Removes the need to know/guess the paths to these libraries. Once we are gcc 8 only, we
can remove -nostdlib and no additional arguments are needed for system libraries.
The catch is: any time IDF overrides a symbol in the toolchain sysroot, we need
an undefined linker marker to make sure this symbol is seen by linker.
Issue is that when users creates a custom bootloader from
$IDF_PATH/components/bootloader. Parent project build uses the copy but
bootloader subproject build uses the original still. The issue is solved
by passing the custom bootloader as extra component directory so
bootloader build knows to use the new copy (itself) in the build.
This MR removes the common dependency from every IDF components to the SOC component.
Currently, in the ``idf_functions.cmake`` script, we include the header path of SOC component by default for all components.
But for better code organization (or maybe also benifits to the compiling speed), we may remove the dependency to SOC components for most components except the driver and kernel related components.
In CMAKE, we have two kinds of header visibilities (set by include path visibility):
(Assume component A --(depends on)--> B, B is the current component)
1. public (``COMPONENT_ADD_INCLUDEDIRS``): means this path is visible to other depending components (A) (visible to A and B)
2. private (``COMPONENT_PRIV_INCLUDEDIRS``): means this path is only visible to source files inside the component (visible to B only)
and we have two kinds of depending ways:
(Assume component A --(depends on)--> B --(depends on)--> C, B is the current component)
1. public (```COMPONENT_REQUIRES```): means B can access to public include path of C. All other components rely on you (A) will also be available for the public headers. (visible to A, B)
2. private (``COMPONENT_PRIV_REQUIRES``): means B can access to public include path of C, but don't propagate this relation to other components (A). (visible to B)
1. remove the common requirement in ``idf_functions.cmake``, this makes the SOC components invisible to all other components by default.
2. if a component (for example, DRIVER) really needs the dependency to SOC, add a private dependency to SOC for it.
3. some other components that don't really depends on the SOC may still meet some errors saying "can't find header soc/...", this is because it's depended component (DRIVER) incorrectly include the header of SOC in its public headers. Moving all this kind of #include into source files, or private headers
4. Fix the include requirements for some file which miss sufficient #include directives. (Previously they include some headers by the long long long header include link)
This is a breaking change. Previous code may depends on the long include chain.
You may need to include the following headers for some files after this commit:
- soc/soc.h
- soc/soc_memory_layout.h
- driver/gpio.h
- esp_sleep.h
The major broken include chain includes:
1. esp_system.h no longer includes esp_sleep.h. The latter includes driver/gpio.h and driver/touch_pad.h.
2. ets_sys.h no longer includes soc/soc.h
3. freertos/portmacro.h no longer includes soc/soc_memory_layout.h
some peripheral headers no longer includes their hw related headers, e.g. rom/gpio.h no longer includes soc/gpio_pins.h and soc/gpio_reg.h
BREAKING CHANGE
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.
Closes: TW26335
In some cases, linker could choose to use ROM functions instead of the
ones defined in IDF.
For functions used in ROM stub table, this would lead to infinite
recursion when the corresponding function was called from ROM.
For crypto functions, some of these were modified in IDF, and
incompatible with ROM counterparts.
It is possible to utilize some of the routines related to otadata
partition validation, after firmware image is downloaded to RAM. Hence
these routines should be part of app cpu cache, so that they do not
get overwritten by firmware.
Signed-off-by: Mahavir Jain <mahavir@espressif.com>
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.
Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).
Requires:
* [ ] More testing
* [ ] Documentation
* Fixes some "noreturn" functions in bootloader utils which did return (causing fatal CPU
exceptions).
* Marks bootloader entry as "noreturn", preventing "user code done" from stalling boot
Partial fix for https://github.com/espressif/esp-idf/issues/1814 TW20016
(Comprehensive fix for this issue will be enabling WDT during bootloader, coming shortly.)
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.
This problem is solved by 2 changes:
* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
When 2nd stage bootloader loads the ROM bootloader, it prints a
message similar to "entry 0x40080xxx", which idf_monitor decodes
(using application ELF file) as one of the reset vectors (xxx is <
400h). This moves the iram_seg of bootloader 1k up to prevent overlap
of bootloader .text and application vectors, making the output look
nicer. There is still a chance that the entry point decodes as some
symbol in application ELF file, but at least it won't have
"Exception" in its name.
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.
TW14125
Added feature:
- reset firmware to Factory app.(by long pressing of the button)
- boot Test app. (by long pressing of the button)
- Added feature erase data partitions from factory reset.
TW10281
TW10280
Refactor IDF "project" functionality under a wrapping of the default
"project" command, so we can tweak it a bit...
Will need more testing in other environments.
Need to make the bootloader modular so that users can redefine its functional part.
- refactoring and moving functions to the bootloader_support component
- Changed function to `void` bootloader_utility_load_image(...);
TW19596
This commit adds support for CPU max freqeuency rating
bits in CPU. Bootloader will now print an error if attempting
to 160MHz rated ESP32 at 240MHz.
EFUSE_CHIP_VER_RESERVE has been replaced by the
frequency rating bits. Dependancies on EFUSE_CHIP_VER_RESERVE
have been changed to use EFUSE_CHIP_VER_PKG
Since 9a8c0392, XTAL frequency is set to 40MHz by default, and users
of 26MHz boards need to select 26MHz manually. Most users are not aware
of this change, and existing getting started guides do not mention that
XTAL frequency needs to be set for some boards. So users are left with
garbage output from UART without any clue what to check.
This change adds a warning in case specific XTAL frequency was set, and
it does not match automatically detected one. This should help users
fix the issue.
Fix warnings where undefined vars are used.
Make Kconfig emit "FOO=" for unset bool options
To ensure make variables are always defined, even if empty.
When writing auto.conf, include symbols disabled by dependency to make sure all make variables are always defined.
Fixesespressif/esp-idf#137
Cherry-picked from https://github.com/espressif/esp-idf/pull/138
Regression introduced in 43e231c.
Thanks to @yanbe for pointing out issue in https://github.com/espressif/esp-idf/pull/955
This is a different fix, tries to keep the behaviour that 43e231c was aiming to correct (unnecessarily testing an
invalid slot more than once.)
Makes app image booting more reliable (256-bit rather than 8-bit verification.)
Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.
(All for rev 1 silicon, ie no 340ms spurious WDT delay.)
80MHz QIO mode:
before = 300ms
after = 140ms
40MHz DIO mode:
before = 712ms
after = 577ms
40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms
(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)