Commit graph

271 commits

Author SHA1 Message Date
Angus Gratton
22514c1dd9 cmake: For gcc8 use linker to find paths to libc, libm, libstdc++, etc
Removes the need to know/guess the paths to these libraries. Once we are gcc 8 only, we
can remove -nostdlib and no additional arguments are needed for system libraries.

The catch is: any time IDF overrides a symbol in the toolchain sysroot, we need
an undefined linker marker to make sure this symbol is seen by linker.
2019-05-28 12:54:37 +08:00
hemal.gujarathi
865b24144e remove secure boot test mode 2019-05-23 14:13:08 +05:30
Renz Christian Bagaporo
e1db12993b bootloader: pass legacy header config variable to subproject 2019-05-21 17:03:45 +08:00
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Roland Dobai
997b29a9ca Rename Kconfig options (components/esptool_py) 2019-05-21 09:32:55 +02:00
Roland Dobai
0ae53691ba Rename Kconfig options (components/esp32) 2019-05-21 09:09:01 +02:00
Renz Christian Bagaporo
927007fdd2 cmake: fix custom bootloader issue
Issue is that when users creates a custom bootloader from
$IDF_PATH/components/bootloader. Parent project build uses the copy but
bootloader subproject build uses the original still. The issue is solved
by passing the custom bootloader as extra component directory so
bootloader build knows to use the new copy (itself) in the build.
2019-05-17 15:17:32 +08:00
Renz Christian Bagaporo
ffec9d4947 components: update with build system changes 2019-05-13 19:59:17 +08:00
suda-morris
63e4677c55 pass IDF_TARGET variable to bootloader build process 2019-05-09 14:19:02 +08:00
Michael (XIAO Xufeng)
562af8f65e global: move the soc component out of the common list
This MR removes the common dependency from every IDF components to the SOC component.

Currently, in the ``idf_functions.cmake`` script, we include the header path of SOC component by default for all components.
But for better code organization (or maybe also benifits to the compiling speed), we may remove the dependency to SOC components for most components except the driver and kernel related components.

In CMAKE, we have two kinds of header visibilities (set by include path visibility):

(Assume component A --(depends on)--> B, B is the current component)

1. public (``COMPONENT_ADD_INCLUDEDIRS``): means this path is visible to other depending components (A) (visible to A and B)
2. private (``COMPONENT_PRIV_INCLUDEDIRS``): means this path is only visible to source files inside the component (visible to B only)

and we have two kinds of depending ways:

(Assume component A --(depends on)--> B --(depends on)--> C, B is the current component)

1. public (```COMPONENT_REQUIRES```): means B can access to public include path of C. All other components rely on you (A) will also be available for the public headers. (visible to A, B)
2. private (``COMPONENT_PRIV_REQUIRES``): means B can access to public include path of C, but don't propagate this relation to other components (A). (visible to B)

1. remove the common requirement in ``idf_functions.cmake``, this makes the SOC components invisible to all other components by default.
2. if a component (for example, DRIVER) really needs the dependency to SOC, add a private dependency to SOC for it.
3. some other components that don't really depends on the SOC may still meet some errors saying "can't find header soc/...", this is because it's depended component (DRIVER) incorrectly include the header of SOC in its public headers. Moving all this kind of #include into source files, or private headers
4. Fix the include requirements for some file which miss sufficient #include directives. (Previously they include some headers by the long long long header include link)

This is a breaking change. Previous code may depends on the long include chain.
You may need to include the following headers for some files after this commit:

- soc/soc.h
- soc/soc_memory_layout.h
- driver/gpio.h
- esp_sleep.h

The major broken include chain includes:

1. esp_system.h no longer includes esp_sleep.h. The latter includes driver/gpio.h and driver/touch_pad.h.
2. ets_sys.h no longer includes soc/soc.h
3. freertos/portmacro.h no longer includes soc/soc_memory_layout.h

some peripheral headers no longer includes their hw related headers, e.g. rom/gpio.h no longer includes soc/gpio_pins.h and soc/gpio_reg.h

BREAKING CHANGE
2019-04-16 13:21:15 +08:00
Ivan Grokhotkov
e84b26f531 esp_rom: export newlib functions as strong symbols 2019-04-10 13:52:30 +08:00
suda-morris
78034879a8 make bootloader depend on IDF_TARGET 2019-04-08 11:08:06 +08:00
Angus Gratton
5136b76798 Merge branch 'feature/micro-ecc-only-in-bootloader' into 'master'
Use micro_ecc library only in bootloader

See merge request idf/esp-idf!4082
2019-04-04 14:26:48 +08:00
morris
f5b03c9ea3 misc adjustment of esp32 component 2019-04-03 19:57:46 +08:00
morris
79bb5de426 derive esp_wifi from esp32 component 2019-04-01 20:04:52 +08:00
Mahavir Jain
202f689baa bootloader: use mbedTLS for secure boot verification in firmware 2019-04-01 15:46:52 +05:30
Mahavir Jain
369e170ebc micro-ecc: move into booloader directory 2019-04-01 15:45:26 +05:30
morris
dbdb299bb1 create xtensa component
1. move xtensa specific files out of esp32 component
2. merge xtensa-debug-module component into xtensa
2019-03-27 20:24:28 +08:00
morris
a2f07b0806 move common include files from esp32 into esp_common 2019-03-26 11:57:03 +08:00
Angus Gratton
1be147c457 Merge branch 'feature/allow_components_to_declare_images_to_flash' into 'master'
Allow components to present their own images to flash

See merge request idf/esp-idf!4148
2019-03-22 11:14:37 +08:00
morris
c159984264 separate rom from esp32 component to esp_rom
1. separate rom include files and linkscript to esp_rom
2. modefiy "include rom/xxx.h" to "include esp32/rom/xxx.h"
3. Forward compatible
4. update mqtt
2019-03-21 18:51:45 +08:00
Renz Christian Bagaporo
234de8de55 cmake: Allow components to present their own images to flash 2019-03-18 03:45:22 +08:00
Konstantin Kondrashov
7626145e6d bootloader: Add support efuse component 2019-02-28 07:31:29 +00:00
Konstantin Kondrashov
e916cf52a3 bootloader: Add support of anti-rollback
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.

Closes: TW26335
2019-02-14 18:51:43 +08:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Konstantin Kondrashov
dde1fd9b94 bootloader: Add support flags for rollback app
Added
* Set actual ota_seq if both ota are init or incorrect.
* Description of rollback
* UT tests

Closes TW15459
2018-12-11 11:54:21 +08:00
Renz Christian Bagaporo
37d30c7a6e cmake: separate app from idf lib project
mbedtls: import mbedtls using unmodified cmake file
2018-11-27 13:59:24 +08:00
Renz Christian Bagaporo
3a02a12aa4 cmake: remove unecessary info passed to bootloader build 2018-11-23 16:08:47 +08:00
Anurag Kar
1f6622b2d1 CMake : Secure Boot support added 2018-11-06 17:09:55 +05:30
Ivan Grokhotkov
73d1b5a7a0 bootloader: verify that loaded image does not overlap bootloader code
Fixes CVE-2018-18558
2018-10-26 12:44:10 +08:00
Renz Bagaporo
cc774111bf cmake: Add support for test build 2018-10-20 12:07:24 +08:00
Angus Gratton
f53fef9936 Secure Boot & Flash encryption: Support 3/4 Coding Scheme
Includes esptool update to v2.6-beta1
2018-10-16 16:24:10 +11:00
Ivan Grokhotkov
9240bbb708 esp32: remove ROM functions redefined in IDF from LD script
In some cases, linker could choose to use ROM functions instead of the
ones defined in IDF.
For functions used in ROM stub table, this would lead to infinite
recursion when the corresponding function was called from ROM.
For crypto functions, some of these were modified in IDF, and
incompatible with ROM counterparts.
2018-10-02 01:20:04 +00:00
Angus Gratton
4d99513bdb bootloader: Fix crash enabling flash encryption
Regression in 9c715d7946
2018-09-26 18:26:06 +10:00
Renz Christian Bagaporo
d9939cedd9 cmake: make main a component again 2018-09-11 09:44:12 +08:00
Angus Gratton
b355854d4d Merge branch 'master' into feature/cmake 2018-09-05 10:35:04 +08:00
Ivan Grokhotkov
2469718481 Merge branch 'bugfix/check_python_order_only_prereq' into 'master'
Use check_python_dependencies everywhere as order-only-prerequisite

See merge request idf/esp-idf!3174
2018-09-04 20:31:49 +08:00
Angus Gratton
2ec0fd8fd6 Merge branch 'feature/signature_verify_updates' into 'master'
secure boot: Support signed app verification without hardware secure boot

See merge request idf/esp-idf!2814
2018-09-04 18:56:47 +08:00
Roland Dobai
f755a0371d Use check_python_dependencies everywhere as order-only-prerequisite 2018-09-03 11:42:10 +02:00
Konstantin Kondrashov
9c715d7946 bootloader_support: Fix enable rtc_wdt for resolve issue with varying supply
Eliminates the issue with the lock up in the bootloader due to a power drawdown during its operation.

Closes https://github.com/espressif/esp-idf/issues/1814
2018-09-03 05:43:01 +00:00
Angus Gratton
a9c4ed7139 Merge branch 'master' into feature/cmake 2018-08-30 18:51:01 +08:00
Mahavir Jain
4a987dacca bootloader: keep bootloader_common code to retention region
It is possible to utilize some of the routines related to otadata
partition validation, after firmware image is downloaded to RAM. Hence
these routines should be part of app cpu cache, so that they do not
get overwritten by firmware.

Signed-off-by: Mahavir Jain <mahavir@espressif.com>
2018-08-29 12:04:32 +00:00
Angus Gratton
b364f23e17 secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-08-29 17:05:29 +08:00
Roland Dobai
74fe7c82ae bootloader: Don't use check_python_dependencies in the bootloader command 2018-08-23 11:41:40 +02:00
Angus Gratton
31ae3fe683 make: Use order-only prereq to check python dependencies 2018-08-23 08:28:57 +02:00
Roland Dobai
62cad3a7d7 Add python-future by using python requirements file 2018-08-23 08:28:57 +02:00
Angus Gratton
ff2404a272 Merge branch 'master' into feature/cmake 2018-08-16 17:14:17 +10:00
Angus Gratton
e75a1129e0 Merge branch 'bugfix/bootloader_noreturn_always' into 'master'
bootloader: Ensure bootloader never returns to caller

See merge request idf/esp-idf!2815
2018-07-23 11:56:14 +08:00
Angus Gratton
f0d74b1c64 bootloader: Ensure bootloader never returns to caller
* Fixes some "noreturn" functions in bootloader utils which did return (causing fatal CPU
  exceptions).
* Marks bootloader entry as "noreturn", preventing "user code done" from stalling boot
  Partial fix for https://github.com/espressif/esp-idf/issues/1814 TW20016
  (Comprehensive fix for this issue will be enabling WDT during bootloader, coming shortly.)
2018-07-19 16:24:11 +10:00
Angus Gratton
57b601ab7f secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-17 15:33:47 +10:00
Angus Gratton
8b5a2ccb8d docs: Update Flash Encryption docs to clarify reflashing options 2018-07-13 16:18:07 +10:00
Angus Gratton
6fd6e024fc bootloader: Fix warning building reflashable Secure Boot image 2018-07-13 15:45:15 +10:00
Angus Gratton
7b9009ca5c bootloader: Fix secure boot & flash encryption functionality
Fixes regression in 3e0ac4db79.
2018-07-13 15:26:18 +10:00
Ivan Grokhotkov
5551b3f616 bootloader: move iram_seg 1k up to have better looking idf_monitor output
When 2nd stage bootloader loads the ROM bootloader, it prints a
message similar to "entry 0x40080xxx", which idf_monitor decodes
(using application ELF file) as one of the reset vectors (xxx is <
400h). This moves the iram_seg of bootloader 1k up to prevent overlap
of bootloader .text and application vectors, making the output look
nicer. There is still a chance that the entry point decodes as some
symbol in application ELF file, but at least it won't have
"Exception" in its name.
2018-07-04 12:33:11 +08:00
Angus Gratton
d0b8f2865f docs: Switch base URL from esp-idf.readthedocs.io to docs.espressif.com 2018-06-19 11:23:33 +00:00
Angus Gratton
bf10447b82 cmake: Fix issues when IDF_PATH is not set in environment
Support cases where IDF_PATH may be passed in on the cmake command line,
or inferred from a (hardcoded absolute or relative) path to project.cmake
2018-06-18 14:48:03 +10:00
Angus Gratton
43b6c76bba Merge branch 'feature/expansion_space_for_bootloader' into 'master'
partition_table: Moving to custom offset

See merge request idf/esp-idf!2263
2018-06-18 12:34:53 +08:00
Ivan Grokhotkov
b2f498f7da build: allow EXCLUDE_COMPONENTS to contain quotes
'dequote' macro can’t be used at this point yet, use subst directly.
Also prevent EXCLUDE_COMPONENTS from being passed to bootloader build.
2018-06-11 23:26:56 +08:00
Konstantin Kondrashov
3e0ac4db79 partition_table: Expanding the space under the bootloader
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.

TW14125
2018-06-08 18:47:29 +05:00
Angus Gratton
6b9784cc45 Merge branch 'master' into feature/cmake_update 2018-05-31 14:46:23 +10:00
Konstantin Kondrashov
ae10abff2f bootloader: Add factory reset and start test app
Added feature:
- reset firmware to Factory app.(by long pressing of the button)
- boot Test app. (by long pressing of the button)
- Added feature erase data partitions from factory reset.

TW10281
TW10280
2018-05-24 16:56:49 +05:00
Angus Gratton
858b95a924 cmake: Add build system tests 2018-04-30 09:59:20 +10:00
Angus Gratton
1cb5712463 cmake: Add component dependency support
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
12be399762 cmake: Add link-time dependencies for linker script files
Requires some hackery around limitations in CMake's LINK_DEPENDS
2018-04-30 09:59:20 +10:00
Angus Gratton
88df8fd293 cmake: Use cmake_lint project, tidy up all CMake source files 2018-04-30 09:59:20 +10:00
Angus Gratton
abef220b13 cmake: Allow selecting toolchain file based on config
Refactor IDF "project" functionality under a wrapping of the default
"project" command, so we can tweak it a bit...

Will need more testing in other environments.
2018-04-30 09:59:20 +10:00
Angus Gratton
e94db98e73 link bootloader to libgcc (shouldn't be necessary, is necessary...) 2018-04-30 09:59:20 +10:00
Angus Gratton
3fac2b2ddc cmake: Refactor bootloader_subproject into the bootloader component itself 2018-04-30 09:59:20 +10:00
Angus Gratton
674d398c93 cmake: Add partition table, and .bin file targets 2018-04-30 09:59:20 +10:00
Angus Gratton
134f2238bd cmake: Refactor main cmake project logic 2018-04-30 09:59:20 +10:00
Angus Gratton
c671a0c3eb build system: Initial cmake support, work in progress 2018-04-30 09:59:20 +10:00
Konstantin Kondrashov
86256b3541 bootloader: Refactoring
Need to make the bootloader modular so that users can redefine its functional part.

- refactoring and moving functions to the bootloader_support component
- Changed function to `void` bootloader_utility_load_image(...);

TW19596
2018-04-17 16:36:49 +05:00
Roland Dobai
744c2dcdd9 Resolve problems found by enabling -Wwrite-strings compilation flag 2018-04-10 08:53:43 +02:00
Angus Gratton
da27816314 Merge branch 'feat/add_efuse_cpu_freq_rating' into 'master'
efuse/add cpu freq rating

See merge request idf/esp-idf!1994
2018-03-29 05:59:52 +08:00
Liu Zhi Fu
072b353b45 bootloader: force SDIO 1.9V if flash is 80M
If the SPI flash frequency is 80M, the voltage of SDIO is 1.9V,
otherwise, it can configured to 1.8V or 1.9V via menuconfig.
2018-03-19 16:39:54 +08:00
Darian Leung
8b1277c55f efuse/add cpu freq rating
This commit adds support for CPU max freqeuency rating
bits in CPU. Bootloader will now print an error if attempting
to 160MHz rated ESP32 at 240MHz.

EFUSE_CHIP_VER_RESERVE has been replaced by the
frequency rating bits. Dependancies on EFUSE_CHIP_VER_RESERVE
have been changed to use EFUSE_CHIP_VER_PKG
2018-03-07 12:16:51 +08:00
Anton Maklakov
301751ede0 build system: Fix undefined variables
make/project.mk:315: warning: undefined variable `CC'
    make/project.mk:316: warning: undefined variable `LD'
    make/project.mk:317: warning: undefined variable `AR'
    make/project.mk:62: warning: undefined variable `MAKECMDGOALS'
    components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY'
2017-12-28 19:21:34 +08:00
Angus Gratton
c69af42b96 esp32: Fix backwards compatibility for pre-v2.1 bootloaders
Older bootloaders don't set RTC_XTAL_FREQ_REG or call rtc_clk_init(),
app needs to pick this up.

Reported at
https://esp32.com/viewtopic.php?f=2&t=3939&p=17836
2017-12-18 13:45:57 +11:00
Ivan Grokhotkov
bad8d3ce57 bootloader: don't log anything before uart_console_configure is called 2017-12-08 13:15:40 +08:00
Angus Gratton
fccc30d2d5 bootloader: Only apply VDDSDIO 1.8V->1.9V if regulator is enabled
Fixes bug if regulator is disabled via efuse.
2017-11-27 10:33:41 +11:00
Alexey Gerenkov
692a890232 esp32: Adds Stack Smashing Protection Feature
These changes add posibility to enable GCC stack protector via menuconfig
for all source files in project.
2017-11-17 12:08:36 +03:00
Ivan Grokhotkov
afa9a85396 bootloader: wait for UART FIFO to be empty before switching frequency 2017-11-09 13:17:58 +08:00
Wangjialin
d034bc9ca0 bootloader: add configuration of flash pins and VDDIO boost 2017-11-03 16:29:56 +08:00
Ivan Grokhotkov
5a88f90a33 soc/rtc: warn if detected XTAL frequency does not match configured one
Since 9a8c0392, XTAL frequency is set to 40MHz by default, and users
of 26MHz boards need to select 26MHz manually. Most users are not aware
of this change, and existing getting started guides do not mention that
XTAL frequency needs to be set for some boards. So users are left with
garbage output from UART without any clue what to check.

This change adds a warning in case specific XTAL frequency was set, and
it does not match automatically detected one. This should help users
fix the issue.
2017-09-11 11:42:26 +08:00
krzychb
672390c458 Mass replacement of http with https urls, fixed broken urls 2017-09-06 08:16:01 +02:00
Angus Gratton
8670844acf build system: Restore ifdef/ifndef in Makefiles, clean up examples build 2017-09-05 16:11:03 +10:00
Deomid Ryabkov
9903ea1c11 Add --warn-undefined-variables to MAKEFLAGS
Fix warnings where undefined vars are used.

Make Kconfig emit "FOO=" for unset bool options
To ensure make variables are always defined, even if empty.

When writing auto.conf, include symbols disabled by dependency to make sure all make variables are always defined.

Fixes espressif/esp-idf#137

Cherry-picked from https://github.com/espressif/esp-idf/pull/138
2017-09-05 16:10:46 +10:00
Angus Gratton
11a87ca811 Merge branch 'bugfix/bootloader_ota_sel' into 'master'
Fix bootloader OTA regression

See merge request !1205
2017-09-05 07:25:08 +08:00
Angus Gratton
f487bb19d7 Merge branch 'bugfix/ci_build_examples_more' into 'master'
CI build_examples: Fix build flakiness

See merge request !1191
2017-09-04 16:02:12 +08:00
Angus Gratton
c275ad4ca4 build system: Add dependencies to component clean steps
Build directory must exist, component_project_vars.mk must be generated if it is going to be.
2017-09-04 17:40:15 +10:00
Angus Gratton
1cd2ce2471 bootloader: Fix regression preventing OTA updates
Regression introduced in 43e231c.

Thanks to @yanbe for pointing out issue in https://github.com/espressif/esp-idf/pull/955

This is a different fix, tries to keep the behaviour that 43e231c was aiming to correct (unnecessarily testing an
invalid slot more than once.)
2017-09-04 17:37:28 +10:00
Jeroen Domburg
34372a091c Add initial SPI RAM support. This adds support for an ESP-PSRAM32 chip connected to the default flash pins and GPIO 16 and 17. The RAM is mapped to address 0x3F800000, but otherwise ignored by esp-idf as of yet. 2017-09-04 12:05:49 +08:00
Jeroen Domburg
518edac42f Add GD chip into qio data, so (at least my) ESP-WROVER uses QIO mode succesfully. 2017-09-01 16:53:05 +08:00
Angus Gratton
7a18575af8 flash encryption: Also always disable ROM BASIC console when enabling flash encryption 2017-08-29 14:52:00 +10:00
Angus Gratton
43e231c916 bootloader: Don't unnecessarily test OTA app slots more than once per boot
Would loop more than once through each OTA possibility, but really only
needs to try each slot once.
2017-08-23 11:19:42 +10:00
Angus Gratton
5eef5e7a5d bootloader: Fallback if OTA data is invalid
Make bootloader more robust if either OTA data or some OTA app slots are corrupt.
2017-08-15 09:42:19 +10:00
Ivan Grokhotkov
967611cfaa Revert "bootloader: Add option to build with Link Time Optimisation enabled"
This reverts commit d1b66a08c1.
2017-07-24 05:14:31 +08:00
Angus Gratton
871ba41a09 bootloader: Remove unnecessary KEEP on data/bss sections, save static RAM 2017-07-19 18:31:59 +10:00
Angus Gratton
d1b66a08c1 bootloader: Add option to build with Link Time Optimisation enabled 2017-07-19 18:31:59 +10:00
Angus Gratton
17adb40ca8 bootloader: Calculate SHA256 hash of image on every boot
Makes app image booting more reliable (256-bit rather than 8-bit verification.)

Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.

(All for rev 1 silicon, ie no 340ms spurious WDT delay.)

80MHz QIO mode:
before = 300ms
after = 140ms

40MHz DIO mode:
before = 712ms
after = 577ms

40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms

(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
2017-07-19 18:31:59 +10:00