Refactor existing bootloader common functionality into bootloader_support component

This commit is contained in:
Angus Gratton 2016-11-02 10:41:58 +11:00
parent 04beb8baba
commit aceb6517c0
18 changed files with 813 additions and 319 deletions

View file

@ -20,7 +20,7 @@ SECURE_BOOT_KEYFILE=$(abspath $(call dequote,$(CONFIG_SECURE_BOOTLOADER_KEY_FILE
# Custom recursive make for bootloader sub-project # Custom recursive make for bootloader sub-project
BOOTLOADER_MAKE=+$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/src \ BOOTLOADER_MAKE=+$(MAKE) -C $(BOOTLOADER_COMPONENT_PATH)/src \
V=$(V) SDKCONFIG=$(BOOTLOADER_SDKCONFIG) \ V=$(V) SDKCONFIG=$(BOOTLOADER_SDKCONFIG) \
BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) \ BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) IS_BOOTLOADER_BUILD=1
.PHONY: bootloader-clean bootloader-flash bootloader $(BOOTLOADER_BIN) .PHONY: bootloader-clean bootloader-flash bootloader $(BOOTLOADER_BIN)
@ -89,7 +89,9 @@ $(SECURE_BOOT_KEYFILE):
@exit 1 @exit 1
else else
$(error Bad sdkconfig - one of CONFIG_SECURE_BOOTLOADER_DISABLED, CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH, CONFIG_SECURE_BOOTLOADER_REFLASHABLE must be set) bootloader:
@echo "Invalid bootloader target: bad sdkconfig?"
@exit 1
endif endif
all_binaries: $(BOOTLOADER_BIN) all_binaries: $(BOOTLOADER_BIN)

View file

@ -4,7 +4,7 @@
# #
PROJECT_NAME := bootloader PROJECT_NAME := bootloader
COMPONENTS := esptool_py bootloader log spi_flash COMPONENTS := esptool_py bootloader bootloader_support log spi_flash
# The bootloader pseudo-component is also included in this build, for its Kconfig.projbuild to be included. # The bootloader pseudo-component is also included in this build, for its Kconfig.projbuild to be included.
# #

View file

@ -25,8 +25,6 @@ extern "C"
#define BOOT_VERSION "V0.1" #define BOOT_VERSION "V0.1"
#define SPI_SEC_SIZE 0x1000 #define SPI_SEC_SIZE 0x1000
#define MEM_CACHE(offset) (uint8_t *)(0x3f400000 + (offset))
#define CACHE_READ_32(offset) ((uint32_t *)(0x3f400000 + (offset)))
#define IROM_LOW 0x400D0000 #define IROM_LOW 0x400D0000
#define IROM_HIGH 0x40400000 #define IROM_HIGH 0x40400000
#define DROM_LOW 0x3F400000 #define DROM_LOW 0x3F400000
@ -61,9 +59,6 @@ typedef struct {
uint32_t selected_subtype; uint32_t selected_subtype;
} bootloader_state_t; } bootloader_state_t;
void boot_cache_redirect( uint32_t pos, size_t size );
uint32_t get_bin_len(uint32_t pos);
bool flash_encrypt(bootloader_state_t *bs); bool flash_encrypt(bootloader_state_t *bs);
bool secure_boot_generate_bootloader_digest(void); bool secure_boot_generate_bootloader_digest(void);

View file

@ -33,6 +33,8 @@
#include "soc/timer_group_reg.h" #include "soc/timer_group_reg.h"
#include "sdkconfig.h" #include "sdkconfig.h"
#include "esp_image_format.h"
#include "bootloader_flash.h"
#include "bootloader_config.h" #include "bootloader_config.h"
@ -49,7 +51,7 @@ flash cache is down and the app CPU is in reset. We do have a stack, so we can d
extern void Cache_Flush(int); extern void Cache_Flush(int);
void bootloader_main(); void bootloader_main();
void unpack_load_app(const esp_partition_pos_t *app_node); static void unpack_load_app(const esp_partition_pos_t *app_node);
void print_flash_info(const esp_image_header_t* pfhdr); void print_flash_info(const esp_image_header_t* pfhdr);
void IRAM_ATTR set_cache_and_start_app(uint32_t drom_addr, void IRAM_ATTR set_cache_and_start_app(uint32_t drom_addr,
uint32_t drom_load_addr, uint32_t drom_load_addr,
@ -94,53 +96,6 @@ void IRAM_ATTR call_start_cpu0()
bootloader_main(); bootloader_main();
} }
/**
* @function : get_bin_len
* @description: get bin's length
*
* @inputs: pos bin locate address in flash
* @return: uint32 length of bin,if bin MAGIC error return 0
*/
uint32_t get_bin_len(uint32_t pos)
{
uint32_t len = 8 + 16;
uint8_t i;
ESP_LOGD(TAG, "pos %d %x",pos,*(uint8_t *)pos);
if(0xE9 != *(uint8_t *)pos) {
return 0;
}
for (i = 0; i < *(uint8_t *)(pos + 1); i++) {
len += *(uint32_t *)(pos + len + 4) + 8;
}
if (len % 16 != 0) {
len = (len / 16 + 1) * 16;
} else {
len += 16;
}
ESP_LOGD(TAG, "bin length = %d", len);
return len;
}
/**
* @function : boot_cache_redirect
* @description: Configure several pages in flash map so that `size` bytes
* starting at `pos` are mapped to 0x3f400000.
* This sets up mapping only for PRO CPU.
*
* @inputs: pos address in flash
* size size of the area to map, in bytes
*/
void boot_cache_redirect( uint32_t pos, size_t size )
{
uint32_t pos_aligned = pos & 0xffff0000;
uint32_t count = (size + 0xffff) / 0x10000;
Cache_Read_Disable( 0 );
Cache_Flush( 0 );
ESP_LOGD(TAG, "mmu set paddr=%08x count=%d", pos_aligned, count );
cache_flash_mmu_set( 0, 0, 0x3f400000, pos_aligned, 64, count );
Cache_Read_Enable( 0 );
}
/** /**
* @function : load_partition_table * @function : load_partition_table
@ -154,36 +109,48 @@ void boot_cache_redirect( uint32_t pos, size_t size )
*/ */
bool load_partition_table(bootloader_state_t* bs, uint32_t addr) bool load_partition_table(bootloader_state_t* bs, uint32_t addr)
{ {
esp_partition_info_t partition; const esp_partition_info_t *partitions;
uint32_t end = addr + 0x1000; const int PARTITION_TABLE_SIZE = 0x1000;
int index = 0; const int MAX_PARTITIONS = PARTITION_TABLE_SIZE / sizeof(esp_partition_info_t);
char *partition_usage; char *partition_usage;
ESP_LOGI(TAG, "Partition Table:"); ESP_LOGI(TAG, "Partition Table:");
ESP_LOGI(TAG, "## Label Usage Type ST Offset Length"); ESP_LOGI(TAG, "## Label Usage Type ST Offset Length");
while (addr < end) { partitions = bootloader_mmap(addr, 0x1000);
ESP_LOGD(TAG, "load partition table entry from %x(%08x)", addr, MEM_CACHE(addr)); if (!partitions) {
memcpy(&partition, MEM_CACHE(addr), sizeof(partition)); ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", addr, 0x1000);
ESP_LOGD(TAG, "type=%x subtype=%x", partition.type, partition.subtype); return false;
}
ESP_LOGD(TAG, "mapped partition table 0x%x at 0x%x", addr, (intptr_t)partitions);
for(int i = 0; i < MAX_PARTITIONS; i++) {
const esp_partition_info_t *partition = &partitions[i];
ESP_LOGD(TAG, "load partition table entry 0x%x", (intptr_t)partition);
ESP_LOGD(TAG, "type=%x subtype=%x", partition->type, partition->subtype);
partition_usage = "unknown"; partition_usage = "unknown";
if (partition.magic == ESP_PARTITION_MAGIC) { /* valid partition definition */ if (partition->magic != ESP_PARTITION_MAGIC) {
switch(partition.type) { /* invalid partition definition indicates end-of-table */
break;
}
/* valid partition table */
switch(partition->type) {
case PART_TYPE_APP: /* app partition */ case PART_TYPE_APP: /* app partition */
switch(partition.subtype) { switch(partition->subtype) {
case PART_SUBTYPE_FACTORY: /* factory binary */ case PART_SUBTYPE_FACTORY: /* factory binary */
bs->factory = partition.pos; bs->factory = partition->pos;
partition_usage = "factory app"; partition_usage = "factory app";
break; break;
case PART_SUBTYPE_TEST: /* test binary */ case PART_SUBTYPE_TEST: /* test binary */
bs->test = partition.pos; bs->test = partition->pos;
partition_usage = "test app"; partition_usage = "test app";
break; break;
default: default:
/* OTA binary */ /* OTA binary */
if ((partition.subtype & ~PART_SUBTYPE_OTA_MASK) == PART_SUBTYPE_OTA_FLAG) { if ((partition->subtype & ~PART_SUBTYPE_OTA_MASK) == PART_SUBTYPE_OTA_FLAG) {
bs->ota[partition.subtype & PART_SUBTYPE_OTA_MASK] = partition.pos; bs->ota[partition->subtype & PART_SUBTYPE_OTA_MASK] = partition->pos;
++bs->app_count; ++bs->app_count;
partition_usage = "OTA app"; partition_usage = "OTA app";
} }
@ -194,9 +161,9 @@ bool load_partition_table(bootloader_state_t* bs, uint32_t addr)
} }
break; /* PART_TYPE_APP */ break; /* PART_TYPE_APP */
case PART_TYPE_DATA: /* data partition */ case PART_TYPE_DATA: /* data partition */
switch(partition.subtype) { switch(partition->subtype) {
case PART_SUBTYPE_DATA_OTA: /* ota data */ case PART_SUBTYPE_DATA_OTA: /* ota data */
bs->ota_info = partition.pos; bs->ota_info = partition->pos;
partition_usage = "OTA data"; partition_usage = "OTA data";
break; break;
case PART_SUBTYPE_DATA_RF: case PART_SUBTYPE_DATA_RF:
@ -213,20 +180,15 @@ bool load_partition_table(bootloader_state_t* bs, uint32_t addr)
default: /* other partition type */ default: /* other partition type */
break; break;
} }
}
/* invalid partition magic number */
else {
break; /* todo: validate md5 */
}
/* print partition type info */ /* print partition type info */
ESP_LOGI(TAG, "%2d %-16s %-16s %02x %02x %08x %08x", index, partition.label, partition_usage, ESP_LOGI(TAG, "%2d %-16s %-16s %02x %02x %08x %08x", i, partition->label, partition_usage,
partition.type, partition.subtype, partition->type, partition->subtype,
partition.pos.offset, partition.pos.size); partition->pos.offset, partition->pos.size);
index++;
addr += sizeof(partition);
} }
bootloader_unmap(partitions);
ESP_LOGI(TAG,"End of partition table"); ESP_LOGI(TAG,"End of partition table");
return true; return true;
} }
@ -256,6 +218,7 @@ void bootloader_main()
bootloader_state_t bs; bootloader_state_t bs;
SpiFlashOpResult spiRet1,spiRet2; SpiFlashOpResult spiRet1,spiRet2;
esp_ota_select_entry_t sa,sb; esp_ota_select_entry_t sa,sb;
const esp_ota_select_entry_t *ota_select_map;
memset(&bs, 0, sizeof(bs)); memset(&bs, 0, sizeof(bs));
@ -264,10 +227,11 @@ void bootloader_main()
REG_CLR_BIT( RTC_CNTL_WDTCONFIG0_REG, RTC_CNTL_WDT_FLASHBOOT_MOD_EN ); REG_CLR_BIT( RTC_CNTL_WDTCONFIG0_REG, RTC_CNTL_WDT_FLASHBOOT_MOD_EN );
REG_CLR_BIT( TIMG_WDTCONFIG0_REG(0), TIMG_WDT_FLASHBOOT_MOD_EN ); REG_CLR_BIT( TIMG_WDTCONFIG0_REG(0), TIMG_WDT_FLASHBOOT_MOD_EN );
SPIUnlock(); SPIUnlock();
/*register first sector in drom0 page 0 */
boot_cache_redirect( 0, 0x5000 );
memcpy((unsigned int *) &fhdr, MEM_CACHE(0x1000), sizeof(esp_image_header_t) ); if(esp_image_load_header(0x1000, &fhdr) != ESP_OK) {
ESP_LOGE(TAG, "failed to load bootloader header!");
return;
}
print_flash_info(&fhdr); print_flash_info(&fhdr);
@ -282,9 +246,19 @@ void bootloader_main()
if (bs.ota_info.offset != 0) { // check if partition table has OTA info partition if (bs.ota_info.offset != 0) { // check if partition table has OTA info partition
//ESP_LOGE("OTA info sector handling is not implemented"); //ESP_LOGE("OTA info sector handling is not implemented");
boot_cache_redirect(bs.ota_info.offset, bs.ota_info.size ); if (bs.ota_info.size < 2 * sizeof(esp_ota_select_entry_t)) {
memcpy(&sa,MEM_CACHE(bs.ota_info.offset & 0x0000ffff),sizeof(sa)); ESP_LOGE(TAG, "ERROR: ota_info partition size %d is too small (minimum %d bytes)", bs.ota_info.size, sizeof(esp_ota_select_entry_t));
memcpy(&sb,MEM_CACHE((bs.ota_info.offset + 0x1000)&0x0000ffff) ,sizeof(sb)); return;
}
ota_select_map = bootloader_mmap(bs.ota_info.offset, bs.ota_info.size);
if (!ota_select_map) {
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", bs.ota_info.offset, bs.ota_info.size);
return;
}
sa = ota_select_map[0];
sb = ota_select_map[1];
bootloader_unmap(ota_select_map);
if(sa.ota_seq == 0xFFFFFFFF && sb.ota_seq == 0xFFFFFFFF) { if(sa.ota_seq == 0xFFFFFFFF && sb.ota_seq == 0xFFFFFFFF) {
// init status flash // init status flash
load_part_pos = bs.ota[0]; load_part_pos = bs.ota[0];
@ -355,14 +329,14 @@ void bootloader_main()
} }
void unpack_load_app(const esp_partition_pos_t* partition) static void unpack_load_app(const esp_partition_pos_t* partition)
{ {
boot_cache_redirect(partition->offset, partition->size);
uint32_t pos = 0;
esp_image_header_t image_header; esp_image_header_t image_header;
memcpy(&image_header, MEM_CACHE(pos), sizeof(image_header));
pos += sizeof(image_header); if (esp_image_load_header(partition->offset, &image_header) != ESP_OK) {
ESP_LOGE(TAG, "Failed to load app image header @ 0x%x", partition->offset);
return;
}
uint32_t drom_addr = 0; uint32_t drom_addr = 0;
uint32_t drom_load_addr = 0; uint32_t drom_load_addr = 0;
@ -376,19 +350,22 @@ void unpack_load_app(const esp_partition_pos_t* partition)
bool load_rtc_memory = rtc_get_reset_reason(0) != DEEPSLEEP_RESET; bool load_rtc_memory = rtc_get_reset_reason(0) != DEEPSLEEP_RESET;
ESP_LOGD(TAG, "bin_header: %u %u %u %u %08x", image_header.magic, ESP_LOGD(TAG, "bin_header: %u %u %u %u %08x", image_header.magic,
image_header.blocks, image_header.segment_count,
image_header.spi_mode, image_header.spi_mode,
image_header.spi_size, image_header.spi_size,
(unsigned)image_header.entry_addr); (unsigned)image_header.entry_addr);
for (uint32_t section_index = 0; for (int segment = 0; segment < image_header.segment_count; segment++) {
section_index < image_header.blocks; esp_image_segment_header_t segment_header;
++section_index) { uint32_t data_offs;
esp_image_section_header_t section_header = {0}; if(esp_image_load_segment_header(segment, partition->offset,
memcpy(&section_header, MEM_CACHE(pos), sizeof(section_header)); &image_header, &segment_header,
pos += sizeof(section_header); &data_offs) != ESP_OK) {
ESP_LOGE(TAG, "failed to load segment header #%d", segment);
return;
}
const uint32_t address = section_header.load_addr; const uint32_t address = segment_header.load_addr;
bool load = true; bool load = true;
bool map = false; bool map = false;
if (address == 0x00000000) { // padding, ignore block if (address == 0x00000000) { // padding, ignore block
@ -400,45 +377,48 @@ void unpack_load_app(const esp_partition_pos_t* partition)
} }
if (address >= DROM_LOW && address < DROM_HIGH) { if (address >= DROM_LOW && address < DROM_HIGH) {
ESP_LOGD(TAG, "found drom section, map from %08x to %08x", pos, ESP_LOGD(TAG, "found drom section, map from %08x to %08x", data_offs,
section_header.load_addr); segment_header.load_addr);
drom_addr = partition->offset + pos - sizeof(section_header); drom_addr = data_offs;
drom_load_addr = section_header.load_addr; drom_load_addr = segment_header.load_addr;
drom_size = section_header.data_len + sizeof(section_header); drom_size = segment_header.data_len + sizeof(segment_header);
load = false; load = false;
map = true; map = true;
} }
if (address >= IROM_LOW && address < IROM_HIGH) { if (address >= IROM_LOW && address < IROM_HIGH) {
ESP_LOGD(TAG, "found irom section, map from %08x to %08x", pos, ESP_LOGD(TAG, "found irom section, map from %08x to %08x", data_offs,
section_header.load_addr); segment_header.load_addr);
irom_addr = partition->offset + pos - sizeof(section_header); irom_addr = data_offs;
irom_load_addr = section_header.load_addr; irom_load_addr = segment_header.load_addr;
irom_size = section_header.data_len + sizeof(section_header); irom_size = segment_header.data_len + sizeof(segment_header);
load = false; load = false;
map = true; map = true;
} }
if (!load_rtc_memory && address >= RTC_IRAM_LOW && address < RTC_IRAM_HIGH) { if (!load_rtc_memory && address >= RTC_IRAM_LOW && address < RTC_IRAM_HIGH) {
ESP_LOGD(TAG, "Skipping RTC code section at %08x\n", pos); ESP_LOGD(TAG, "Skipping RTC code section at %08x\n", data_offs);
load = false; load = false;
} }
if (!load_rtc_memory && address >= RTC_DATA_LOW && address < RTC_DATA_HIGH) { if (!load_rtc_memory && address >= RTC_DATA_LOW && address < RTC_DATA_HIGH) {
ESP_LOGD(TAG, "Skipping RTC data section at %08x\n", pos); ESP_LOGD(TAG, "Skipping RTC data section at %08x\n", data_offs);
load = false; load = false;
} }
ESP_LOGI(TAG, "section %d: paddr=0x%08x vaddr=0x%08x size=0x%05x (%6d) %s", section_index, pos, ESP_LOGI(TAG, "segment %d: paddr=0x%08x vaddr=0x%08x size=0x%05x (%6d) %s", segment, data_offs - sizeof(esp_image_segment_header_t),
section_header.load_addr, section_header.data_len, section_header.data_len, (load)?"load":(map)?"map":""); segment_header.load_addr, segment_header.data_len, segment_header.data_len, (load)?"load":(map)?"map":"");
if (!load) { if (load) {
pos += section_header.data_len; const void *data = bootloader_mmap(data_offs, segment_header.data_len);
continue; if(!data) {
ESP_LOGE(TAG, "bootloader_mmap(0x%xc, 0x%x) failed",
data_offs, segment_header.data_len);
return;
}
memcpy((void *)segment_header.load_addr, data, segment_header.data_len);
bootloader_unmap(data);
} }
memcpy((void*) section_header.load_addr, MEM_CACHE(pos), section_header.data_len);
pos += section_header.data_len;
} }
set_cache_and_start_app(drom_addr, set_cache_and_start_app(drom_addr,
@ -526,7 +506,7 @@ void print_flash_info(const esp_image_header_t* phdr)
#if (BOOT_LOG_LEVEL >= BOOT_LOG_LEVEL_NOTICE) #if (BOOT_LOG_LEVEL >= BOOT_LOG_LEVEL_NOTICE)
ESP_LOGD(TAG, "magic %02x", phdr->magic ); ESP_LOGD(TAG, "magic %02x", phdr->magic );
ESP_LOGD(TAG, "blocks %02x", phdr->blocks ); ESP_LOGD(TAG, "segments %02x", phdr->segment_count );
ESP_LOGD(TAG, "spi_mode %02x", phdr->spi_mode ); ESP_LOGD(TAG, "spi_mode %02x", phdr->spi_mode );
ESP_LOGD(TAG, "spi_speed %02x", phdr->spi_speed ); ESP_LOGD(TAG, "spi_speed %02x", phdr->spi_speed );
ESP_LOGD(TAG, "spi_size %02x", phdr->spi_size ); ESP_LOGD(TAG, "spi_size %02x", phdr->spi_size );

View file

@ -17,6 +17,7 @@
#include "esp_types.h" #include "esp_types.h"
#include "esp_attr.h" #include "esp_attr.h"
#include "esp_log.h" #include "esp_log.h"
#include "esp_err.h"
#include "rom/cache.h" #include "rom/cache.h"
#include "rom/ets_sys.h" #include "rom/ets_sys.h"
@ -30,6 +31,7 @@
#include "sdkconfig.h" #include "sdkconfig.h"
#include "bootloader_config.h" #include "bootloader_config.h"
#include "esp_image_format.h"
static const char* TAG = "flash_encrypt"; static const char* TAG = "flash_encrypt";
@ -90,6 +92,8 @@ bool flash_encrypt_write(uint32_t pos, uint32_t len)
Cache_Read_Enable(0); Cache_Read_Enable(0);
return true; return true;
} }
/** /**
* @function : flash_encrypt * @function : flash_encrypt
* @description: encrypt 2nd boot ,partition table ,factory bin <EFBFBD><EFBFBD>test bin (if use)<EFBFBD><EFBFBD>ota bin * @description: encrypt 2nd boot ,partition table ,factory bin <EFBFBD><EFBFBD>test bin (if use)<EFBFBD><EFBFBD>ota bin
@ -102,24 +106,23 @@ bool flash_encrypt_write(uint32_t pos, uint32_t len)
*/ */
bool flash_encrypt(bootloader_state_t *bs) bool flash_encrypt(bootloader_state_t *bs)
{ {
uint32_t bin_len = 0; esp_err_t err;
uint32_t image_len = 0;
uint32_t flash_crypt_cnt = REG_GET_FIELD(EFUSE_BLK0_RDATA0_REG, EFUSE_FLASH_CRYPT_CNT); uint32_t flash_crypt_cnt = REG_GET_FIELD(EFUSE_BLK0_RDATA0_REG, EFUSE_FLASH_CRYPT_CNT);
uint8_t count = bitcount(flash_crypt_cnt); uint8_t count = bitcount(flash_crypt_cnt);
int i = 0;
ESP_LOGD(TAG, "flash encrypt cnt %x, bitcount %d", flash_crypt_cnt, count); ESP_LOGD(TAG, "flash encrypt cnt %x, bitcount %d", flash_crypt_cnt, count);
if ((count % 2) == 0) { if ((count % 2) == 0) {
boot_cache_redirect( 0, 64*1024); /* encrypt iv and abstract */
/* encrypt iv and abstruct */
if (false == flash_encrypt_write(0, SPI_SEC_SIZE)) { if (false == flash_encrypt_write(0, SPI_SEC_SIZE)) {
ESP_LOGE(TAG, "encrypt iv and abstract error"); ESP_LOGE(TAG, "encrypt iv and abstract error");
return false; return false;
} }
/* encrypt write boot bin*/ /* encrypt bootloader image */
bin_len = get_bin_len((uint32_t)MEM_CACHE(0x1000)); err = esp_image_basic_verify(0x1000, &image_len);
if(bin_len != 0) { if(err == ESP_OK && image_len != 0) {
if (false == flash_encrypt_write(0x1000, bin_len)) { if (false == flash_encrypt_write(0x1000, image_len)) {
ESP_LOGE(TAG, "encrypt 2nd boot error"); ESP_LOGE(TAG, "encrypt 2nd boot error");
return false; return false;
} }
@ -127,6 +130,7 @@ bool flash_encrypt(bootloader_state_t *bs)
ESP_LOGE(TAG, "2nd boot len error"); ESP_LOGE(TAG, "2nd boot len error");
return false; return false;
} }
/* encrypt partition table */ /* encrypt partition table */
if (false == flash_encrypt_write(ESP_PARTITION_TABLE_ADDR, SPI_SEC_SIZE)) { if (false == flash_encrypt_write(ESP_PARTITION_TABLE_ADDR, SPI_SEC_SIZE)) {
ESP_LOGE(TAG, "encrypt partition table error"); ESP_LOGE(TAG, "encrypt partition table error");
@ -134,48 +138,40 @@ bool flash_encrypt(bootloader_state_t *bs)
} }
/* encrypt write factory bin */ /* encrypt write factory bin */
if(bs->factory.offset != 0x00) { if(bs->factory.offset != 0 && bs->factory.size != 0) {
ESP_LOGD(TAG, "have factory bin"); ESP_LOGD(TAG, "have factory bin");
boot_cache_redirect(bs->factory.offset, bs->factory.size); if (false == flash_encrypt_write(bs->factory.offset, bs->factory.size)) {
bin_len = get_bin_len((uint32_t)MEM_CACHE(bs->factory.offset&0xffff));
if(bin_len != 0) {
if (false == flash_encrypt_write(bs->factory.offset, bin_len)) {
ESP_LOGE(TAG, "encrypt factory bin error"); ESP_LOGE(TAG, "encrypt factory bin error");
return false; return false;
} }
} }
}
/* encrypt write test bin */ /* encrypt write test bin */
if(bs->test.offset != 0x00) { if(bs->test.offset != 0 && bs->test.size != 0) {
ESP_LOGD(TAG, "have test bin"); ESP_LOGD(TAG, "have test bin");
boot_cache_redirect(bs->test.offset, bs->test.size); if (false == flash_encrypt_write(bs->test.offset, bs->test.size)) {
bin_len = get_bin_len((uint32_t)MEM_CACHE(bs->test.offset&0xffff));
if(bin_len != 0) {
if (false == flash_encrypt_write(bs->test.offset, bin_len)) {
ESP_LOGE(TAG, "encrypt test bin error"); ESP_LOGE(TAG, "encrypt test bin error");
return false; return false;
} }
} }
}
/* encrypt write ota bin */ /* encrypt write ota bin */
for (i = 0;i<16;i++) { for (int i = 0; i < 16; i++) {
if(bs->ota[i].offset != 0x00) { if(bs->ota[i].offset != 0 && bs->ota[i].size != 0) {
ESP_LOGD(TAG, "have ota[%d] bin",i); ESP_LOGD(TAG, "have ota[%d] bin",i);
boot_cache_redirect(bs->ota[i].offset, bs->ota[i].size); if (false == flash_encrypt_write(bs->ota[i].offset, bs->ota[i].size)) {
bin_len = get_bin_len((uint32_t)MEM_CACHE(bs->ota[i].offset&0xffff));
if(bin_len != 0) {
if (false == flash_encrypt_write(bs->ota[i].offset, bin_len)) {
ESP_LOGE(TAG, "encrypt ota bin error"); ESP_LOGE(TAG, "encrypt ota bin error");
return false; return false;
} }
} }
} }
}
/* encrypt write ota info bin */ /* encrypt write ota info bin */
if (false == flash_encrypt_write(bs->ota_info.offset, 2*SPI_SEC_SIZE)) { if (false == flash_encrypt_write(bs->ota_info.offset, 2*SPI_SEC_SIZE)) {
ESP_LOGE(TAG, "encrypt ota info error"); ESP_LOGE(TAG, "encrypt ota info error");
return false; return false;
} }
REG_SET_FIELD(EFUSE_BLK0_WDATA0_REG, EFUSE_FLASH_CRYPT_CNT, 0x04); REG_SET_FIELD(EFUSE_BLK0_WDATA0_REG, EFUSE_FLASH_CRYPT_CNT, 0x04);
REG_WRITE(EFUSE_CONF_REG, 0x5A5A); /* efuse_pgm_op_ena, force no rd/wr disable */ REG_WRITE(EFUSE_CONF_REG, 0x5A5A); /* efuse_pgm_op_ena, force no rd/wr disable */
REG_WRITE(EFUSE_CMD_REG, 0x02); /* efuse_pgm_cmd */ REG_WRITE(EFUSE_CMD_REG, 0x02); /* efuse_pgm_cmd */

View file

@ -31,6 +31,8 @@
#include "sdkconfig.h" #include "sdkconfig.h"
#include "bootloader_config.h" #include "bootloader_config.h"
#include "bootloader_flash.h"
#include "esp_image_format.h"
static const char* TAG = "secure_boot"; static const char* TAG = "secure_boot";
@ -40,12 +42,13 @@ static const char* TAG = "secure_boot";
* *
* @inputs: bool * @inputs: bool
*/ */
static bool secure_boot_generate(uint32_t bin_len){ static bool secure_boot_generate(uint32_t image_len){
SpiFlashOpResult spiRet; SpiFlashOpResult spiRet;
uint16_t i;
uint32_t buf[32]; uint32_t buf[32];
if (bin_len % 128 != 0) { const void *image;
bin_len = (bin_len / 128 + 1) * 128;
if (image_len % 128 != 0) {
image_len = (image_len / 128 + 1) * 128;
} }
ets_secure_boot_start(); ets_secure_boot_start();
ets_secure_boot_rd_iv(buf); ets_secure_boot_rd_iv(buf);
@ -58,25 +61,33 @@ static bool secure_boot_generate(uint32_t bin_len){
ESP_LOGE(TAG, SPI_ERROR_LOG); ESP_LOGE(TAG, SPI_ERROR_LOG);
return false; return false;
} }
Cache_Read_Enable(0);
/* write iv to flash, 0x0000, 128 bytes (1024 bits) */ /* write iv to flash, 0x0000, 128 bytes (1024 bits) */
ESP_LOGD(TAG, "write iv to flash.");
spiRet = SPIWrite(0, buf, 128); spiRet = SPIWrite(0, buf, 128);
if (spiRet != SPI_FLASH_RESULT_OK) if (spiRet != SPI_FLASH_RESULT_OK)
{ {
ESP_LOGE(TAG, SPI_ERROR_LOG); ESP_LOGE(TAG, SPI_ERROR_LOG);
return false; return false;
} }
ESP_LOGD(TAG, "write iv to flash.");
Cache_Read_Enable(0); /* generate digest from image contents */
/* read 4K code image from flash, for test */ image = bootloader_mmap(0x1000, image_len);
for (i = 0; i < bin_len; i+=128) { if (!image) {
ets_secure_boot_hash((uint32_t *)(0x3f400000 + 0x1000 + i)); ESP_LOGE(TAG, "bootloader_mmap(0x1000, 0x%x) failed", image_len);
return false;
} }
for (int i = 0; i < image_len; i+=128) {
ets_secure_boot_hash(image + i/sizeof(void *));
}
bootloader_unmap(image);
ets_secure_boot_obtain(); ets_secure_boot_obtain();
ets_secure_boot_rd_abstract(buf); ets_secure_boot_rd_abstract(buf);
ets_secure_boot_finish(); ets_secure_boot_finish();
Cache_Read_Disable(0);
/* write abstract to flash, 0x0080, 64 bytes (512 bits) */ ESP_LOGD(TAG, "write abstract to flash.");
spiRet = SPIWrite(0x80, buf, 64); spiRet = SPIWrite(0x80, buf, 64);
if (spiRet != SPI_FLASH_RESULT_OK) { if (spiRet != SPI_FLASH_RESULT_OK) {
ESP_LOGE(TAG, SPI_ERROR_LOG); ESP_LOGE(TAG, SPI_ERROR_LOG);
@ -99,9 +110,9 @@ static inline void burn_efuses()
} }
/** /**
* @function : secure_boot_generate_bootloader_digest * @brief Enable secure boot if it is not already enabled.
* *
* @description: Called if the secure boot flag is set on the * Called if the secure boot flag is set on the
* bootloader image in flash. If secure boot is not yet enabled for * bootloader image in flash. If secure boot is not yet enabled for
* bootloader, this will generate the secure boot digest and enable * bootloader, this will generate the secure boot digest and enable
* secure boot by blowing the EFUSE_RD_ABS_DONE_0 efuse. * secure boot by blowing the EFUSE_RD_ABS_DONE_0 efuse.
@ -110,24 +121,21 @@ static inline void burn_efuses()
* ROM bootloader does this.) * ROM bootloader does this.)
* *
* @return true if secure boot is enabled (either was already enabled, * @return true if secure boot is enabled (either was already enabled,
* or is freshly enabled as a result of calling this function.) * or is freshly enabled as a result of calling this function.) false
* implies an error occured (possibly secure boot is part-enabled.)
*/ */
bool secure_boot_generate_bootloader_digest(void) { bool secure_boot_generate_bootloader_digest(void) {
uint32_t bin_len = 0; esp_err_t err;
uint32_t image_len = 0;
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_RD_ABS_DONE_0) if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_RD_ABS_DONE_0)
{ {
ESP_LOGI(TAG, "bootloader secure boot is already enabled, continuing.."); ESP_LOGI(TAG, "bootloader secure boot is already enabled, continuing..");
return true; return true;
} }
boot_cache_redirect( 0, 64*1024); err = esp_image_basic_verify(0x1000, &image_len);
bin_len = get_bin_len((uint32_t)MEM_CACHE(0x1000)); if (err != ESP_OK) {
if (bin_len == 0) { ESP_LOGE(TAG, "bootloader image appears invalid! error %d", err);
ESP_LOGE(TAG, "Invalid bootloader image length zero.");
return false;
}
if (bin_len > 0x100000) {
ESP_LOGE(TAG, "Invalid bootloader image length %x", bin_len);
return false; return false;
} }
@ -168,7 +176,7 @@ bool secure_boot_generate_bootloader_digest(void) {
} }
ESP_LOGI(TAG, "Generating secure boot digest..."); ESP_LOGI(TAG, "Generating secure boot digest...");
if (false == secure_boot_generate(bin_len)){ if (false == secure_boot_generate(image_len)){
ESP_LOGE(TAG, "secure boot generation failed"); ESP_LOGE(TAG, "secure boot generation failed");
return false; return false;
} }

View file

@ -0,0 +1,9 @@
Bootloader Support Component
============================
Overview
--------
"Bootloader support" contains APIs which are used by the bootloader but are also needed for the main app.
Code in this component needs to be aware of being executed in a bootloader environment (no RTOS available, BOOTLOADER_BUILD macro set) or in an esp-idf app environment (RTOS running, need locking support.)

View file

@ -0,0 +1,11 @@
COMPONENT_ADD_INCLUDEDIRS := include
COMPONENT_PRIV_INCLUDEDIRS := include_priv
ifdef IS_BOOTLOADER_BUILD
# share "private" headers with the bootloader component
COMPONENT_ADD_INCLUDEDIRS += include_priv
endif
COMPONENT_SRCDIRS := src
include $(IDF_PATH)/make/component_common.mk

View file

@ -0,0 +1,133 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __ESP32_IMAGE_FORMAT_H
#define __ESP32_IMAGE_FORMAT_H
#include <stdbool.h>
#include <esp_err.h>
#define ESP_ERR_IMAGE_BASE 0x2000
#define ESP_ERR_IMAGE_FLASH_FAIL (ESP_ERR_IMAGE_BASE + 1)
#define ESP_ERR_IMAGE_INVALID (ESP_ERR_IMAGE_BASE + 2)
/* Support for app/bootloader image parsing
Can be compiled as part of app or bootloader code.
*/
/* SPI flash mode, used in esp_image_header_t */
typedef enum {
ESP_IMAGE_SPI_MODE_QIO,
ESP_IMAGE_SPI_MODE_QOUT,
ESP_IMAGE_SPI_MODE_DIO,
ESP_IMAGE_SPI_MODE_DOUT,
ESP_IMAGE_SPI_MODE_FAST_READ,
ESP_IMAGE_SPI_MODE_SLOW_READ
} esp_image_spi_mode_t;
/* SPI flash clock frequency */
enum {
ESP_IMAGE_SPI_SPEED_40M,
ESP_IMAGE_SPI_SPEED_26M,
ESP_IMAGE_SPI_SPEED_20M,
ESP_IMAGE_SPI_SPEED_80M = 0xF
} esp_image_spi_freq_t;
/* Supported SPI flash sizes */
typedef enum {
ESP_IMAGE_FLASH_SIZE_1MB = 0,
ESP_IMAGE_FLASH_SIZE_2MB,
ESP_IMAGE_FLASH_SIZE_4MB,
ESP_IMAGE_FLASH_SIZE_8MB,
ESP_IMAGE_FLASH_SIZE_16MB,
ESP_IMAGE_FLASH_SIZE_MAX
} esp_image_flash_size_t;
#define ESP_IMAGE_HEADER_MAGIC 0xE9
/* Main header of binary image */
typedef struct {
uint8_t magic;
uint8_t segment_count;
uint8_t spi_mode; /* flash read mode (esp_image_spi_mode_t as uint8_t) */
uint8_t spi_speed: 4; /* flash frequency (esp_image_spi_freq_t as uint8_t) */
uint8_t spi_size: 4; /* flash chip size (esp_image_flash_size_t as uint8_t) */
uint32_t entry_addr;
uint8_t encrypt_flag; /* encrypt flag */
uint8_t secure_boot_flag; /* secure boot flag */
uint8_t extra_header[14]; /* ESP32 additional header, unused by second bootloader */
} esp_image_header_t;
/* Header of binary image segment */
typedef struct {
uint32_t load_addr;
uint32_t data_len;
} esp_image_segment_header_t;
/**
* @brief Read an ESP image header from flash.
*
* @param src_addr Address in flash to load image header. Must be 4 byte aligned.
* @param[out] image_header Pointer to an esp_image_header_t struture to be filled with data. If the function fails, contents are undefined.
*
* @return ESP_OK if image header was loaded, ESP_ERR_IMAGE_FLASH_FAIL
* if a SPI flash error occurs, ESP_ERR_IMAGE_INVALID if the image header
* appears invalid.
*/
esp_err_t esp_image_load_header(uint32_t src_addr, esp_image_header_t *image_header);
/**
* @brief Read the segment header and data offset of a segment in the image.
*
* @param index Index of the segment to load information for.
* @param src_addr Base address in flash of the image.
* @param[in] image_header Pointer to the flash image header, already loaded by @ref esp_image_load_header().
* @param[out] segment_header Pointer to a segment header structure to be filled with data. If the function fails, contents are undefined.
* @param[out] segment_data_offset Pointer to the data offset of the segment.
*
* @return ESP_OK if segment_header & segment_data_offset were loaded successfully, ESP_ERR_IMAGE_FLASH_FAIL if a SPI flash error occurs, ESP_ERR_IMAGE_INVALID if the image header appears invalid, ESP_ERR_INVALID_ARG if the index is invalid.
*/
esp_err_t esp_image_load_segment_header(uint8_t index, uint32_t src_addr, const esp_image_header_t *image_header, esp_image_segment_header_t *segment_header, uint32_t *segment_data_offset);
/**
* @brief Return length of an image in flash. Non-cryptographically validates image integrity in the process.
*
* If the image has a secure boot signature appended, the signature is not checked and this length is not included in the result.
*
* Image validation checks:
* - Magic byte
* - No single section longer than 16MB
* - Total image no longer than 16MB
* - 8 bit image checksum is valid
*
* @param src_addr Offset of the start of the image in flash. Must be 4 byte aligned.
* @param[out] length Length of the image, set to a value if the image is valid. Can be null.
*
* @return ESP_OK if image is valid, ESP_FAIL or ESP_ERR_IMAGE_INVALID on errors.
*
*/
esp_err_t esp_image_basic_verify(uint32_t src_addr, uint32_t *length);
typedef struct {
uint32_t drom_addr;
uint32_t drom_load_addr;
uint32_t drom_size;
uint32_t irom_addr;
uint32_t irom_load_addr;
uint32_t irom_size;
} esp_image_flash_mapping_t;
#endif

View file

@ -0,0 +1,51 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __ESP32_SECUREBOOT_H
#define __ESP32_SECUREBOOT_H
#include <stdbool.h>
#include <esp_err.h>
/* Support functions for secure boot features.
Can be compiled as part of app or bootloader code.
*/
/** @brief Is secure boot currently enabled in hardware?
*
* Secure boot is enabled if the ABS_DONE_0 efuse is blown. This means
* that the ROM bootloader code will only boot a verified secure
* bootloader digest from now on.
*
* @return true if secure boot is enabled.
*/
bool esp_secure_boot_enabled(void);
/** @brief Enable secure boot if it isw not already enabled.
*
* @important If this function succeeds, secure boot is permanentl
* enabled on the chip via efuse.
*
* This function is intended to be called from bootloader code.
*
* @return ESP_ERR_INVALID_STATE if efuse state doesn't allow
* secure boot to be enabled cleanly. ESP_OK if secure boot
* is enabled on this chip from now on.
*/
esp_err_t esp_secure_boot_enable(void);
#endif

View file

@ -0,0 +1,69 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __BOOTLOADER_FLASH_H
#define __BOOTLOADER_FLASH_H
#include <stddef.h>
#include <stdbool.h>
#include <stdint.h>
#include <esp_err.h>
/* Provide a Flash API for bootloader_support code,
that can be used from bootloader or app code.
This header is available to source code in the bootloader &
bootloader_support components only.
*/
/**
* @brief Map a region of flash to data memory
*
* @important In bootloader code, only one region can be bootloader_mmaped at once. The previous region must be bootloader_unmapped before another region is mapped.
*
* @important In app code, these functions are not thread safe.
*
* Call bootloader_unmap once for each successful call to bootloader_mmap.
*
* In esp-idf app, this function maps directly to spi_flash_mmap.
*
* @param offset - Starting flash offset to map to memory.
* @param length - Length of data to map.
*
* @return Pointer to mapped data memory (at src_addr), or NULL
* if an allocation error occured.
*/
const void *bootloader_mmap(uint32_t src_addr, uint32_t size);
/**
* @brief Unmap a previously mapped region of flash
*
* Call bootloader_unmap once for each successful call to bootloader_mmap.
*/
void bootloader_unmap(const void *mapping);
/**
* @brief Read data from Flash.
*
* @note Both src and dest have to be 4-byte aligned.
*
* @param src source address of the data in Flash.
* @param dest pointer to the destination buffer
* @param size length of data
*
* @return esp_err_t
*/
esp_err_t bootloader_flash_read(size_t src_addr, void *dest, size_t size);
#endif

View file

@ -0,0 +1,122 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <stddef.h>
#include <bootloader_flash.h>
#include <esp_log.h>
#include <esp_spi_flash.h> /* including in bootloader for error values */
#ifndef BOOTLOADER_BUILD
/* Normal app version maps to esp_spi_flash.h operations...
*/
static const char *TAG = "bootloader_mmap";
static spi_flash_mmap_memory_t map;
const void *bootloader_mmap(uint32_t src_addr, uint32_t size)
{
if (map) {
ESP_LOGE(TAG, "tried to bootloader_mmap twice");
return NULL; /* existing mapping in use... */
}
const void *result = NULL;
esp_err_t err = spi_flash_mmap(src_addr, size, SPI_FLASH_MMAP_DATA, &result, &map);
if (err != ESP_OK) {
result = NULL;
}
return result;
}
void bootloader_unmap(const void *mapping)
{
if(mapping && map) {
spi_flash_munmap(map);
}
map = 0;
}
esp_err_t bootloader_flash_read(size_t src, void *dest, size_t size)
{
return spi_flash_read(src, dest, size);
}
#else
/* Bootloader version, uses ROM functions only */
#include <rom/spi_flash.h>
#include <rom/cache.h>
static const char *TAG = "bootloader_flash";
static bool mapped;
const void *bootloader_mmap(uint32_t src_addr, uint32_t size)
{
if (mapped) {
ESP_LOGE(TAG, "tried to bootloader_mmap twice");
return NULL; /* can't map twice */
}
uint32_t src_addr_aligned = src_addr & 0xffff0000;
uint32_t count = (size + 0xffff) / 0x10000;
Cache_Read_Disable(0);
Cache_Flush(0);
ESP_LOGD(TAG, "mmu set paddr=%08x count=%d", src_addr_aligned, count );
cache_flash_mmu_set( 0, 0, 0x3f400000, src_addr_aligned, 64, count );
Cache_Read_Enable( 0 );
mapped = true;
return (void *)(0x3f400000 + (src_addr - src_addr_aligned));
}
void bootloader_unmap(const void *mapping)
{
if (mapped) {
/* Full MMU reset */
Cache_Read_Disable(0);
Cache_Flush(0);
mmu_init(0);
mapped = false;
}
}
esp_err_t bootloader_flash_read(size_t src_addr, void *dest, size_t size)
{
if(src_addr & 3) {
ESP_LOGE(TAG, "bootloader_flash_read src_addr not 4-byte aligned");
return ESP_FAIL;
}
if((intptr_t)dest & 3) {
ESP_LOGE(TAG, "bootloader_flash_read dest not 4-byte aligned");
return ESP_FAIL;
}
Cache_Read_Disable(0);
Cache_Flush(0);
SpiFlashOpResult r = SPIRead(src_addr, dest, size);
Cache_Read_Enable(0);
switch(r) {
case SPI_FLASH_RESULT_OK:
return ESP_OK;
case SPI_FLASH_RESULT_ERR:
return ESP_ERR_FLASH_OP_FAIL;
case SPI_FLASH_RESULT_TIMEOUT:
return ESP_ERR_FLASH_OP_TIMEOUT;
default:
return ESP_FAIL;
}
}
#endif

View file

@ -0,0 +1,155 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <string.h>
#include <esp_image_format.h>
#include <esp_log.h>
#include <bootloader_flash.h>
const static char *TAG = "esp_image";
#define SIXTEEN_MB 0x1000000
#define ESP_ROM_CHECKSUM_INITIAL 0xEF
esp_err_t esp_image_load_header(uint32_t src_addr, esp_image_header_t *image_header)
{
esp_err_t err;
ESP_LOGD(TAG, "reading image header @ 0x%x", src_addr);
err = bootloader_flash_read(src_addr, image_header, sizeof(esp_image_header_t));
if (err == ESP_OK) {
if (image_header->magic != ESP_IMAGE_HEADER_MAGIC) {
ESP_LOGE(TAG, "image at 0x%x has invalid magic byte", src_addr);
err = ESP_ERR_IMAGE_INVALID;
}
if (image_header->spi_mode > ESP_IMAGE_SPI_MODE_SLOW_READ) {
ESP_LOGW(TAG, "image at 0x%x has invalid SPI mode %d", src_addr, image_header->spi_mode);
}
if (image_header->spi_speed > ESP_IMAGE_SPI_SPEED_80M) {
ESP_LOGW(TAG, "image at 0x%x has invalid SPI speed %d", src_addr, image_header->spi_speed);
}
if (image_header->spi_size > ESP_IMAGE_FLASH_SIZE_MAX) {
ESP_LOGW(TAG, "image at 0x%x has invalid SPI size %d", src_addr, image_header->spi_size);
}
}
if (err != ESP_OK) {
bzero(image_header, sizeof(esp_image_header_t));
}
return err;
}
esp_err_t esp_image_load_segment_header(uint8_t index, uint32_t src_addr, const esp_image_header_t *image_header, esp_image_segment_header_t *segment_header, uint32_t *segment_data_offset)
{
esp_err_t err = ESP_OK;
uint32_t next_addr = src_addr + sizeof(esp_image_header_t);
if(index >= image_header->segment_count) {
ESP_LOGE(TAG, "index %d higher than segment count %d", index, image_header->segment_count);
return ESP_ERR_INVALID_ARG;
}
for(int i = 0; i <= index && err == ESP_OK; i++) {
err = bootloader_flash_read(next_addr, segment_header, sizeof(esp_image_segment_header_t));
if (err == ESP_OK) {
if ((segment_header->data_len & 3) != 0
|| segment_header->data_len >= SIXTEEN_MB) {
ESP_LOGE(TAG, "invalid segment length 0x%x", segment_header->data_len);
err = ESP_ERR_IMAGE_INVALID;
}
next_addr += sizeof(esp_image_segment_header_t);
*segment_data_offset = next_addr;
next_addr += segment_header->data_len;
}
}
if (err != ESP_OK) {
*segment_data_offset = 0;
bzero(segment_header, sizeof(esp_image_segment_header_t));
}
return err;
}
esp_err_t esp_image_basic_verify(uint32_t src_addr, uint32_t *p_length)
{
esp_err_t err;
uint8_t buf[16];
uint8_t checksum = ESP_ROM_CHECKSUM_INITIAL;
esp_image_header_t image_header;
esp_image_segment_header_t segment_header = { 0 };
uint32_t segment_data_offs = 0;
const uint8_t *segment_data;
uint32_t end_addr;
uint32_t length;
if (p_length != NULL) {
*p_length = 0;
}
err = esp_image_load_header(src_addr, &image_header);
if (err != ESP_OK) {
return err;
}
ESP_LOGD(TAG, "reading %d image segments", image_header.segment_count);
/* Checksum each segment's data */
for (int i = 0; i < image_header.segment_count; i++) {
err = esp_image_load_segment_header(i, src_addr, &image_header,
&segment_header, &segment_data_offs);
if (err != ESP_OK) {
return err;
}
segment_data = bootloader_mmap(segment_data_offs, segment_header.data_len);
if (segment_data == NULL) {
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", segment_data_offs, segment_header.data_len);
return ESP_FAIL;
}
for(int i = 0; i < segment_header.data_len; i++) {
checksum ^= segment_data[i];
}
bootloader_unmap(segment_data);
}
/* End of image, verify checksum */
end_addr = segment_data_offs + segment_header.data_len;
if (end_addr < src_addr) {
ESP_LOGE(TAG, "image offset has wrapped");
return ESP_ERR_IMAGE_INVALID;
}
length = end_addr - src_addr;
if (length >= SIXTEEN_MB) {
ESP_LOGE(TAG, "invalid total length 0x%x", length);
return ESP_ERR_IMAGE_INVALID;
}
/* image padded to next full 16 byte block, with checksum byte at very end */
length += 15 - (length % 16);
bootloader_flash_read(src_addr + length - 16, buf, 16);
if (checksum != buf[15]) {
ESP_LOGE(TAG, "checksum failed. Calculated 0x%x read 0x%x",
checksum, buf[15]);
return ESP_ERR_IMAGE_INVALID;
}
if (p_length != NULL) {
*p_length = length;
}
return ESP_OK;
}

View file

@ -0,0 +1,7 @@
#include <stdint.h>
#include <limits.h>
#include "esp_log.h"

View file

@ -24,54 +24,6 @@ extern "C"
#define ESP_PARTITION_TABLE_ADDR 0x4000 #define ESP_PARTITION_TABLE_ADDR 0x4000
#define ESP_PARTITION_MAGIC 0x50AA #define ESP_PARTITION_MAGIC 0x50AA
/* SPI flash mode, used in esp_image_header_t */
typedef enum {
ESP_IMAGE_SPI_MODE_QIO,
ESP_IMAGE_SPI_MODE_QOUT,
ESP_IMAGE_SPI_MODE_DIO,
ESP_IMAGE_SPI_MODE_DOUT,
ESP_IMAGE_SPI_MODE_FAST_READ,
ESP_IMAGE_SPI_MODE_SLOW_READ
} esp_image_spi_mode_t;
/* SPI flash clock frequency */
enum {
ESP_IMAGE_SPI_SPEED_40M,
ESP_IMAGE_SPI_SPEED_26M,
ESP_IMAGE_SPI_SPEED_20M,
ESP_IMAGE_SPI_SPEED_80M = 0xF
} esp_image_spi_freq_t;
/* Supported SPI flash sizes */
typedef enum {
ESP_IMAGE_FLASH_SIZE_1MB = 0,
ESP_IMAGE_FLASH_SIZE_2MB,
ESP_IMAGE_FLASH_SIZE_4MB,
ESP_IMAGE_FLASH_SIZE_8MB,
ESP_IMAGE_FLASH_SIZE_16MB,
ESP_IMAGE_FLASH_SIZE_MAX
} esp_image_flash_size_t;
/* Main header of binary image */
typedef struct {
uint8_t magic;
uint8_t blocks;
uint8_t spi_mode; /* flash read mode (esp_image_spi_mode_t as uint8_t) */
uint8_t spi_speed: 4; /* flash frequency (esp_image_spi_freq_t as uint8_t) */
uint8_t spi_size: 4; /* flash chip size (esp_image_flash_size_t as uint8_t) */
uint32_t entry_addr;
uint8_t encrypt_flag; /* encrypt flag */
uint8_t secure_boot_flag; /* secure boot flag */
uint8_t extra_header[14]; /* ESP32 additional header, unused by second bootloader */
} esp_image_header_t;
/* Header of binary image segment */
typedef struct {
uint32_t load_addr;
uint32_t data_len;
} esp_image_section_header_t;
/* OTA selection structure (two copies in the OTA data partition.) /* OTA selection structure (two copies in the OTA data partition.)
Size of 32 bytes is friendly to flash encryption */ Size of 32 bytes is friendly to flash encryption */
typedef struct { typedef struct {

View file

@ -25,7 +25,7 @@ void ets_secure_boot_start(void);
void ets_secure_boot_finish(void); void ets_secure_boot_finish(void);
void ets_secure_boot_hash(uint32_t *buf); void ets_secure_boot_hash(const uint32_t *buf);
void ets_secure_boot_obtain(void); void ets_secure_boot_obtain(void);

View file

@ -19,6 +19,10 @@
#include <stdarg.h> #include <stdarg.h>
#include "sdkconfig.h" #include "sdkconfig.h"
#ifdef BOOTLOADER_BUILD
#include <rom/ets_sys.h>
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif

View file

@ -100,7 +100,7 @@ COMPONENT_LDFLAGS :=
# #
# Debugging this? Replace $(shell with $(error and you'll see the full command as-run. # Debugging this? Replace $(shell with $(error and you'll see the full command as-run.
define GetVariable define GetVariable
$(shell "$(MAKE)" -s --no-print-directory -C $(1) -f component.mk get_variable PROJECT_PATH=$(PROJECT_PATH) GET_VARIABLE=$(2) | sed -En "s/^$(2)=(.+)/\1/p" ) $(shell "$(MAKE)" -s --no-print-directory -C $(1) -f component.mk get_variable PROJECT_PATH=$(PROJECT_PATH) GET_VARIABLE=$(2) IS_BOOTLOADER_BUILD=$(IS_BOOTLOADER_BUILD) | sed -En "s/^$(2)=(.+)/\1/p" )
endef endef
COMPONENT_INCLUDES := $(abspath $(foreach comp,$(COMPONENT_PATHS_BUILDABLE),$(addprefix $(comp)/, \ COMPONENT_INCLUDES := $(abspath $(foreach comp,$(COMPONENT_PATHS_BUILDABLE),$(addprefix $(comp)/, \