From 9b16594444f6b2064f420303679be6187a8accb2 Mon Sep 17 00:00:00 2001 From: Roland Dobai Date: Mon, 23 Mar 2020 16:14:34 +0100 Subject: [PATCH] tools: Fix flashing encrypted binaries from IDF Monitor --- components/esptool_py/Makefile.projbuild | 2 + docs/en/api-guides/tools/idf-monitor.rst | 54 ++++++++++++------------ tools/idf_monitor.py | 16 +++++-- tools/idf_py_actions/serial_ext.py | 23 +++++++++- 4 files changed, 63 insertions(+), 32 deletions(-) diff --git a/components/esptool_py/Makefile.projbuild b/components/esptool_py/Makefile.projbuild index 2e380b394..261938ff1 100644 --- a/components/esptool_py/Makefile.projbuild +++ b/components/esptool_py/Makefile.projbuild @@ -88,6 +88,7 @@ endif ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT encrypted-flash: all_binaries $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies + $(eval MONITOR_OPTS += --encrypted) @echo "Flashing binaries to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..." ifdef CONFIG_SECURE_BOOT @echo "(Secure boot enabled, so bootloader not flashed automatically. See 'make bootloader' output)" @@ -112,6 +113,7 @@ app-flash: $(APP_BIN) $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) pa ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT encrypted-app-flash: $(APP_BIN) $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies + $(eval MONITOR_OPTS += --encrypted) @echo "Flashing encrypted app binary to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..." $(ESPTOOLPY_WRITE_FLASH_ENCRYPT) $(APP_OFFSET) $(APP_BIN) else diff --git a/docs/en/api-guides/tools/idf-monitor.rst b/docs/en/api-guides/tools/idf-monitor.rst index 1ea5ed31b..012853fdf 100644 --- a/docs/en/api-guides/tools/idf-monitor.rst +++ b/docs/en/api-guides/tools/idf-monitor.rst @@ -15,33 +15,33 @@ Keyboard Shortcuts For easy interaction with IDF Monitor, use the keyboard shortcuts given in the table. -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| Keyboard Shortcut | Action | Description | -+===================+========================================================+==================================================================================================================================================================+ -| Ctrl+] | Exit the program | | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| Ctrl+T | Menu escape key | Press and follow it by one of the keys given below. | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+T | Send the menu character itself to remote | | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+] | Send the exit character itself to remote | | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+P | Reset target into bootloader to pause app via RTS line | Resets the target, into bootloader via the RTS line (if connected), so that the board runs nothing. Useful when you need to wait for another device to startup. | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+R | Reset target board via RTS | Resets the target board and re-starts the application via the RTS line (if connected). | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+F | Build and flash the project | Pauses idf_monitor to run the project ``flash`` target, then resumes idf_monitor. Any changed source files are recompiled and then re-flashed. | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+A (or A) | Build and flash the app only | Pauses idf_monitor to run the ``app-flash`` target, then resumes idf_monitor. Similar to the ``flash`` target, but only the main app is built and re-flashed. | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+Y | Stop/resume log output printing on screen | Discards all incoming serial data while activated. Allows to quickly pause and examine log output without quitting the monitor. | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+L | Stop/resume log output saved to file | Creates a file in the project directory and the output is written to that file until this is disabled with the same keyboard shortcut (or IDF Monitor exits). | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+H (or H) | Display all keyboard shortcuts | | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| - Ctrl+X (or X) | Exit the program | | -+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Keyboard Shortcut | Action | Description | ++===================+========================================================+======================================================================================================================================================================================================================================================+ +| Ctrl+] | Exit the program | | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Ctrl+T | Menu escape key | Press and follow it by one of the keys given below. | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+T | Send the menu character itself to remote | | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+] | Send the exit character itself to remote | | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+P | Reset target into bootloader to pause app via RTS line | Resets the target, into bootloader via the RTS line (if connected), so that the board runs nothing. Useful when you need to wait for another device to startup. | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+R | Reset target board via RTS | Resets the target board and re-starts the application via the RTS line (if connected). | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+F | Build and flash the project | Pauses idf_monitor to run the project ``flash`` target, then resumes idf_monitor. Any changed source files are recompiled and then re-flashed. Target ``encrypted-flash`` is run if idf_monitor was started with argument ``-E``. | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+A (or A) | Build and flash the app only | Pauses idf_monitor to run the ``app-flash`` target, then resumes idf_monitor. Similar to the ``flash`` target, but only the main app is built and re-flashed. Target ``encrypted-app-flash`` is run if idf_monitor was started with argument ``-E``. | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+Y | Stop/resume log output printing on screen | Discards all incoming serial data while activated. Allows to quickly pause and examine log output without quitting the monitor. | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+L | Stop/resume log output saved to file | Creates a file in the project directory and the output is written to that file until this is disabled with the same keyboard shortcut (or IDF Monitor exits). | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+H (or H) | Display all keyboard shortcuts | | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| - Ctrl+X (or X) | Exit the program | | ++-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ Any keys pressed, other than ``Ctrl-]`` and ``Ctrl-T``, will be sent through the serial port. diff --git a/tools/idf_monitor.py b/tools/idf_monitor.py index 7ea827856..ce55327bb 100755 --- a/tools/idf_monitor.py +++ b/tools/idf_monitor.py @@ -459,7 +459,8 @@ class Monitor(object): Main difference is that all event processing happens in the main thread, not the worker threads. """ - def __init__(self, serial_instance, elf_file, print_filter, make="make", toolchain_prefix=DEFAULT_TOOLCHAIN_PREFIX, eol="CRLF", + def __init__(self, serial_instance, elf_file, print_filter, make="make", encrypted=False, + toolchain_prefix=DEFAULT_TOOLCHAIN_PREFIX, eol="CRLF", decode_coredumps=COREDUMP_DECODE_INFO): super(Monitor, self).__init__() self.event_queue = queue.Queue() @@ -490,6 +491,7 @@ class Monitor(object): self.make = shlex.split(make) # allow for possibility the "make" arg is a list of arguments (for idf.py) else: self.make = make + self.encrypted = encrypted self.toolchain_prefix = toolchain_prefix # internal state @@ -848,9 +850,9 @@ class Monitor(object): self.serial.setDTR(self.serial.dtr) # usbser.sys workaround self.output_enable(True) elif cmd == CMD_MAKE: - self.run_make("flash") + self.run_make("encrypted-flash" if self.encrypted else "flash") elif cmd == CMD_APP_FLASH: - self.run_make("app-flash") + self.run_make("encrypted-app-flash" if self.encrypted else "app-flash") elif cmd == CMD_OUTPUT_TOGGLE: self.output_toggle() elif cmd == CMD_TOGGLE_LOGGING: @@ -901,6 +903,11 @@ def main(): help='Command to run make', type=str, default='make') + parser.add_argument( + '--encrypted', + help='Use encrypted targets while running make', + action='store_true') + parser.add_argument( '--toolchain-prefix', help="Triplet prefix to add before cross-toolchain names", @@ -960,7 +967,8 @@ def main(): except KeyError: pass # not running a make jobserver - monitor = Monitor(serial_instance, args.elf_file.name, args.print_filter, args.make, args.toolchain_prefix, args.eol, + monitor = Monitor(serial_instance, args.elf_file.name, args.print_filter, args.make, args.encrypted, + args.toolchain_prefix, args.eol, args.decode_coredumps) yellow_print('--- idf_monitor on {p.name} {p.baudrate} ---'.format( diff --git a/tools/idf_py_actions/serial_ext.py b/tools/idf_py_actions/serial_ext.py index cea311206..d23827108 100644 --- a/tools/idf_py_actions/serial_ext.py +++ b/tools/idf_py_actions/serial_ext.py @@ -62,7 +62,7 @@ def action_extensions(base_actions, project_path): return result - def monitor(action, ctx, args, print_filter, monitor_baud): + def monitor(action, ctx, args, print_filter, monitor_baud, encrypted): """ Run idf_monitor.py to watch build output """ @@ -103,6 +103,9 @@ def action_extensions(base_actions, project_path): monitor_args += ["--print_filter", print_filter] monitor_args += [elf_file] + if encrypted: + monitor_args += ['--encrypted'] + idf_py = [PYTHON] + _get_commandline_options(ctx) # commands to re-run idf.py monitor_args += ["-m", " ".join("'%s'" % a for a in idf_py)] @@ -126,6 +129,14 @@ def action_extensions(base_actions, project_path): esptool_args += ["erase_flash"] run_tool("esptool.py", esptool_args, args.build_dir) + def global_callback(ctx, global_args, tasks): + encryption = any([task.name in ("encrypted-flash", "encrypted-app-flash") for task in tasks]) + if encryption: + for task in tasks: + if task.name == "monitor": + task.action_args["encrypted"] = True + break + baud_rate = { "names": ["-b", "--baud"], "help": "Baud rate for flashing.", @@ -143,6 +154,7 @@ def action_extensions(base_actions, project_path): } serial_actions = { + "global_action_callbacks": [global_callback], "actions": { "flash": { "callback": flash, @@ -184,13 +196,22 @@ def action_extensions(base_actions, project_path): "environment variables and project_description.json in build directory " "(generated by CMake from project's sdkconfig) " "will be checked for default value."), + }, { + "names": ["--encrypted", "-E"], + "is_flag": True, + "help": ("Enable encrypted flash targets.\n" + "IDF Monitor will invoke encrypted-flash and encrypted-app-flash targets " + "if this option is set. This option is set by default if IDF Monitor was invoked " + "together with encrypted-flash or encrypted-app-flash target."), } ], "order_dependencies": [ "flash", + "encrypted-flash", "partition_table-flash", "bootloader-flash", "app-flash", + "encrypted-app-flash", ], }, "partition_table-flash": {