Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.
This problem is solved by 2 changes:
* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
Allows you to move the partition table, it gives more space for the bootloader.
Added a new utility - parttool.py. This utility can search for the offset and/or size of the partitions by name and type/subtype. Use for getting APP_OFFSET and PHY_DATA_OFFSET.
The linker(esp32.bootloader.ld) made changes that allow you to write a custom bootloader code more.
TW14125
Fix warnings where undefined vars are used.
Make Kconfig emit "FOO=" for unset bool options
To ensure make variables are always defined, even if empty.
When writing auto.conf, include symbols disabled by dependency to make sure all make variables are always defined.
Fixesespressif/esp-idf#137
Cherry-picked from https://github.com/espressif/esp-idf/pull/138
Makes app image booting more reliable (256-bit rather than 8-bit verification.)
Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.
(All for rev 1 silicon, ie no 340ms spurious WDT delay.)
80MHz QIO mode:
before = 300ms
after = 140ms
40MHz DIO mode:
before = 712ms
after = 577ms
40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms
(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
For config-only components, component.mk should now contain "COMPONENT_CONFIG_ONLY := 1"
Also refactored some of the generation of linker paths, library list. This required cleaning up the way the bootloader
project works, it's now mostly independent from the parent.
Fixes issue with GPIO 0 being enabled as an output on ESP32D2WD (or when setting SPI pins in efuse)
and not using Quad-I/O modes.
Ref: https://esp32.com/viewtopic.php?f=2&t=2205
* "make monitor" not passed the configured baud rate
Closes#436https://github.com/espressif/esp-idf/issues/436
* Pass toolchain prefix from sdkconfig into monitor tool
* Allow setting EOL in idf_monitor.py, use CRLF by default
* Detect if /dev/tty.X is used on macOS, warn and replace with /dev/cu.X
* If a build fails or gdb exits, ignore Ctrl-T (allowing Ctrl-T Ctrl-A/F to be same key sequence everywhere)
* Add a note about winpty on Windows
Ref 02fdf8271d (commitcomment-21369196)
Originally marked "Reset with ESP32R0 Windows workaround", but proven to be
necessary on some other platforms as well. This is now integrated into the
default esptool.py reset behaviour.
Closes#305https://github.com/espressif/esp-idf/issues/305
* New "espefuse.py set_flash_voltage" command to easily set a fix
VDD_SDIO regulator voltage (1.8V, 3.3V or disabled).
* Fixes bugs when flashing files with non-4-byte aligned lengths
(doesn't effect esp-idf image files)
* README improvements
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
Required at project level because some components use header files in
other components' submodules, and one component with a
submodule (esptool.py) doesn't have or need a component.mk.