espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-01 03:34:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/secure_boot_regression_partitions_v3_1' into 'release/v3.1'

Browse Source 
Fix secure boot & flash encryption regression, don't verify partitions as part of secure boot (backport)

See merge request idf/esp-idf!2779
This commit is contained in:
Angus Gratton
2018-07-20 09:12:20 +08:00
parent afdc73c8ab 0b1c461e63
commit b87c822d59
7 changed files with 25 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/bootloader/Makefile.projbuild
View File

@@ -107,7 +107,7 @@ bootloader: $(BOOTLOADER_DIGEST_BIN)
$(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY)
@echo "DIGEST $(notdir $@)" @echo "DIGEST $(notdir $@)"
$(Q) $(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $< $(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<
else # CONFIG_SECURE_BOOT_ENABLED && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE && !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH else # CONFIG_SECURE_BOOT_ENABLED && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE && !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH
bootloader: bootloader:

16
components/bootloader/subproject/main/esp32.bootloader.ld
View File

@@ -36,19 +36,25 @@ SECTIONS
*(.iram1 .iram1.*) /* catch stray IRAM_ATTR */ *(.iram1 .iram1.*) /* catch stray IRAM_ATTR */
*liblog.a:(.literal .text .literal.* .text.*) *liblog.a:(.literal .text .literal.* .text.*)
*libgcc.a:(.literal .text .literal.* .text.*) *libgcc.a:(.literal .text .literal.* .text.*)
*libbootloader_support.a:bootloader_utility.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:esp_image_format.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:bootloader_random.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:bootloader_flash.o(.literal .text .literal.* .text.*) *libbootloader_support.a:bootloader_flash.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:flash_partitions.o(.literal .text .literal.* .text.*) *libbootloader_support.a:bootloader_random.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:bootloader_utility.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:bootloader_sha.o(.literal .text .literal.* .text.*) *libbootloader_support.a:bootloader_sha.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:efuse.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:esp_image_format.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:flash_encrypt.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:flash_partitions.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:secure_boot.o(.literal .text .literal.* .text.*)
*libbootloader_support.a:secure_boot_signatures.o(.literal .text .literal.* .text.*)
*libmicro-ecc.a:*.o(.literal .text .literal.* .text.*)
*libspi_flash.a:*.o(.literal .text .literal.* .text.*)
*(.fini.literal) *(.fini.literal)
*(.fini) *(.fini)
*(.gnu.version) *(.gnu.version)
_text_end = ABSOLUTE(.); _text_end = ABSOLUTE(.);
_etext = .; _etext = .;
} > iram_loader_seg } > iram_loader_seg
.iram.text : .iram.text :
{ {
. = ALIGN (16); . = ALIGN (16);

11
components/bootloader_support/include/esp_flash_partitions.h
View File

@@ -27,7 +27,7 @@
#define ESP_PARTITION_TABLE_MAX_LEN 0xC00 /* Maximum length of partition table data */ #define ESP_PARTITION_TABLE_MAX_LEN 0xC00 /* Maximum length of partition table data */
#define ESP_PARTITION_TABLE_MAX_ENTRIES (ESP_PARTITION_TABLE_MAX_LEN / sizeof(esp_partition_info_t)) /* Maximum length of partition table data, including terminating entry */ #define ESP_PARTITION_TABLE_MAX_ENTRIES (ESP_PARTITION_TABLE_MAX_LEN / sizeof(esp_partition_info_t)) /* Maximum length of partition table data, including terminating entry */
/* @brief Verify the partition table (does not include verifying secure boot cryptographic signature) /* @brief Verify the partition table
* *
* @param partition_table Pointer to at least ESP_PARTITION_TABLE_MAX_ENTRIES of potential partition table data. (ESP_PARTITION_TABLE_MAX_LEN bytes.) * @param partition_table Pointer to at least ESP_PARTITION_TABLE_MAX_ENTRIES of potential partition table data. (ESP_PARTITION_TABLE_MAX_LEN bytes.)
* @param log_errors Log errors if the partition table is invalid. * @param log_errors Log errors if the partition table is invalid.
@@ -35,6 +35,13 @@
* *
* @return ESP_OK on success, ESP_ERR_INVALID_STATE if partition table is not valid. * @return ESP_OK on success, ESP_ERR_INVALID_STATE if partition table is not valid.
*/ */
esp_err_t esp_partition_table_basic_verify(const esp_partition_info_t *partition_table, bool log_errors, int *num_partitions); esp_err_t esp_partition_table_verify(const esp_partition_info_t *partition_table, bool log_errors, int *num_partitions);
/* This function is included for compatibility with the ESP-IDF v3.x API */
inline static __attribute__((deprecated)) esp_err_t esp_partition_table_basic_verify(const esp_partition_info_t *partition_table, bool log_errors, int *num_partitions)
{
return esp_partition_table_verify(partition_table, log_errors, num_partitions);
}
#endif #endif

14
components/bootloader_support/src/bootloader_common.c
View File

@@ -100,18 +100,6 @@ bool bootloader_common_erase_part_type_data(const char *list_erase, bool ota_dat
int num_partitions; int num_partitions;
bool ret = true; bool ret = true;
#ifdef CONFIG_SECURE_BOOT_ENABLED
if (esp_secure_boot_enabled()) {
ESP_LOGI(TAG, "Verifying partition table signature...");
err = esp_secure_boot_verify_signature(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
if (err != ESP_OK) {
ESP_LOGE(TAG, "Failed to verify partition table signature.");
return false;
}
ESP_LOGD(TAG, "Partition table signature verified");
}
#endif
partitions = bootloader_mmap(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN); partitions = bootloader_mmap(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
if (!partitions) { if (!partitions) {
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN); ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
@@ -119,7 +107,7 @@ bool bootloader_common_erase_part_type_data(const char *list_erase, bool ota_dat
} }
ESP_LOGD(TAG, "mapped partition table 0x%x at 0x%x", ESP_PARTITION_TABLE_OFFSET, (intptr_t)partitions); ESP_LOGD(TAG, "mapped partition table 0x%x at 0x%x", ESP_PARTITION_TABLE_OFFSET, (intptr_t)partitions);
err = esp_partition_table_basic_verify(partitions, true, &num_partitions); err = esp_partition_table_verify(partitions, true, &num_partitions);
if (err != ESP_OK) { if (err != ESP_OK) {
ESP_LOGE(TAG, "Failed to verify partition table"); ESP_LOGE(TAG, "Failed to verify partition table");
ret = false; ret = false;

14
components/bootloader_support/src/bootloader_utility.c
View File

@@ -72,18 +72,6 @@ bool bootloader_utility_load_partition_table(bootloader_state_t* bs)
esp_err_t err; esp_err_t err;
int num_partitions; int num_partitions;
#ifdef CONFIG_SECURE_BOOT_ENABLED
if(esp_secure_boot_enabled()) {
ESP_LOGI(TAG, "Verifying partition table signature...");
err = esp_secure_boot_verify_signature(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
if (err != ESP_OK) {
ESP_LOGE(TAG, "Failed to verify partition table signature.");
return false;
}
ESP_LOGD(TAG, "Partition table signature verified");
}
#endif
partitions = bootloader_mmap(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN); partitions = bootloader_mmap(ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
if (!partitions) { if (!partitions) {
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN); ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", ESP_PARTITION_TABLE_OFFSET, ESP_PARTITION_TABLE_MAX_LEN);
@@ -91,7 +79,7 @@ bool bootloader_utility_load_partition_table(bootloader_state_t* bs)
} }
ESP_LOGD(TAG, "mapped partition table 0x%x at 0x%x", ESP_PARTITION_TABLE_OFFSET, (intptr_t)partitions); ESP_LOGD(TAG, "mapped partition table 0x%x at 0x%x", ESP_PARTITION_TABLE_OFFSET, (intptr_t)partitions);
err = esp_partition_table_basic_verify(partitions, true, &num_partitions); err = esp_partition_table_verify(partitions, true, &num_partitions);
if (err != ESP_OK) { if (err != ESP_OK) {
ESP_LOGE(TAG, "Failed to verify partition table"); ESP_LOGE(TAG, "Failed to verify partition table");
return false; return false;

2
components/bootloader_support/src/flash_encrypt.c
View File

@@ -254,7 +254,7 @@ static esp_err_t encrypt_and_load_partition_table(esp_partition_info_t *partitio
ESP_LOGE(TAG, "Failed to read partition table data"); ESP_LOGE(TAG, "Failed to read partition table data");
return err; return err;
} }
if (esp_partition_table_basic_verify(partition_table, false, num_partitions) == ESP_OK) { if (esp_partition_table_verify(partition_table, false, num_partitions) == ESP_OK) {
ESP_LOGD(TAG, "partition table is plaintext. Encrypting..."); ESP_LOGD(TAG, "partition table is plaintext. Encrypting...");
esp_err_t err = esp_flash_encrypt_region(ESP_PARTITION_TABLE_OFFSET, esp_err_t err = esp_flash_encrypt_region(ESP_PARTITION_TABLE_OFFSET,
FLASH_SECTOR_SIZE); FLASH_SECTOR_SIZE);

2
components/bootloader_support/src/flash_partitions.c
View File

@@ -20,7 +20,7 @@
static const char *TAG = "flash_parts"; static const char *TAG = "flash_parts";
esp_err_t esp_partition_table_basic_verify(const esp_partition_info_t *partition_table, bool log_errors, int *num_partitions) esp_err_t esp_partition_table_verify(const esp_partition_info_t *partition_table, bool log_errors, int *num_partitions)
{ {
int md5_found = 0; int md5_found = 0;
int num_parts; int num_parts;