- The API esp_flash_encryption_set_release_mode() by defualt programs
the XTS-AES pseudo round level efuse to level low but did not considered
any existing value that would have been programmed in the efuse bit.
For secure update without secure boot case, the encryption length for
app image must consider signature block length as well. This was
correctly handled for secure boot case but not for secure update without
secure boot.
The esp_secure_boot_verify_sbv2_signature_block() and esp_secure_boot_verify_rsa_signature_block()
APIs need and use the verified_digest argument only for BOOTLOADER_BUILD, but the argument is
not used in the application code, and the value present in verified_digest is considered invalid.
Thus, allow passing NULL as the verified_digest parameter to help some save space.
For secure app verification during OTA update case, the image was
getting memory mapped twice and hence the failure in verification.
Modified from memory mapped flash read to SPI flash read approach
for the MMU page size from image header.
Regression from 07318a4987
Closes https://github.com/espressif/esp-idf/issues/15936
flash 32-bit-addr is an experimental feature that has multiple
dependencies, e.g. flash chip vendor, etc.
If CONFIG_BOOTLOADER_CACHE_32BIT_ADDR_QUAD_FLASH can be enabled
successfully and tests are passed, we can allow images to be
placed on higher-than-16MB flash addresses
This commit removes the disabling of the LP Timer interrupt from the
bootloader clock configuration routine. This allows the LP Timer
interrupt to be visible to the LP Core after HP CPU boots up.
Closes https://github.com/espressif/esp-idf/issues/15751
This commit have updated check for max chip revision along with min chip revision.
Also added qemu based pytest to verify chip revision while performing OTA.
- Secure boot V2 verification failed when multiple keys are used to sign the bootloader
and the application is signed with a key other than the first key that is used to
sign the bootloader.
- The issue was introduced as a regression from the commit `ff16ce43`.
- Added a QEMU test for recreating the issue.
- Made SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT independent of SECURE_BOOT_BUILD_SIGNED_BINARIES.
