Merge pull request #156 from adafruit/esp32-s2-mini
Update IDF to version 4.4
This commit is contained in:
Ha Thach
GitHub
commit
dcaf5d0de7
20 changed files with 407 additions and 47 deletions
2
.github/workflows/build_esp32.yml
vendored
2
.github/workflows/build_esp32.yml
vendored
|
|
@ -50,7 +50,7 @@ jobs:
|
|||
uses: actions/setup-python@v2
|
||||
|
||||
- name: Pull ESP-IDF docker
|
||||
run: docker pull espressif/idf:release-v4.3
|
||||
run: docker pull espressif/idf:release-v4.4
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit e9cf9e2978d0187b0f83a9978391217e39946517
|
||||
Subproject commit bbe2a1bf349ab67c32805d40ce43a91f539d6b73
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
idf_component_register(PRIV_REQUIRES partition_table)
|
||||
idf_component_register(PRIV_REQUIRES partition_table esptool_py)
|
||||
|
||||
# Do not generate flash file when building bootloader or is in early expansion of the build
|
||||
if(BOOTLOADER_BUILD OR NOT CONFIG_APP_BUILD_BOOTLOADER)
|
||||
|
|
|
|||
|
|
@ -117,8 +117,8 @@ menu "Bootloader config"
|
|||
Allows to reset the device to factory settings:
|
||||
- clear one or more data partitions;
|
||||
- boot from "factory" partition.
|
||||
The factory reset will occur if there is a GPIO input pulled low while device starts up.
|
||||
See settings below.
|
||||
The factory reset will occur if there is a GPIO input held at the configured level while
|
||||
device starts up. See settings below.
|
||||
|
||||
config BOOTLOADER_NUM_PIN_FACTORY_RESET
|
||||
int "Number of the GPIO input for factory reset"
|
||||
|
|
@ -127,9 +127,23 @@ menu "Bootloader config"
|
|||
range 0 44 if IDF_TARGET_ESP32S2
|
||||
default 4
|
||||
help
|
||||
The selected GPIO will be configured as an input with internal pull-up enabled.
|
||||
To trigger a factory reset, this GPIO must be pulled low on reset.
|
||||
Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
|
||||
The selected GPIO will be configured as an input with internal pull-up enabled (note that on some SoCs.
|
||||
not all pins have an internal pull-up, consult the hardware datasheet for details.) To trigger a factory
|
||||
reset, this GPIO must be held high or low (as configured) on startup.
|
||||
|
||||
choice BOOTLOADER_FACTORY_RESET_PIN_LEVEL
|
||||
bool "Factory reset GPIO level"
|
||||
depends on BOOTLOADER_FACTORY_RESET
|
||||
default BOOTLOADER_FACTORY_RESET_PIN_LOW
|
||||
help
|
||||
Pin level for factory reset, can be triggered on low or high.
|
||||
|
||||
config BOOTLOADER_FACTORY_RESET_PIN_LOW
|
||||
bool "Reset on GPIO low"
|
||||
|
||||
config BOOTLOADER_FACTORY_RESET_PIN_HIGH
|
||||
bool "Reset on GPIO high"
|
||||
endchoice
|
||||
|
||||
config BOOTLOADER_OTA_DATA_ERASE
|
||||
bool "Clear OTA data on factory reset (select factory partition)"
|
||||
|
|
@ -197,8 +211,11 @@ menu "Bootloader config"
|
|||
depends on BOOTLOADER_WDT_ENABLE
|
||||
default n
|
||||
help
|
||||
If it is set, the client must itself reset or disable rtc_wdt in their code (app_main()).
|
||||
Otherwise rtc_wdt will be disabled before calling app_main function.
|
||||
If this option is set, the ESP-IDF app must explicitly reset, feed, or disable the rtc_wdt in
|
||||
the app's own code.
|
||||
If this option is not set (default), then rtc_wdt will be disabled by ESP-IDF before calling
|
||||
the app_main() function.
|
||||
|
||||
Use function rtc_wdt_feed() for resetting counter of rtc_wdt.
|
||||
Use function rtc_wdt_disable() for disabling rtc_wdt.
|
||||
|
||||
|
|
@ -267,10 +284,14 @@ menu "Bootloader config"
|
|||
bool "Emulate operations with efuse secure version(only test)"
|
||||
default n
|
||||
depends on BOOTLOADER_APP_ANTI_ROLLBACK
|
||||
select EFUSE_VIRTUAL
|
||||
select EFUSE_VIRTUAL_KEEP_IN_FLASH
|
||||
help
|
||||
This option allow emulate read/write operations with efuse secure version.
|
||||
It allow to test anti-rollback implemention without permanent write eFuse bits.
|
||||
In partition table should be exist this partition `emul_efuse, data, 5, , 0x2000`.
|
||||
This option allows to emulate read/write operations with all eFuses and efuse secure version.
|
||||
It allows to test anti-rollback implemention without permanent write eFuse bits.
|
||||
There should be an entry in partition table with following details: `emul_efuse, data, efuse, , 0x2000`.
|
||||
|
||||
This option enables: EFUSE_VIRTUAL and EFUSE_VIRTUAL_KEEP_IN_FLASH.
|
||||
|
||||
config BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP
|
||||
bool "Skip image validation when exiting deep sleep"
|
||||
|
|
@ -365,6 +386,15 @@ menu "Bootloader config"
|
|||
in this area of memory, you can increase it. It must be a multiple of 4 bytes.
|
||||
This area (rtc_retain_mem_t) is reserved and has access from the bootloader and an application.
|
||||
|
||||
config BOOTLOADER_FLASH_XMC_SUPPORT
|
||||
bool "Enable the support for flash chips of XMC (READ HELP FIRST)"
|
||||
default y
|
||||
help
|
||||
Perform the startup flow recommended by XMC. Please consult XMC for the details of this flow.
|
||||
XMC chips will be forbidden to be used, when this option is disabled.
|
||||
|
||||
DON'T DISABLE THIS UNLESS YOU KNOW WHAT YOU ARE DOING.
|
||||
|
||||
endmenu # Bootloader
|
||||
|
||||
|
||||
|
|
@ -394,12 +424,12 @@ menu "Security features"
|
|||
config SECURE_BOOT_SUPPORTS_RSA
|
||||
bool
|
||||
default y
|
||||
depends on ESP32_REV_MIN_3 || IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32C3
|
||||
depends on ESP32_REV_MIN_3 || IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S3
|
||||
|
||||
config SECURE_TARGET_HAS_SECURE_ROM_DL_MODE
|
||||
bool
|
||||
default y
|
||||
depends on IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32C3
|
||||
depends on IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S3
|
||||
|
||||
|
||||
config SECURE_SIGNED_APPS_NO_SECURE_BOOT
|
||||
|
|
@ -471,7 +501,8 @@ menu "Security features"
|
|||
config SECURE_BOOT
|
||||
bool "Enable hardware Secure Boot in bootloader (READ DOCS FIRST)"
|
||||
default n
|
||||
depends on IDF_TARGET_ESP32 || IDF_TARGET_ESP32S2 || ESP32C3_REV_MIN_3
|
||||
depends on IDF_TARGET_ESP32 || IDF_TARGET_ESP32S2 || ESP32C3_REV_MIN_3 || IDF_TARGET_ESP32S3
|
||||
select ESPTOOLPY_NO_STUB if !IDF_TARGET_ESP32 && !IDF_TARGET_ESP32S2
|
||||
help
|
||||
Build a bootloader which enables Secure Boot on first boot.
|
||||
|
||||
|
|
@ -634,7 +665,7 @@ menu "Security features"
|
|||
choice SECURE_FLASH_ENCRYPTION_KEYSIZE
|
||||
bool "Size of generated AES-XTS key"
|
||||
default SECURE_FLASH_ENCRYPTION_AES128
|
||||
depends on IDF_TARGET_ESP32S2 && SECURE_FLASH_ENC_ENABLED
|
||||
depends on (IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32S3) && SECURE_FLASH_ENC_ENABLED
|
||||
help
|
||||
Size of generated AES-XTS key.
|
||||
|
||||
|
|
@ -656,20 +687,24 @@ menu "Security features"
|
|||
depends on SECURE_FLASH_ENC_ENABLED
|
||||
default SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT
|
||||
help
|
||||
By default Development mode is enabled which allows UART bootloader to perform flash encryption operations
|
||||
By default Development mode is enabled which allows ROM download mode to perform flash encryption
|
||||
operations (plaintext is sent to the device, and it encrypts it internally and writes ciphertext
|
||||
to flash.) This mode is not secure, it's possible for an attacker to write their own chosen plaintext
|
||||
to flash.
|
||||
|
||||
Select Release mode only for production or manufacturing. Once enabled you can not reflash using UART
|
||||
bootloader
|
||||
Release mode should always be selected for production or manufacturing. Once enabled it's no longer
|
||||
possible for the device in ROM Download Mode to use the flash encryption hardware.
|
||||
|
||||
Refer to the Secure Boot section of the ESP-IDF Programmer's Guide for this version and
|
||||
https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html for details.
|
||||
Refer to the Flash Encryption section of the ESP-IDF Programmer's Guide for details.
|
||||
|
||||
config SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT
|
||||
bool "Development(NOT SECURE)"
|
||||
bool "Development (NOT SECURE)"
|
||||
select SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
|
||||
|
||||
config SECURE_FLASH_ENCRYPTION_MODE_RELEASE
|
||||
bool "Release"
|
||||
select PARTITION_TABLE_MD5 if !ESP32_COMPATIBLE_PRE_V3_1_BOOTLOADERS
|
||||
|
||||
endchoice
|
||||
|
||||
menu "Potentially insecure options"
|
||||
|
|
@ -730,9 +765,27 @@ menu "Security features"
|
|||
efuse when Secure Boot is enabled. This prevents any more efuses from being read protected.
|
||||
|
||||
If this option is set, it will remain possible to write the EFUSE_RD_DIS efuse field after Secure
|
||||
Boot is enabled. This may allow an attacker to read-protect the BLK2 efuse holding the public
|
||||
key digest, causing an immediate denial of service and possibly allowing an additional fault
|
||||
injection attack to bypass the signature protection.
|
||||
Boot is enabled. This may allow an attacker to read-protect the BLK2 efuse (for ESP32) and
|
||||
BLOCK4-BLOCK10 (i.e. BLOCK_KEY0-BLOCK_KEY5)(for other chips) holding the public key digest, causing an
|
||||
immediate denial of service and possibly allowing an additional fault injection attack to
|
||||
bypass the signature protection.
|
||||
|
||||
NOTE: Once a BLOCK is read-protected, the application will read all zeros from that block
|
||||
|
||||
NOTE: If "UART ROM download mode (Permanently disabled (recommended))" or
|
||||
"UART ROM download mode (Permanently switch to Secure mode (recommended))" is set,
|
||||
then it is __NOT__ possible to read/write efuses using espefuse.py utility.
|
||||
However, efuse can be read/written from the application
|
||||
|
||||
config SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS
|
||||
bool "Leave unused digest slots available (not revoke)"
|
||||
depends on SECURE_BOOT_INSECURE && !IDF_TARGET_ESP32
|
||||
default N
|
||||
help
|
||||
If not set (default), during startup in the app all unused digest slots will be revoked.
|
||||
To revoke unused slot will be called esp_efuse_set_digest_revoke(num_digest) for each digest.
|
||||
Revoking unused digest slots makes ensures that no trusted keys can be added later by an attacker.
|
||||
If set, it means that you have a plan to use unused digests slots later.
|
||||
|
||||
config SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
|
||||
bool "Leave UART bootloader encryption enabled"
|
||||
|
|
@ -781,6 +834,18 @@ menu "Security features"
|
|||
|
||||
endmenu # Potentially Insecure
|
||||
|
||||
config SECURE_FLASH_CHECK_ENC_EN_IN_APP
|
||||
bool "Check Flash Encryption enabled on app startup"
|
||||
depends on SECURE_FLASH_ENC_ENABLED
|
||||
default y
|
||||
help
|
||||
If set (default), in an app during startup code,
|
||||
there is a check of the flash encryption eFuse bit is on
|
||||
(as the bootloader should already have set it).
|
||||
The app requires this bit is on to continue work otherwise abort.
|
||||
|
||||
If not set, the app does not care if the flash encryption eFuse bit is set or not.
|
||||
|
||||
choice SECURE_UART_ROM_DL_MODE
|
||||
bool "UART ROM download mode"
|
||||
default SECURE_ENABLE_SECURE_ROM_DL_MODE if SECURE_TARGET_HAS_SECURE_ROM_DL_MODE && !SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT # NOERROR
|
||||
|
|
@ -828,6 +893,8 @@ menu "Security features"
|
|||
It is also possible to enable secure download mode at runtime by calling
|
||||
esp_efuse_enable_rom_secure_download_mode()
|
||||
|
||||
Note: Secure Download mode is not available for ESP32 (includes revisions till ECO3).
|
||||
|
||||
config SECURE_INSECURE_ALLOW_DL_MODE
|
||||
bool "UART ROM download mode (Enabled (not recommended))"
|
||||
help
|
||||
|
|
|
|||
|
|
@ -17,6 +17,8 @@ CONFIG_SECURE_BOOT_SIGNING_KEY ?=
|
|||
SECURE_BOOT_SIGNING_KEY=$(abspath $(call dequote,$(CONFIG_SECURE_BOOT_SIGNING_KEY)))
|
||||
export SECURE_BOOT_SIGNING_KEY # used by bootloader_support component
|
||||
|
||||
BOOTLOADER_SIGNED_BIN ?=
|
||||
|
||||
# Has a matching value in bootloader_support esp_flash_partitions.h
|
||||
BOOTLOADER_OFFSET := 0x1000
|
||||
|
||||
|
|
@ -25,6 +27,9 @@ BOOTLOADER_OFFSET := 0x1000
|
|||
# NB: Some variables are cleared in the environment, not
|
||||
# overriden, because they need to be re-defined in the child
|
||||
# project.
|
||||
#
|
||||
# Pass PROJECT_PATH variable, it will let the subproject look
|
||||
# for user defined bootloader component(s).
|
||||
BOOTLOADER_MAKE= +\
|
||||
PROJECT_PATH= \
|
||||
COMPONENT_DIRS= \
|
||||
|
|
@ -33,7 +38,8 @@ BOOTLOADER_MAKE= +\
|
|||
BUILD_DIR_BASE=$(BOOTLOADER_BUILD_DIR) \
|
||||
TEST_COMPONENTS= \
|
||||
TESTS_ALL= \
|
||||
EXCLUDE_COMPONENTS=
|
||||
EXCLUDE_COMPONENTS= \
|
||||
PROJECT_SOURCE_DIR=$(PROJECT_PATH)
|
||||
|
||||
.PHONY: bootloader-clean bootloader-flash bootloader-list-components bootloader $(BOOTLOADER_BIN)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
set(BOOTLOADER_OFFSET CONFIG_BOOTLOADER_OFFSET_IN_FLASH)
|
||||
set(BOOTLOADER_OFFSET ${CONFIG_BOOTLOADER_OFFSET_IN_FLASH})
|
||||
|
||||
# Do not generate flash file when building bootloader
|
||||
if(BOOTLOADER_BUILD OR NOT CONFIG_APP_BUILD_BOOTLOADER)
|
||||
|
|
@ -117,6 +117,7 @@ externalproject_add(bootloader
|
|||
CMAKE_ARGS -DSDKCONFIG=${sdkconfig} -DIDF_PATH=${idf_path} -DIDF_TARGET=${idf_target}
|
||||
-DPYTHON_DEPS_CHECKED=1 -DPYTHON=${python}
|
||||
-DEXTRA_COMPONENT_DIRS=${CMAKE_CURRENT_LIST_DIR}
|
||||
-DPROJECT_SOURCE_DIR=${PROJECT_SOURCE_DIR}
|
||||
-DBOARD=${BOARD}
|
||||
${sign_key_arg} ${ver_key_arg}
|
||||
# LEGACY_INCLUDE_COMMON_HEADERS has to be passed in via cache variable since
|
||||
|
|
|
|||
|
|
@ -15,10 +15,13 @@ if(NOT IDF_TARGET)
|
|||
"in by the parent build process.")
|
||||
endif()
|
||||
|
||||
# A number of these components are implemented as config-only when built in the bootloader
|
||||
set(COMPONENTS
|
||||
bootloader
|
||||
esptool_py
|
||||
esp_hw_support
|
||||
esp_system
|
||||
freertos
|
||||
hal
|
||||
partition_table
|
||||
soc
|
||||
|
|
@ -30,6 +33,21 @@ set(COMPONENTS
|
|||
efuse
|
||||
esp_system
|
||||
newlib)
|
||||
|
||||
# Make EXTRA_COMPONENT_DIRS variable to point to the bootloader_components directory
|
||||
# of the project being compiled
|
||||
set(PROJECT_EXTRA_COMPONENTS "${PROJECT_SOURCE_DIR}/bootloader_components")
|
||||
list(APPEND EXTRA_COMPONENT_DIRS "${PROJECT_EXTRA_COMPONENTS}")
|
||||
|
||||
# Consider each directory in project's bootloader_components as a component to be compiled
|
||||
file(GLOB proj_components RELATIVE ${PROJECT_EXTRA_COMPONENTS} ${PROJECT_EXTRA_COMPONENTS}/*)
|
||||
foreach(component ${proj_components})
|
||||
# Only directories are considered as components
|
||||
if(IS_DIRECTORY ${curdir}/${child})
|
||||
list(APPEND COMPONENTS ${component})
|
||||
endif()
|
||||
endforeach()
|
||||
|
||||
set(BOOTLOADER_BUILD 1)
|
||||
include("${IDF_PATH}/tools/cmake/project.cmake")
|
||||
set(common_req log esp_rom esp_common esp_hw_support hal newlib)
|
||||
|
|
@ -54,6 +72,9 @@ string(REPLACE ";" " " esptoolpy_write_flash
|
|||
string(REPLACE ";" " " espsecurepy "${ESPSECUREPY}")
|
||||
string(REPLACE ";" " " espefusepy "${ESPEFUSEPY}")
|
||||
|
||||
# Suppress warning: "Manually-specified variables were not used by the project: SECURE_BOOT_SIGNING_KEY"
|
||||
set(ignore_signing_key "${SECURE_BOOT_SIGNING_KEY}")
|
||||
|
||||
if(CONFIG_SECURE_BOOTLOADER_REFLASHABLE)
|
||||
if(CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_192BIT)
|
||||
set(key_digest_len 192)
|
||||
|
|
|
|||
|
|
@ -8,15 +8,16 @@ endif
|
|||
|
||||
PROJECT_NAME := bootloader
|
||||
|
||||
COMPONENTS := esp_hw_support esptool_py bootloader_support log spi_flash micro-ecc soc main efuse esp_rom hal
|
||||
COMPONENTS := esp_hw_support esptool_py bootloader_support log spi_flash micro-ecc soc main efuse esp_rom hal xtensa
|
||||
|
||||
# Clear C and CXX from top level project
|
||||
CFLAGS =
|
||||
CXXFLAGS =
|
||||
|
||||
#We cannot include the idf_target, esp_common component directly but we need their includes.
|
||||
#We cannot include the some components like idf_target, esp_common directly but we need their includes.
|
||||
CFLAGS += -I $(IDF_PATH)/components/$(IDF_TARGET)/include
|
||||
CFLAGS += -I $(IDF_PATH)/components/esp_common/include
|
||||
CFLAGS += -I $(IDF_PATH)/components/newlib/platform_include
|
||||
CFLAGS += -I $(IDF_PATH)/components/xtensa/include -I $(IDF_PATH)/components/xtensa/$(IDF_TARGET)/include
|
||||
|
||||
# The bootloader pseudo-component is also included in this build, for its Kconfig.projbuild to be included.
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
/* Copyright 2014, Kenneth MacKay. Licensed under the BSD 2-clause license.
|
||||
|
||||
Modifications Copyright 2020, Espressif Systems (Shanghai) PTE LTD. Licensed under the BSD
|
||||
2-clause license.
|
||||
*/
|
||||
/*
|
||||
* SPDX-FileCopyrightText: 2014, Kenneth MacKay
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*
|
||||
* SPDX-FileContributor: 2020-2021 Espressif Systems (Shanghai) CO LTD
|
||||
*/
|
||||
|
||||
/* uECC_verify() calls a number of static functions form here and
|
||||
uses other definitions, so we just build that whole source file here and then append
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
/* Copyright 2014, Kenneth MacKay. Licensed under the BSD 2-clause license.
|
||||
|
||||
Modifications Copyright 2020, Espressif Systems (Shanghai) PTE LTD. Licensed under the BSD
|
||||
2-clause license.
|
||||
*/
|
||||
/*
|
||||
* SPDX-FileCopyrightText: 2014, Kenneth MacKay
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*
|
||||
* SPDX-FileContributor: 2020-2021 Espressif Systems (Shanghai) CO LTD
|
||||
*/
|
||||
#pragma once
|
||||
#include "uECC.h"
|
||||
|
||||
|
|
|
|||
|
|
@ -5,8 +5,10 @@ idf_component_register(SRCS "bootloader_start.c"
|
|||
idf_build_get_property(target IDF_TARGET)
|
||||
set(scripts "ld/${target}/bootloader.ld")
|
||||
|
||||
if(NOT CONFIG_IDF_TARGET_ESP32C3)
|
||||
if(NOT CONFIG_IDF_TARGET_ESP32H2)
|
||||
list(APPEND scripts "ld/${target}/bootloader.rom.ld")
|
||||
endif()
|
||||
|
||||
target_linker_script(${COMPONENT_LIB} INTERFACE "${scripts}")
|
||||
|
||||
target_link_libraries(${COMPONENT_LIB} INTERFACE "-u bootloader_hooks_include")
|
||||
|
|
|
|||
|
|
@ -0,0 +1,38 @@
|
|||
// Copyright 2015-2021 Espressif Systems (Shanghai) PTE LTD
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
#ifndef BOOTLOADER_HOOKS_H
|
||||
#define BOOTLOADER_HOOKS_H
|
||||
|
||||
/**
|
||||
* @file The 2nd stage bootloader can be overriden or completed by an application.
|
||||
* The functions declared here are weak, and thus, are meant to be defined by a user
|
||||
* project, if required.
|
||||
* Please check `custom_bootloader` ESP-IDF examples for more details about this feature.
|
||||
*/
|
||||
|
||||
|
||||
/**
|
||||
* @brief Function executed *before* the second stage bootloader initialization,
|
||||
* if provided.
|
||||
*/
|
||||
void __attribute__((weak)) bootloader_before_init(void);
|
||||
|
||||
/**
|
||||
* @brief Function executed *after* the second stage bootloader initialization,
|
||||
* if provided.
|
||||
*/
|
||||
void __attribute__((weak)) bootloader_after_init(void);
|
||||
|
||||
#endif // BOOTLOADER_HOOKS_H
|
||||
|
|
@ -16,6 +16,7 @@
|
|||
#include "bootloader_init.h"
|
||||
#include "bootloader_utility.h"
|
||||
#include "bootloader_common.h"
|
||||
#include "bootloader_hooks.h"
|
||||
|
||||
#include "esp32s2/rom/gpio.h"
|
||||
#include "soc/cpu.h"
|
||||
|
|
@ -91,11 +92,21 @@ static void esp_reset_reason_clear_hint(void)
|
|||
*/
|
||||
void __attribute__((noreturn)) call_start_cpu0(void)
|
||||
{
|
||||
// (0. Call the before-init hook, if available)
|
||||
if (bootloader_before_init) {
|
||||
bootloader_before_init();
|
||||
}
|
||||
|
||||
// 1. Hardware initialization
|
||||
if (bootloader_init() != ESP_OK) {
|
||||
bootloader_reset();
|
||||
}
|
||||
|
||||
// (1.1 Call the after-init hook, if available)
|
||||
if (bootloader_after_init) {
|
||||
bootloader_after_init();
|
||||
}
|
||||
|
||||
#ifdef CONFIG_BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP
|
||||
// If this boot is a wake up from the deep sleep then go to the short way,
|
||||
// try to load the application which worked before deep sleep.
|
||||
|
|
@ -143,7 +154,11 @@ static int selected_boot_partition(const bootloader_state_t *bs)
|
|||
if (reset_reason != DEEPSLEEP_RESET) {
|
||||
// Factory firmware.
|
||||
#ifdef CONFIG_BOOTLOADER_FACTORY_RESET
|
||||
if (bootloader_common_check_long_hold_gpio(CONFIG_BOOTLOADER_NUM_PIN_FACTORY_RESET, CONFIG_BOOTLOADER_HOLD_TIME_GPIO) == 1) {
|
||||
bool reset_level = false;
|
||||
#if CONFIG_BOOTLOADER_FACTORY_RESET_PIN_HIGH
|
||||
reset_level = true;
|
||||
#endif
|
||||
if (bootloader_common_check_long_hold_gpio_level(CONFIG_BOOTLOADER_NUM_PIN_FACTORY_RESET, CONFIG_BOOTLOADER_HOLD_TIME_GPIO, reset_level) == GPIO_LONG_HOLD) {
|
||||
ESP_LOGI(TAG, "Detect a condition of the factory reset");
|
||||
bool ota_data_erase = false;
|
||||
#ifdef CONFIG_BOOTLOADER_OTA_DATA_ERASE
|
||||
|
|
|
|||
|
|
@ -10,8 +10,7 @@ LINKER_SCRIPTS := \
|
|||
$(COMPONENT_PATH)/ld/$(IDF_TARGET)/bootloader.rom.ld \
|
||||
$(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.ld \
|
||||
$(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.newlib-funcs.ld \
|
||||
$(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.api.ld \
|
||||
$(IDF_PATH)/components/$(IDF_TARGET)/ld/$(IDF_TARGET).peripherals.ld
|
||||
$(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.api.ld
|
||||
|
||||
# SPI driver patch for ROM is only needed in ESP32
|
||||
ifdef CONFIG_IDF_TARGET_ESP32
|
||||
|
|
|
|||
|
|
@ -43,15 +43,19 @@ SECTIONS
|
|||
*libbootloader_support.a:bootloader_flash.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_disable .text.bootloader_random_disable)
|
||||
*libesp_common.a:fpga_overrides.*(.literal.bootloader_fill_random .text.bootloader_fill_random)
|
||||
*libbootloader_support.a:bootloader_efuse_esp32.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_utility.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_sha.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_console_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_panic.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_soc.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:esp_image_format.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encrypt.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encryption_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_partitions.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_signatures_bootloader.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
|
|
|
|||
|
|
@ -36,10 +36,13 @@ SECTIONS
|
|||
*libbootloader_support.a:bootloader_sha.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_console_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_panic.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_soc.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:esp_image_format.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encrypt.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encryption_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_partitions.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_signatures_bootloader.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
|
|
@ -174,17 +177,17 @@ SECTIONS
|
|||
/**
|
||||
* Appendix: Memory Usage of ROM bootloader
|
||||
*
|
||||
* +--------+--------------+------+ 0x3FCC_B000
|
||||
* +--------+--------------+------+ 0x3FCC_AE00
|
||||
* | ^ |
|
||||
* | | |
|
||||
* | | data/bss |
|
||||
* | | |
|
||||
* | v |
|
||||
* +------------------------------+ 0x3FCD_C910
|
||||
* +------------------------------+ 0x3FCD_C710
|
||||
* | ^ |
|
||||
* | | |
|
||||
* | | stack |
|
||||
* | | |
|
||||
* | v |
|
||||
* +------------------------------+ 0x3FCD_E910
|
||||
* +------------------------------+ 0x3FCD_E710
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
/* No definition for ESP32-C3 target */
|
||||
|
|
@ -0,0 +1,190 @@
|
|||
/** Simplified memory map for the bootloader.
|
||||
* Make sure the bootloader can load into main memory without overwriting itself.
|
||||
* We put 2nd bootloader in the high address space (before ROM stack/data/bss).
|
||||
* See memory usage for ROM bootloader at the end of this file.
|
||||
*/
|
||||
|
||||
MEMORY
|
||||
{
|
||||
iram_seg (RWX) : org = 0x403CE000, len = 0x2000
|
||||
iram_loader_seg (RWX) : org = 0x403D0000, len = 0x6000
|
||||
dram_seg (RW) : org = 0x3FCD6000, len = 0x4000
|
||||
}
|
||||
|
||||
/* Default entry point: */
|
||||
ENTRY(call_start_cpu0);
|
||||
|
||||
SECTIONS
|
||||
{
|
||||
|
||||
.iram_loader.text :
|
||||
{
|
||||
. = ALIGN (16);
|
||||
_loader_text_start = ABSOLUTE(.);
|
||||
*(.stub .gnu.warning .gnu.linkonce.literal.* .gnu.linkonce.t.*.literal .gnu.linkonce.t.*)
|
||||
*(.iram1 .iram1.*) /* catch stray IRAM_ATTR */
|
||||
*liblog.a:(.literal .text .literal.* .text.*)
|
||||
*libgcc.a:(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_clock_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_common_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_flash.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_disable .text.bootloader_random_disable)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_enable .text.bootloader_random_enable)
|
||||
*libbootloader_support.a:bootloader_efuse_esp32h2.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_utility.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_sha.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_console_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_panic.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_soc.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:esp_image_format.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encrypt.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_partitions.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_signatures_bootloader.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libhal.a:wdt_hal_iram.*(.literal .text .literal.* .text.*)
|
||||
*libesp_hw_support.a:rtc_clk.*(.literal .text .literal.* .text.*)
|
||||
*libesp_hw_support.a:rtc_time.*(.literal .text .literal.* .text.*)
|
||||
*libesp_hw_support.a:regi2c_ctrl.*(.literal .text .literal.* .text.*)
|
||||
*libefuse.a:*.*(.literal .text .literal.* .text.*)
|
||||
*(.fini.literal)
|
||||
*(.fini)
|
||||
*(.gnu.version)
|
||||
_loader_text_end = ABSOLUTE(.);
|
||||
} > iram_loader_seg
|
||||
|
||||
.iram.text :
|
||||
{
|
||||
. = ALIGN (16);
|
||||
*(.entry.text)
|
||||
*(.init.literal)
|
||||
*(.init)
|
||||
} > iram_seg
|
||||
|
||||
|
||||
/* Shared RAM */
|
||||
.dram0.bss (NOLOAD) :
|
||||
{
|
||||
. = ALIGN (8);
|
||||
_dram_start = ABSOLUTE(.);
|
||||
_bss_start = ABSOLUTE(.);
|
||||
*(.dynsbss)
|
||||
*(.sbss)
|
||||
*(.sbss.*)
|
||||
*(.gnu.linkonce.sb.*)
|
||||
*(.scommon)
|
||||
*(.sbss2)
|
||||
*(.sbss2.*)
|
||||
*(.gnu.linkonce.sb2.*)
|
||||
*(.dynbss)
|
||||
*(.bss)
|
||||
*(.bss.*)
|
||||
*(.gnu.linkonce.b.*)
|
||||
*(COMMON)
|
||||
. = ALIGN (8);
|
||||
_bss_end = ABSOLUTE(.);
|
||||
} > dram_seg
|
||||
|
||||
.dram0.data :
|
||||
{
|
||||
_data_start = ABSOLUTE(.);
|
||||
*(.data)
|
||||
*(.data.*)
|
||||
*(.gnu.linkonce.d.*)
|
||||
*(.data1)
|
||||
*(.sdata)
|
||||
*(.sdata.*)
|
||||
*(.gnu.linkonce.s.*)
|
||||
*(.sdata2)
|
||||
*(.sdata2.*)
|
||||
*(.gnu.linkonce.s2.*)
|
||||
*(.jcr)
|
||||
_data_end = ABSOLUTE(.);
|
||||
} > dram_seg
|
||||
|
||||
.dram0.rodata :
|
||||
{
|
||||
_rodata_start = ABSOLUTE(.);
|
||||
*(.rodata)
|
||||
*(.rodata.*)
|
||||
*(.gnu.linkonce.r.*)
|
||||
*(.rodata1)
|
||||
__XT_EXCEPTION_TABLE_ = ABSOLUTE(.);
|
||||
*(.xt_except_table)
|
||||
*(.gcc_except_table)
|
||||
*(.gnu.linkonce.e.*)
|
||||
*(.gnu.version_r)
|
||||
*(.eh_frame)
|
||||
. = (. + 3) & ~ 3;
|
||||
/* C++ constructor and destructor tables, properly ordered: */
|
||||
__init_array_start = ABSOLUTE(.);
|
||||
KEEP (*crtbegin.*(.ctors))
|
||||
KEEP (*(EXCLUDE_FILE (*crtend.*) .ctors))
|
||||
KEEP (*(SORT(.ctors.*)))
|
||||
KEEP (*(.ctors))
|
||||
__init_array_end = ABSOLUTE(.);
|
||||
KEEP (*crtbegin.*(.dtors))
|
||||
KEEP (*(EXCLUDE_FILE (*crtend.*) .dtors))
|
||||
KEEP (*(SORT(.dtors.*)))
|
||||
KEEP (*(.dtors))
|
||||
/* C++ exception handlers table: */
|
||||
__XT_EXCEPTION_DESCS_ = ABSOLUTE(.);
|
||||
*(.xt_except_desc)
|
||||
*(.gnu.linkonce.h.*)
|
||||
__XT_EXCEPTION_DESCS_END__ = ABSOLUTE(.);
|
||||
*(.xt_except_desc_end)
|
||||
*(.dynamic)
|
||||
*(.gnu.version_d)
|
||||
_rodata_end = ABSOLUTE(.);
|
||||
/* Literals are also RO data. */
|
||||
_lit4_start = ABSOLUTE(.);
|
||||
*(*.lit4)
|
||||
*(.lit4.*)
|
||||
*(.gnu.linkonce.lit4.*)
|
||||
_lit4_end = ABSOLUTE(.);
|
||||
. = ALIGN(4);
|
||||
_dram_end = ABSOLUTE(.);
|
||||
} > dram_seg
|
||||
|
||||
.iram.text :
|
||||
{
|
||||
_stext = .;
|
||||
_text_start = ABSOLUTE(.);
|
||||
*(.literal .text .literal.* .text.* .stub .gnu.warning .gnu.linkonce.literal.* .gnu.linkonce.t.*.literal .gnu.linkonce.t.*)
|
||||
*(.iram .iram.*) /* catch stray IRAM_ATTR */
|
||||
*(.fini.literal)
|
||||
*(.fini)
|
||||
*(.gnu.version)
|
||||
|
||||
/** CPU will try to prefetch up to 16 bytes of
|
||||
* of instructions. This means that any configuration (e.g. MMU, PMS) must allow
|
||||
* safe access to up to 16 bytes after the last real instruction, add
|
||||
* dummy bytes to ensure this
|
||||
*/
|
||||
. += 16;
|
||||
|
||||
_text_end = ABSOLUTE(.);
|
||||
_etext = .;
|
||||
} > iram_seg
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Appendix: Memory Usage of ROM bootloader
|
||||
*
|
||||
* +--------+--------------+------+ 0x3FCC_B900
|
||||
* | ^ |
|
||||
* | | |
|
||||
* | | data/bss |
|
||||
* | | |
|
||||
* | v |
|
||||
* +------------------------------+ 0x3FCD_D210
|
||||
* | ^ |
|
||||
* | | |
|
||||
* | | stack |
|
||||
* | | |
|
||||
* | v |
|
||||
* +------------------------------+ 0x3FCD_F210
|
||||
*/
|
||||
|
|
@ -30,15 +30,19 @@ SECTIONS
|
|||
*libbootloader_support.a:bootloader_flash.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_disable .text.bootloader_random_disable)
|
||||
*libesp_common.a:fpga_overrides.*(.literal.bootloader_fill_random .text.bootloader_fill_random)
|
||||
*libbootloader_support.a:bootloader_efuse_esp32s2.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_utility.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_sha.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_console_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_panic.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_soc.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:esp_image_format.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encrypt.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encryption_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_partitions.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_signatures_bootloader.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
|
|
|
|||
|
|
@ -31,15 +31,19 @@ SECTIONS
|
|||
*libbootloader_support.a:bootloader_random.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_disable .text.bootloader_random_disable)
|
||||
*libbootloader_support.a:bootloader_random*.*(.literal.bootloader_random_enable .text.bootloader_random_enable)
|
||||
*libesp_common.a:fpga_overrides.*(.literal.bootloader_fill_random .text.bootloader_fill_random)
|
||||
*libbootloader_support.a:bootloader_efuse_esp32s3.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_utility.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_sha.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_console_loader.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_panic.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:bootloader_soc.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:esp_image_format.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encrypt.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_encryption_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:flash_partitions.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_secure_features.*(.literal .text .literal.* .text.*)
|
||||
*libbootloader_support.a:secure_boot_signatures_bootloader.*(.literal .text .literal.* .text.*)
|
||||
*libmicro-ecc.a:*.*(.literal .text .literal.* .text.*)
|
||||
*libspi_flash.a:*.*(.literal .text .literal.* .text.*)
|
||||
|
|
|
|||
Loading…
Reference in a new issue