Merge branch 'bugfix/bootloader_skip_verify_jtag' into 'master'

bootloader_support: don't check signature when JTAG is attached Closes IDFGH-2816 and IDFGH-2660 See merge request espressif/esp-idf!7865
2020-06-10 16:09:32 +08:00 · 2020-06-10 16:09:32 +08:00 · 067ce3ef32
parent e29c9d331f 754d631247
commit 067ce3ef32
2 changed files with 14 additions and 5 deletions
--- a/components/bootloader_support/src/esp_image_format.c
+++ b/components/bootloader_support/src/esp_image_format.c
@ -220,8 +220,17 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_

 #ifdef SECURE_BOOT_CHECK_SIGNATURE
            // secure boot images have a signature appended
-            err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
-#else
+#if defined(BOOTLOADER_BUILD) && !defined(CONFIG_SECURE_BOOT)
+            // If secure boot is not enabled in hardware, then
+            // skip the signature check in bootloader when the debugger is attached.
+            // This is done to allow for breakpoints in Flash.
+            if (!esp_cpu_in_ocd_debug_mode()) {
+#else // CONFIG_SECURE_BOOT
+            if (true) {
+#endif // end checking for JTAG
+                err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
+            }
+#else // SECURE_BOOT_CHECK_SIGNATURE
            // No secure boot, but SHA-256 can be appended for basic corruption detection
            if (sha_handle != NULL && !esp_cpu_in_ocd_debug_mode()) {
                err = verify_simple_hash(sha_handle, data);
--- a/components/partition_table/CMakeLists.txt
+++ b/components/partition_table/CMakeLists.txt
@ -51,7 +51,7 @@ add_custom_command(OUTPUT "${build_dir}/partition_table/${unsigned_partition_bin
    VERBATIM)

 add_custom_target(partition_table_bin DEPENDS "${build_dir}/partition_table/${unsigned_partition_bin}"
-                                              "${build_dir}/partition_table/${unsigned_partition_bin}")
+                                              "${build_dir}/partition_table/${final_partition_bin}")

 if(EXISTS ${partition_csv})
    add_custom_target(partition_table
@ -100,7 +100,7 @@ idf_component_get_property(sub_args esptool_py FLASH_SUB_ARGS)
 if(CONFIG_APP_BUILD_GENERATE_BINARIES)
    esptool_py_flash_target(partition_table-flash "${main_args}" "${sub_args}")
    esptool_py_flash_target_image(partition_table-flash partition_table "${PARTITION_TABLE_OFFSET}"
-                                        "${build_dir}/partition_table/partition-table.bin")
+                                        "${build_dir}/partition_table/${final_partition_bin}")
    esptool_py_flash_target_image(flash partition_table "${PARTITION_TABLE_OFFSET}"
-                                        "${build_dir}/partition_table/partition-table.bin")
+                                        "${build_dir}/partition_table/${final_partition_bin}")
 endif()