Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

flash_encryption: return more clear error codes when bootloader encryption fails

Browse source
This commit is contained in:
Felipe Neves 2020-03-31 16:09:31 -03:00
parent b3d8847406
commit 6f27992430
3 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
components/bootloader/Kconfig.projbuild
View file

@ -601,7 +601,7 @@ menu "Security features"
config SECURE_BOOT_ALLOW_ROM_BASIC
bool "Leave ROM BASIC Interpreter available on reset"
depends on SECURE_BOOT_INSECURE || SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT && IDF_TARGET_ESP32
depends on (SECURE_BOOT_INSECURE || SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT) && IDF_TARGET_ESP32
default N
help
By default, the BASIC ROM Console starts on reset if no valid bootloader is

4
components/bootloader_support/src/esp32s2/flash_encrypt.c
View file

@ -233,7 +233,7 @@ static esp_err_t encrypt_bootloader(void)
image_length += FLASH_SECTOR_SIZE;
if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
return ESP_ERR_INVALID_STATE;
return ESP_ERR_INVALID_SIZE;
}
#endif // CONFIG_SECURE_BOOT_V2_ENABLED
@ -248,7 +248,7 @@ static esp_err_t encrypt_bootloader(void)
}
else {
ESP_LOGW(TAG, "no valid bootloader was found");
return ESP_ERR_INVALID_STATE;
return ESP_ERR_NOT_FOUND;
}
}

1
examples/security/flash_encryption/CMakeLists.txt
View file

@ -2,6 +2,5 @@
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
# Flash encryption not currently supported for ESP32-S2
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(flash_encryption)