OVMS3-idf/components/bootloader
Angus Gratton 32756b165e bootloader: Add fault injection resistance to Secure Boot bootloader verification
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
2020-03-06 01:16:04 +05:30
..
subproject bootloader: Add fault injection resistance to Secure Boot bootloader verification 2020-03-06 01:16:04 +05:30
CMakeLists.txt feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30
component.mk build system: Use component.mk for all components, refactor bootloader build 2017-07-19 09:10:48 +10:00
flash_bootloader_args.in esptool_py: use passed offset and image when template is given 2019-06-21 19:48:41 +08:00
Kconfig.projbuild feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30
Makefile.projbuild feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30
project_include.cmake feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30
sdkconfig.rename feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-03-06 01:16:04 +05:30