Commit graph

185 commits

Author SHA1 Message Date
Angus Gratton
dac77846e5 security: Hide Secure Boot & Flash Encryption config items when using CMake
These features are not supported in the CMake build system preview, but previously
had to read the notice in the CMake Getting Started guide to know this.

Related to https://github.com/espressif/esp-idf/issues/4419
2020-03-09 11:18:07 +11:00
Angus Gratton
d6e333f014 Merge branch 'bugfix/bootloader_factory_reset_with_wake_up_from_deep_sleep_v3.1' into 'release/v3.1'
bootloader: Blocking the Factory reset during wake up from deep sleep (v3.1)

See merge request espressif/esp-idf!6025
2019-09-16 15:10:50 +08:00
KonstantinKondrashov
01d17d8694 bootloader: Factory reset not for deep sleep
Closes: https://github.com/espressif/esp-idf/issues/3800

Closes: IDFGH-1536
2019-09-12 22:12:25 +08:00
Angus Gratton
a4ce828d40 flash encryption: Add config option to disable any plaintext reflashes
Enabled by default when Secure Boot is on, so Flash Encryption protection
is always available in case of a Secure Boot bypass.
2019-09-10 14:29:20 +10:00
Renz Christian Bagaporo
5760e37dcc cmake: fix custom bootloader issue
Issue is that when users creates a custom bootloader from
$IDF_PATH/components/bootloader. Parent project build uses the copy but
bootloader subproject build uses the original still. The issue is solved
by passing the custom bootloader as extra component directory so
bootloader build knows to use the new copy (itself) in the build.
2019-05-27 18:45:28 +08:00
Ivan Grokhotkov
50d4ffd22e esp32: remove ROM functions redefined in IDF from LD script
In some cases, linker could choose to use ROM functions instead of the
ones defined in IDF.
For functions used in ROM stub table, this would lead to infinite
recursion when the corresponding function was called from ROM.
For crypto functions, some of these were modified in IDF, and
incompatible with ROM counterparts.
2019-01-23 16:26:14 +08:00
Angus Gratton
7d6b82673f bootloader: Fix crash enabling flash encryption
Regression in 9c715d7946
2018-11-01 14:14:18 +08:00
Mahavir Jain
12e5f25a1c bootloader: keep bootloader_common code to retention region
It is possible to utilize some of the routines related to otadata
partition validation, after firmware image is downloaded to RAM. Hence
these routines should be part of app cpu cache, so that they do not
get overwritten by firmware.

Signed-off-by: Mahavir Jain <mahavir@espressif.com>
2018-11-01 14:14:00 +08:00
Ivan Grokhotkov
9ec43e1721 bootloader: verify that loaded image does not overlap bootloader code
Fixes CVE-2018-18558
2018-10-26 12:44:58 +08:00
Angus Gratton
67ad5852f6 Secure Boot & Flash encryption: Support 3/4 Coding Scheme
Includes esptool update to v2.6-beta1
2018-10-24 23:21:17 +00:00
Angus Gratton
52413e9925 Merge branch 'feature/signature_verify_updates_v3.1' into 'release/v3.1'
secure boot: Support signed app verification without hardware secure boot  (backport v3.1)

See merge request idf/esp-idf!3184
2018-09-18 07:56:12 +08:00
Renz Bagaporo
7edf2bf66c cmake: make main a component again 2018-09-13 11:13:27 +08:00
Angus Gratton
b069b31a2c secure boot: Support secure boot signatures without hardware secure boot
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.

Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).

Requires:
* [ ] More testing
* [ ] Documentation
2018-09-04 19:10:02 +08:00
Angus Gratton
7f50bb7e7f Merge branch 'release/v3.1' into feature/cmake_v3.1 2018-08-17 14:14:10 +10:00
Angus Gratton
3eaf8f1a84 Merge branch 'bugfix/secure_boot_padding_v3_1' into 'release/v3.1'
secure boot: Fix padding issue (backport v3.1)

See merge request idf/esp-idf!2833
2018-07-25 08:59:31 +08:00
Angus Gratton
f8b191cfae secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-23 13:45:55 +10:00
Angus Gratton
0b1c461e63 bootloader: Fix warning building reflashable Secure Boot image 2018-07-16 16:59:36 +10:00
Angus Gratton
ce634ef221 bootloader: Fix secure boot & flash encryption functionality
Fixes regression in 3e0ac4db79.
2018-07-16 16:59:36 +10:00
Angus Gratton
d0b8f2865f docs: Switch base URL from esp-idf.readthedocs.io to docs.espressif.com 2018-06-19 11:23:33 +00:00
Angus Gratton
bf10447b82 cmake: Fix issues when IDF_PATH is not set in environment
Support cases where IDF_PATH may be passed in on the cmake command line,
or inferred from a (hardcoded absolute or relative) path to project.cmake
2018-06-18 14:48:03 +10:00
Angus Gratton
43b6c76bba Merge branch 'feature/expansion_space_for_bootloader' into 'master'
partition_table: Moving to custom offset

See merge request idf/esp-idf!2263
2018-06-18 12:34:53 +08:00
Ivan Grokhotkov
b2f498f7da build: allow EXCLUDE_COMPONENTS to contain quotes
'dequote' macro can’t be used at this point yet, use subst directly.
Also prevent EXCLUDE_COMPONENTS from being passed to bootloader build.
2018-06-11 23:26:56 +08:00
Konstantin Kondrashov
3e0ac4db79 partition_table: Expanding the space under the bootloader
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.

TW14125
2018-06-08 18:47:29 +05:00
Angus Gratton
6b9784cc45 Merge branch 'master' into feature/cmake_update 2018-05-31 14:46:23 +10:00
Konstantin Kondrashov
ae10abff2f bootloader: Add factory reset and start test app
Added feature:
- reset firmware to Factory app.(by long pressing of the button)
- boot Test app. (by long pressing of the button)
- Added feature erase data partitions from factory reset.

TW10281
TW10280
2018-05-24 16:56:49 +05:00
Angus Gratton
858b95a924 cmake: Add build system tests 2018-04-30 09:59:20 +10:00
Angus Gratton
1cb5712463 cmake: Add component dependency support
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
12be399762 cmake: Add link-time dependencies for linker script files
Requires some hackery around limitations in CMake's LINK_DEPENDS
2018-04-30 09:59:20 +10:00
Angus Gratton
88df8fd293 cmake: Use cmake_lint project, tidy up all CMake source files 2018-04-30 09:59:20 +10:00
Angus Gratton
abef220b13 cmake: Allow selecting toolchain file based on config
Refactor IDF "project" functionality under a wrapping of the default
"project" command, so we can tweak it a bit...

Will need more testing in other environments.
2018-04-30 09:59:20 +10:00
Angus Gratton
e94db98e73 link bootloader to libgcc (shouldn't be necessary, is necessary...) 2018-04-30 09:59:20 +10:00
Angus Gratton
3fac2b2ddc cmake: Refactor bootloader_subproject into the bootloader component itself 2018-04-30 09:59:20 +10:00
Angus Gratton
674d398c93 cmake: Add partition table, and .bin file targets 2018-04-30 09:59:20 +10:00
Angus Gratton
134f2238bd cmake: Refactor main cmake project logic 2018-04-30 09:59:20 +10:00
Angus Gratton
c671a0c3eb build system: Initial cmake support, work in progress 2018-04-30 09:59:20 +10:00
Konstantin Kondrashov
86256b3541 bootloader: Refactoring
Need to make the bootloader modular so that users can redefine its functional part.

- refactoring and moving functions to the bootloader_support component
- Changed function to `void` bootloader_utility_load_image(...);

TW19596
2018-04-17 16:36:49 +05:00
Roland Dobai
744c2dcdd9 Resolve problems found by enabling -Wwrite-strings compilation flag 2018-04-10 08:53:43 +02:00
Angus Gratton
da27816314 Merge branch 'feat/add_efuse_cpu_freq_rating' into 'master'
efuse/add cpu freq rating

See merge request idf/esp-idf!1994
2018-03-29 05:59:52 +08:00
Liu Zhi Fu
072b353b45 bootloader: force SDIO 1.9V if flash is 80M
If the SPI flash frequency is 80M, the voltage of SDIO is 1.9V,
otherwise, it can configured to 1.8V or 1.9V via menuconfig.
2018-03-19 16:39:54 +08:00
Darian Leung
8b1277c55f efuse/add cpu freq rating
This commit adds support for CPU max freqeuency rating
bits in CPU. Bootloader will now print an error if attempting
to 160MHz rated ESP32 at 240MHz.

EFUSE_CHIP_VER_RESERVE has been replaced by the
frequency rating bits. Dependancies on EFUSE_CHIP_VER_RESERVE
have been changed to use EFUSE_CHIP_VER_PKG
2018-03-07 12:16:51 +08:00
Anton Maklakov
301751ede0 build system: Fix undefined variables
make/project.mk:315: warning: undefined variable `CC'
    make/project.mk:316: warning: undefined variable `LD'
    make/project.mk:317: warning: undefined variable `AR'
    make/project.mk:62: warning: undefined variable `MAKECMDGOALS'
    components/partition_table/Makefile.projbuild:24: warning: undefined variable `quote'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'BOOTLOADER_DIGEST_BIN'
    components/bootloader/Makefile.projbuild:123: warning: undefined variable 'SECURE_BOOTLOADER_KEY'
2017-12-28 19:21:34 +08:00
Angus Gratton
c69af42b96 esp32: Fix backwards compatibility for pre-v2.1 bootloaders
Older bootloaders don't set RTC_XTAL_FREQ_REG or call rtc_clk_init(),
app needs to pick this up.

Reported at
https://esp32.com/viewtopic.php?f=2&t=3939&p=17836
2017-12-18 13:45:57 +11:00
Ivan Grokhotkov
bad8d3ce57 bootloader: don't log anything before uart_console_configure is called 2017-12-08 13:15:40 +08:00
Angus Gratton
fccc30d2d5 bootloader: Only apply VDDSDIO 1.8V->1.9V if regulator is enabled
Fixes bug if regulator is disabled via efuse.
2017-11-27 10:33:41 +11:00
Alexey Gerenkov
692a890232 esp32: Adds Stack Smashing Protection Feature
These changes add posibility to enable GCC stack protector via menuconfig
for all source files in project.
2017-11-17 12:08:36 +03:00
Ivan Grokhotkov
afa9a85396 bootloader: wait for UART FIFO to be empty before switching frequency 2017-11-09 13:17:58 +08:00
Wangjialin
d034bc9ca0 bootloader: add configuration of flash pins and VDDIO boost 2017-11-03 16:29:56 +08:00
Ivan Grokhotkov
5a88f90a33 soc/rtc: warn if detected XTAL frequency does not match configured one
Since 9a8c0392, XTAL frequency is set to 40MHz by default, and users
of 26MHz boards need to select 26MHz manually. Most users are not aware
of this change, and existing getting started guides do not mention that
XTAL frequency needs to be set for some boards. So users are left with
garbage output from UART without any clue what to check.

This change adds a warning in case specific XTAL frequency was set, and
it does not match automatically detected one. This should help users
fix the issue.
2017-09-11 11:42:26 +08:00
krzychb
672390c458 Mass replacement of http with https urls, fixed broken urls 2017-09-06 08:16:01 +02:00
Angus Gratton
8670844acf build system: Restore ifdef/ifndef in Makefiles, clean up examples build 2017-09-05 16:11:03 +10:00