Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

tools: Fix flashing encrypted binaries from IDF Monitor

Browse source
This commit is contained in:
Roland Dobai 2020-03-23 16:14:34 +01:00
parent 57a5a486ff
commit 13f4656d2a
4 changed files with 63 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
components/esptool_py/Makefile.projbuild
View file

@ -72,6 +72,7 @@ $(APP_BIN_UNSIGNED): $(APP_ELF) $(ESPTOOLPY_SRC) | check_python_dependencies
ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT
encrypted-flash: all_binaries $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies encrypted-flash: all_binaries $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies
$(eval MONITOR_OPTS += --encrypted)
@echo "Flashing binaries to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..." @echo "Flashing binaries to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..."
ifdef CONFIG_SECURE_BOOT_ENABLED ifdef CONFIG_SECURE_BOOT_ENABLED
@echo "(Secure boot enabled, so bootloader not flashed automatically. See 'make bootloader' output)" @echo "(Secure boot enabled, so bootloader not flashed automatically. See 'make bootloader' output)"
@ -96,6 +97,7 @@ app-flash: $(APP_BIN) $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) pa
ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT
encrypted-app-flash: $(APP_BIN) $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies encrypted-app-flash: $(APP_BIN) $(ESPTOOLPY_SRC) $(call prereq_if_explicit,erase_flash) partition_table_get_info | check_python_dependencies
$(eval MONITOR_OPTS += --encrypted)
@echo "Flashing encrypted app binary to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..." @echo "Flashing encrypted app binary to serial port $(ESPPORT) (app at offset $(APP_OFFSET))..."
$(ESPTOOLPY_WRITE_FLASH_ENCRYPT) $(APP_OFFSET) $(APP_BIN) $(ESPTOOLPY_WRITE_FLASH_ENCRYPT) $(APP_OFFSET) $(APP_BIN)
else else

54
docs/en/api-guides/tools/idf-monitor.rst
View file

@ -15,33 +15,33 @@ Keyboard Shortcuts
For easy interaction with IDF Monitor, use the keyboard shortcuts given in the table. For easy interaction with IDF Monitor, use the keyboard shortcuts given in the table.
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Keyboard Shortcut | Action | Description | | Keyboard Shortcut | Action | Description |
+===================+========================================================+==================================================================================================================================================================+ +===================+========================================================+======================================================================================================================================================================================================================================================+
| Ctrl+] | Exit the program | | | Ctrl+] | Exit the program | |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Ctrl+T | Menu escape key | Press and follow it by one of the keys given below. | | Ctrl+T | Menu escape key | Press and follow it by one of the keys given below. |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+T | Send the menu character itself to remote | | | - Ctrl+T | Send the menu character itself to remote | |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+] | Send the exit character itself to remote | | | - Ctrl+] | Send the exit character itself to remote | |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+P | Reset target into bootloader to pause app via RTS line | Resets the target, into bootloader via the RTS line (if connected), so that the board runs nothing. Useful when you need to wait for another device to startup. | | - Ctrl+P | Reset target into bootloader to pause app via RTS line | Resets the target, into bootloader via the RTS line (if connected), so that the board runs nothing. Useful when you need to wait for another device to startup. |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+R | Reset target board via RTS | Resets the target board and re-starts the application via the RTS line (if connected). | | - Ctrl+R | Reset target board via RTS | Resets the target board and re-starts the application via the RTS line (if connected). |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+F | Build and flash the project | Pauses idf_monitor to run the project ``flash`` target, then resumes idf_monitor. Any changed source files are recompiled and then re-flashed. | | - Ctrl+F | Build and flash the project | Pauses idf_monitor to run the project ``flash`` target, then resumes idf_monitor. Any changed source files are recompiled and then re-flashed. Target ``encrypted-flash`` is run if idf_monitor was started with argument ``-E``. |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+A (or A) | Build and flash the app only | Pauses idf_monitor to run the ``app-flash`` target, then resumes idf_monitor. Similar to the ``flash`` target, but only the main app is built and re-flashed. | | - Ctrl+A (or A) | Build and flash the app only | Pauses idf_monitor to run the ``app-flash`` target, then resumes idf_monitor. Similar to the ``flash`` target, but only the main app is built and re-flashed. Target ``encrypted-app-flash`` is run if idf_monitor was started with argument ``-E``. |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+Y | Stop/resume log output printing on screen | Discards all incoming serial data while activated. Allows to quickly pause and examine log output without quitting the monitor. | | - Ctrl+Y | Stop/resume log output printing on screen | Discards all incoming serial data while activated. Allows to quickly pause and examine log output without quitting the monitor. |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+L | Stop/resume log output saved to file | Creates a file in the project directory and the output is written to that file until this is disabled with the same keyboard shortcut (or IDF Monitor exits). | | - Ctrl+L | Stop/resume log output saved to file | Creates a file in the project directory and the output is written to that file until this is disabled with the same keyboard shortcut (or IDF Monitor exits). |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+H (or H) | Display all keyboard shortcuts | | | - Ctrl+H (or H) | Display all keyboard shortcuts | |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| - Ctrl+X (or X) | Exit the program | | | - Ctrl+X (or X) | Exit the program | |
+-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------+--------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Any keys pressed, other than ``Ctrl-]`` and ``Ctrl-T``, will be sent through the serial port. Any keys pressed, other than ``Ctrl-]`` and ``Ctrl-T``, will be sent through the serial port.

23
tools/idf.py
View file

@ -365,7 +365,7 @@ def erase_flash(action, ctx, args):
_run_tool("esptool.py", esptool_args, args.build_dir) _run_tool("esptool.py", esptool_args, args.build_dir)
def monitor(action, ctx, args, print_filter, monitor_baud): def monitor(action, ctx, args, print_filter, monitor_baud, encrypted):
""" """
Run idf_monitor.py to watch build output Run idf_monitor.py to watch build output
""" """
@ -403,6 +403,9 @@ def monitor(action, ctx, args, print_filter, monitor_baud):
monitor_args += ["--print_filter", print_filter] monitor_args += ["--print_filter", print_filter]
monitor_args += [elf_file] monitor_args += [elf_file]
if encrypted:
monitor_args += ['--encrypted']
idf_py = [PYTHON] + get_commandline_options(ctx) # commands to re-run idf.py idf_py = [PYTHON] + get_commandline_options(ctx) # commands to re-run idf.py
monitor_args += ["-m", " ".join("'%s'" % a for a in idf_py)] monitor_args += ["-m", " ".join("'%s'" % a for a in idf_py)]
@ -939,6 +942,14 @@ def init_cli():
args.build_dir = os.path.join(args.project_dir, "build") args.build_dir = os.path.join(args.project_dir, "build")
args.build_dir = _realpath(args.build_dir) args.build_dir = _realpath(args.build_dir)
def serial_action_global_callback(ctx, global_args, tasks):
encryption = any([task.name in ("encrypted-flash", "encrypted-app-flash") for task in tasks])
if encryption:
for task in tasks:
if task.name == "monitor":
task.action_args["encrypted"] = True
break
# Possible keys for action dict are: global_options, actions and global_action_callbacks # Possible keys for action dict are: global_options, actions and global_action_callbacks
global_options = [ global_options = [
{ {
@ -1173,14 +1184,23 @@ def init_cli():
"environment variables and project_description.json in build directory " "environment variables and project_description.json in build directory "
"(generated by CMake from project's sdkconfig) " "(generated by CMake from project's sdkconfig) "
"will be checked for default value."), "will be checked for default value."),
}, {
"names": ["--encrypted", "-E"],
"is_flag": True,
"help": ("Enable encrypted flash targets.\n"
"IDF Monitor will invoke encrypted-flash and encrypted-app-flash targets "
"if this option is set. This option is set by default if IDF Monitor was invoked "
"together with encrypted-flash or encrypted-app-flash target."),
} }
], ],
"order_dependencies": [ "order_dependencies": [
"flash", "flash",
"encrypted-flash",
"partition_table-flash", "partition_table-flash",
"bootloader-flash", "bootloader-flash",
"app-flash", "app-flash",
"encrypted-app-flash",
], ],
}, },
"partition_table-flash": { "partition_table-flash": {
@ -1217,6 +1237,7 @@ def init_cli():
"order_dependencies": ["erase_flash"], "order_dependencies": ["erase_flash"],
}, },
}, },
"global_action_callbacks": [serial_action_global_callback],
} }
base_actions = CLI.merge_action_lists( base_actions = CLI.merge_action_lists(

16
tools/idf_monitor.py
View file

@ -312,7 +312,8 @@ class Monitor(object):
Main difference is that all event processing happens in the main thread, not the worker threads. Main difference is that all event processing happens in the main thread, not the worker threads.
""" """
def __init__(self, serial_instance, elf_file, print_filter, make="make", toolchain_prefix=DEFAULT_TOOLCHAIN_PREFIX, eol="CRLF"): def __init__(self, serial_instance, elf_file, print_filter, make="make", encrypted=False,
toolchain_prefix=DEFAULT_TOOLCHAIN_PREFIX, eol="CRLF"):
super(Monitor, self).__init__() super(Monitor, self).__init__()
self.event_queue = queue.Queue() self.event_queue = queue.Queue()
self.console = miniterm.Console() self.console = miniterm.Console()
@ -340,6 +341,7 @@ class Monitor(object):
self.make = shlex.split(make) # allow for possibility the "make" arg is a list of arguments (for idf.py) self.make = shlex.split(make) # allow for possibility the "make" arg is a list of arguments (for idf.py)
else: else:
self.make = make self.make = make
self.encrypted = encrypted
self.toolchain_prefix = toolchain_prefix self.toolchain_prefix = toolchain_prefix
self.menu_key = CTRL_T self.menu_key = CTRL_T
self.exit_key = CTRL_RBRACKET self.exit_key = CTRL_RBRACKET
@ -480,11 +482,11 @@ class Monitor(object):
self.serial.setDTR(self.serial.dtr) # usbser.sys workaround self.serial.setDTR(self.serial.dtr) # usbser.sys workaround
self.output_enable(True) self.output_enable(True)
elif c == CTRL_F: # Recompile & upload elif c == CTRL_F: # Recompile & upload
self.run_make("flash") self.run_make("encrypted-flash" if self.encrypted else "flash")
elif c in [CTRL_A, 'a', 'A']: # Recompile & upload app only elif c in [CTRL_A, 'a', 'A']: # Recompile & upload app only
# "CTRL-A" cannot be captured with the default settings of the Windows command line, therefore, "A" can be used # "CTRL-A" cannot be captured with the default settings of the Windows command line, therefore, "A" can be used
# instead # instead
self.run_make("app-flash") self.run_make("encrypted-app-flash" if self.encrypted else "app-flash")
elif c == CTRL_Y: # Toggle output display elif c == CTRL_Y: # Toggle output display
self.output_toggle() self.output_toggle()
elif c == CTRL_L: # Toggle saving output into file elif c == CTRL_L: # Toggle saving output into file
@ -708,6 +710,11 @@ def main():
help='Command to run make', help='Command to run make',
type=str, default='make') type=str, default='make')
parser.add_argument(
'--encrypted',
help='Use encrypted targets while running make',
action='store_true')
parser.add_argument( parser.add_argument(
'--toolchain-prefix', '--toolchain-prefix',
help="Triplet prefix to add before cross-toolchain names", help="Triplet prefix to add before cross-toolchain names",
@ -754,7 +761,8 @@ def main():
except KeyError: except KeyError:
pass # not running a make jobserver pass # not running a make jobserver
monitor = Monitor(serial_instance, args.elf_file.name, args.print_filter, args.make, args.toolchain_prefix, args.eol) monitor = Monitor(serial_instance, args.elf_file.name, args.print_filter, args.make, args.encrypted,
args.toolchain_prefix, args.eol)
yellow_print('--- idf_monitor on {p.name} {p.baudrate} ---'.format( yellow_print('--- idf_monitor on {p.name} {p.baudrate} ---'.format(
p=serial_instance)) p=serial_instance))