OVMS3-idf/components/esptool_py
Angus Gratton f8b191cfae secure boot: Pad to avoid data after the signature mapping into the address space
Because address space is mapped in 64KB pages, it was possible for unauthenticated data after the
app .bin to become mapped into the flash cache address space.

This problem is solved by 2 changes:

* "esptool elf2image --secure-pad" will pad the image so that the signature block ends close to the
  64KB boundary. Due to alignment constraints it will be 12 bytes too short after signing (but
  with flash encryption, these 12 bytes are still encrypted as part of the last block and can't be
  arbitrarily changed).
* By default, secure boot now requires all app partitions to be a multiple of 64KB in size.
2018-07-23 13:45:55 +10:00
..
esptool@fd8c25d216 secure boot: Pad to avoid data after the signature mapping into the address space 2018-07-23 13:45:55 +10:00
component.mk build system: Use component.mk for all components, refactor bootloader build 2017-07-19 09:10:48 +10:00
Kconfig.projbuild esptool: Update esptool.py to integrate reset fix for older dev boards 2017-03-03 15:34:04 +11:00
LICENSE Initial public version 2016-08-17 23:08:22 +08:00
Makefile.projbuild secure boot: Pad to avoid data after the signature mapping into the address space 2018-07-23 13:45:55 +10:00