/6210
Closes https://github.com/espressif/esp-idf/pull/6210
Signed-off-by: Angus Gratton <angus@espressif.com>
2020-12-31 14:34:25 +05:30
Supreet Deshpande
801bbcc7ad
Secure boot v2: Fixes the issue of passing the flash calculated digest for ota verification.
2020-12-24 14:25:28 +05:30
Supreet Deshpande
2427847229
Secure Boot v2: Fix the double padding of the image length during flash encryption
...
Fixes https://github.com/espressif/esp-idf/issues/6236
2020-12-24 14:22:08 +05:30
Angus Gratton
5b3734a04a
efuse: Add ESP32 V3 'disable Download Mode' functionality
2020-12-16 17:08:04 +11:00
Angus Gratton
fca2d78459
efuse: Add new esp_efuse_read_field_bit() convenience function
2020-12-15 15:53:26 +11:00
Angus Gratton
1ef020f0a6
efuse: Add new esp_efuse_write_field_bit() convenience function
2020-12-15 15:53:26 +11:00
Angus Gratton
9b31bd54da
efuse: Don't need to burn WR_CRYPT_CNT if CRYPT_CNT is already max
...
Reduces write cycles, and useful on ESP32 ECO3 as UART_DIS_DL is protected by
the same efuse.
Also fixes accidental macro definition introduced in 7635dce502
2020-12-15 15:53:26 +11:00
Angus Gratton
c9307cb16e
secure boot: Fix regression enabling secure boot v2
...
Regression in 18b4ae2a65
- write-protecting BLK2 caused write
registers to be cleared, so key digest was all zeroes.
2020-12-15 15:53:26 +11:00
Supreet Deshpande
18b4ae2a65
Secure Boot V2: Fix an issue leading to manual enablement of Secure Boot v2.
...
Fixes https://github.com/espressif/esp-idf/issues/6050
2020-11-13 11:36:29 +05:30
Mahavir Jain
f7f81c33f7
bootloader_support: fix issue in memory mapping for getting app descriptor
...
For getting secure_version field in anti rollback case, bootloader tries
to map whole firmware partition but fails for cases where partition size
is beyond available MMU free pages capacity.
Fix here ensures to map only required length upto application descriptor
size in firmware partition.
Closes https://github.com/espressif/esp-idf/issues/5911
2020-10-06 14:42:45 +05:30
KonstantinKondrashov
66acb32665
bootloader: Fix esp_get_flash_encryption_mode(). RELEASE = (CRYPT_CNT == max) or (CRYPT_CNT.write_protect == true)
...
If the CRYPT_CNT efuse is max it means the same as a write protection bit for this efuse.
Closes: https://github.com/espressif/esp-idf/issues/5747
2020-10-01 14:29:43 +08:00
Ivan Grokhotkov
42e694bb8f
bootloader_support: don't check signature when JTAG is attached
...
If an insecure configuration is enabled (no hardware secure boot, just
software signature check), skip the signature check in bootloader if
JTAG debugger is attached. This allows the debugger to set breakpoints
in Flash before the application runs.
Closes https://github.com/espressif/esp-idf/issues/4734
Closes https://github.com/espressif/esp-idf/issues/4878
2020-09-09 23:42:24 +02:00
KonstantinKondrashov
55fafa887c
bootloader_support: Fix bootloader_common_get_sha256_of_partition, can handle a long image
...
Closes: IDFGH-3594
2020-08-05 22:09:15 +08:00
KonstantinKondrashov
0a1919abff
esp32: Reduce using ESP_EARLY_LOGx and move some code after the stdout initialization
...
After setting _GLOBAL_REENT, ESP_LOGIx can be used instead of ESP_EARLY_LOGx.
Closes: https://github.com/espressif/esp-idf/issues/5343
2020-06-17 15:53:45 +08:00
Ivan Grokhotkov
bd3caffdcd
bootloader_support: force alignment of flash_read argument
2020-06-04 21:01:56 +10:00
Angus Gratton
a5b4fda207
bootloader: Force bootloader_image_hdr to be word aligned
...
Possible due to linker order for this file to be placed unaligned,
causing failure from bootloader_flash_read() function.
2020-06-04 20:53:46 +10:00
Angus Gratton
b00f38f91c
secure boot v2: Add anti-FI check that secure boot not enabled yet
...
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
2020-06-02 16:14:01 +10:00
Angus Gratton
3c6b1b4c0a
secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled
2020-06-02 16:14:01 +10:00
Angus Gratton
2c531d5bb3
secure boot v2: Don't log warnings when BLK2 is empty as expected
...
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)
If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
2020-06-02 16:14:01 +10:00
chenjianqiang
eb5bafeb65
flash: fix spi flash clock config error
...
Closes https://github.com/espressif/esp-idf/issues/5099
2020-04-27 16:56:58 +08:00
Angus Gratton
c17d55eb9b
esp32: Enable flash encryption by setting FLASH_CRYPT_CNT to max
...
Previous method was to write-protect this efuse, however on ECO3
the write protect field also covers the UART_DOWNLOAD_DIS efuse.
Doing it this way keeps the possibility of disabling UART download
mode, later.
2020-03-31 17:31:59 +11:00
Angus Gratton
cf8dd62fc4
secure boot v2: esp32: Prevent read disabling additional efuses
...
Also reduce the number of eFuse write cycles during first boot when
Secure Boot and/or Flash Encryption are enabled.
2020-03-31 17:31:56 +11:00
Mahavir Jain
b8fe1fdf27
bootloader_support: initialize mbedtls_ctr_drbg_context per mbedtls v2.16.5 requirement
...
In commit 02d2903e39
, mbedtls was
updated to release v2.16.5, where it was made mandatory to initialize
mbedtls_ctr_drbg_context before using same. It was fixed in wpa supplicant
but missed out in secure boot v2 verification code. This commit
fixes that.
2020-03-23 11:22:20 +05:30
Angus Gratton
32756b165e
bootloader: Add fault injection resistance to Secure Boot bootloader verification
...
Goal is that multiple faults would be required to bypass a boot-time signature check.
- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32
Add some additional checks for invalid sections:
- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-03-06 01:16:04 +05:30
Angus Gratton
74b299c4c7
secure boot: Encrypt the bootloader signature when enabling flash encryption + secure boot v2
2020-03-06 01:16:04 +05:30
Supreet Deshpande
60fed38c0f
feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3
2020-03-06 01:16:04 +05:30
suda-morris
1ffb546135
esp32s2:remove unsupported xtal choice
...
ESP32-S2 only supports 40MHz XTAL and doesn't have XTAL autodetection.
2020-01-09 13:09:21 +08:00
michael
4220752aed
ut: Move tests back from "esp32" subfolder
...
DISABLED_FOR_TARGETS macros are used
Partly revert "ci: disable unavailable tests for esp32s2beta"
This partly reverts commit 76a3a5fb48
.
Partly revert "ci: disable UTs for esp32s2beta without runners"
This partly reverts commit eb158e9a22
.
Partly revert "fix unit test and examples for s2beta"
This partly reverts commit 9baa7826be
.
Partly revert "efuse: Add support for esp32s2beta"
This partly reverts commit db84ba868c
.
2020-01-06 17:13:53 +08:00
Angus Gratton
ba3f47efd6
bootloader_support: fix crash in image verification is SHA doesn't match
2019-12-30 13:48:11 +11:00
Angus Gratton
b2ed553bbf
bootloader_support: Reduce log spam about chip revisions
...
* Don't bother checking the chip revision if it looks like the partition
doesn't really contain an app
* Don't print the "info" level about the revision & min revision unless
we're in the bootloader (otherwise it gets printed at random times
during the OTA process)
2019-12-30 13:48:11 +11:00
Angus Gratton
5139934767
bootloader_common: Fix esp_partition_get_sha256(), add unit tests
...
Regression in 438d513a95
Reported here: https://esp32.com/viewtopic.php?f=13&t=13250&p=52460
2019-12-30 13:47:47 +11:00
morris
888316fc64
bootloader_support: refactor to better support multi target
2019-12-23 05:45:17 +00:00
morris
01ca687caa
esp32s2beta: only support unicore
2019-12-09 09:48:37 +08:00
Angus Gratton
fd27c0a113
Merge branch 'bugfix/bootloader_unicore_cache_enable' into 'master'
...
bootloader: revert support for booting dual-core apps on single-core bootloader
See merge request espressif/esp-idf!6609
2019-11-27 08:01:59 +08:00
wanglei
7b2348baad
fix bug that wrap mode not disabled in none-QIO mode
2019-11-15 15:59:07 +00:00
Angus Gratton
ba72de2099
Merge branch 'bugfix/i2s-bootloader-random-disable' into 'master'
...
bugfix(bootloader): fix bootloader_random_disable bug
Closes IDFGH-1747 and IDFGH-1739
See merge request espressif/esp-idf!6522
2019-11-08 11:04:15 +08:00
Angus Gratton
75488f1806
Merge branch 'bugfix/cmake_secure_boot' into 'master'
...
secure boot: CMake bug fixes
See merge request espressif/esp-idf!6523
2019-11-08 10:58:04 +08:00
Ivan Grokhotkov
a8e3ad6bd9
bootloader: revert support for booting dual-core apps on single-core bootloader
2019-11-05 14:42:43 +01:00
Chen Zheng Wei
b4a02c57c2
bugfix(i2s_bootloader_random_disable): fix bug about i2s bootloader_random_disable
...
bootloader_random_disable disables the ADC incorrectly, causing the ADC to sometimes fail to work. Fix this bug
closes https://github.com/espressif/esp-idf/issues/3973
2019-11-05 10:36:53 +08:00
Angus Gratton
e8881352c5
secure boot: Fix bug where verification key was not embedded in app
2019-10-29 12:46:09 +11:00
Angus Gratton
7ce75a42c7
Merge branch 'master' into feature/esp32s2beta_merge
2019-10-25 15:13:52 +11:00
Angus Gratton
5bec9fb010
Merge branch 'bugfix/random_en_dis_for_app' into 'master'
...
bootloader_support: Fix using shared CLK_EN and RST_EN regs for random
See merge request espressif/esp-idf!6198
2019-10-23 13:18:01 +08:00
Angus Gratton
496ede9bcd
Merge branch 'master' into feature/esp32s2beta_merge
2019-10-15 14:59:27 +11:00
Mahavir Jain
99659091fb
bootloader_support: fix logging prints around chip revision
2019-10-11 14:35:22 +05:30
KonstantinKondrashov
807826f796
bootloader_support: Fix using shared CLK_EN and RST_EN regs for random
...
bootloader_random_enable() and bootloader_random_disable() functions
can be used in app.
This MR added the protection for shared CLK_EN and RST_EN registers.
2019-10-07 06:47:00 +00:00
Ivan Grokhotkov
6bddcdac67
bootloader: move esp32 specific code from bootloader_common
...
Also implements bootloader_clock_get_rated_freq_mhz for esp32s2beta.
Closes IDF-758
2019-10-03 09:38:13 +02:00
Ivan Grokhotkov
5830f529d8
Merge branch 'master' into feature/esp32s2beta_merge
2019-10-02 19:01:39 +02:00
suda-morris
cbab3c34f8
bootloader: shrink bin size
...
1. write a bootloader version of "getting chip revision" function.
2. reduce wordy log.
2019-09-27 10:58:30 +08:00
KonstantinKondrashov
6f102125b4
bootloader: Add support esp32s2beta
2019-09-20 16:57:33 +10:00
Angus Gratton
adfc06a530
Merge branch 'master' into feature/esp32s2beta_merge
2019-09-20 10:28:37 +10:00