Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
12931 commits 10 branches 75 tags 114 MiB
Commit graph

273 commits

Author SHA1 Message Date
Angus Gratton
7c7edab328 flash encryption/secure boot: Restructure documentation 
Also add steps to disable flash encryption, as some people seem to
accidentally enable it.

Explicitly mark the flash encryption and secure boot as "READ DOCS
FIRST" in menuconfig.
 2017-02-15 09:42:46 +11:00
Angus Gratton
eea2788f5a OTA: Fix issues with encrypted OTA 
- OTA source can write non-16-byte multiples of data
- Assumption that empty ota_data is 0xFFFFFFFF untrue when encrypted
 2017-01-26 18:52:35 +11:00
Angus Gratton
d8aae55eeb Flash encryption: Temporary fix for issue with stale cache reads 
Seems doing certain kinds of short reads while flash encryption is
enabled will return stale data. This fixes it, but is probably a
little heavy-handed performance wise.
 2017-01-26 18:29:18 +11:00
Tian Zhong Xing
2173ad3b45 bootloader_support: fix bug OTA & flash encryption incompatible 
ota data partition should be encrypted unconditionally when flash encrypt enable
 2017-01-26 16:20:06 +11:00
Angus Gratton
7d40f17d1d bootloader_random: Restore all SARADC/I2S registers to reset values 
Fix for issue with I2S0 not being usable after bootloader_random_enable()
 2017-01-13 12:19:13 +11:00
Angus Gratton
3922ce47b2 bootloader: Enable early boot RNG entropy source 
This reverts commit ceb8566970.
 2017-01-04 17:07:12 +11:00
Angus Gratton
3783e28f0e bootloader: Check all partitions fit inside configured flash size 2016-12-30 14:19:46 +11:00
Angus Gratton
d6fafd00db Secure boot: Option for app & partition table signing to happen outside build system 2016-12-19 13:12:05 +11:00
Angus Gratton
ceb8566970 Flash encryption / secure boot: Temporarily disable on-device key generation 
Will be enabled after seeding of HWRNG in bootloader is fully tested/qualified.
 2016-12-01 23:49:13 -08:00
Angus Gratton
a9d5e26748 Secure boot: Correctly re-sign if signing key changes, better error if missing 2016-12-01 23:49:12 -08:00
Angus Gratton
506c8cd964 secure boot & flash encryption: Rework configuration options 
Add UART bootloader disable options for flash encryption
 2016-12-01 23:49:12 -08:00
Angus Gratton
9eb135fd73 Flash encryption: Support enabling flash encryption in bootloader, app support 
* App access functions are all flash encryption-aware
* Documentation for flash encryption
* Partition read/write is flash aware
* New encrypted write function
 2016-12-01 23:49:12 -08:00
Angus Gratton
c48612e516 mbedTLS SHA acceleration: Allow concurrent digest calculation, works with TLS 
SHA hardware allows each of SHA1, SHA256, SHA384&SHA512 to calculate digests
concurrently.

Currently incompatible with AES acceleration due to a hardware reset problem.

Ref TW7111.
 2016-11-22 20:42:38 +11:00
Angus Gratton
60f29236f6 Build system: Raise warning level 
Default esp-idf builds now show -Wextra warnings (except for a few:
signed/unsigned comparison, unused parameters, old-style C declarations.)

CI building of examples runs with that level raised to -Werror, to catch
those changes going into the main repo.
 2016-11-16 15:57:34 +11:00
Angus Gratton
c15024e629 Merge branch 'master' into feature/build_component_project_vars 2016-11-14 14:54:41 +11:00
Angus Gratton
8691b54758 secure boot: Rename efuse option for UART bootloader to option for ROM interpreter 2016-11-14 11:08:42 +11:00
Angus Gratton
e459f803da secure boot: Functional partition table & app signature verification 2016-11-14 11:08:42 +11:00
Angus Gratton
fe66dd85f0 secure boot: Enable based on sdkconfig, remove "secure boot flag" from binary image 2016-11-14 11:08:42 +11:00
Angus Gratton
7402a1b973 partition_table: Move from 0x4000 to 0x8000 
Also fix a bug with correctly padding bootloader image when length is
already a multiple of 16.
 2016-11-14 11:08:42 +11:00
Angus Gratton
64f3893cb9 secure boot: Derive secure bootloader key from private key 
Means only one key needs to be managed.
 2016-11-14 11:08:42 +11:00
Angus Gratton
b5de581399 Secure boot: initial image signature support 2016-11-14 11:08:42 +11:00
Angus Gratton
98a0387854 bootloader_support: Move secure boot code to bootloader_support 2016-11-08 11:13:54 +11:00
Angus Gratton
aceb6517c0 Refactor existing bootloader common functionality into bootloader_support component 2016-11-02 17:58:41 +11:00