Merge branch 'bugfix/secure_boot_v2_part_size_check_v4.3' into 'relea…

…se/v4.3' gen_esp32part: allow secure boot v2 based app partition size 4K aligned (v4.3) See merge request espressif/esp-idf!22288
espressif · Feb 10, 2023 · 3dc1ab5 · 3dc1ab5
2 parents 3d366e1 + 726c7cd
commit 3dc1ab5
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 5 deletions.
diff --git a/components/partition_table/CMakeLists.txt b/components/partition_table/CMakeLists.txt
@@ -25,7 +25,11 @@ if(CONFIG_ESPTOOLPY_FLASHSIZE)
 endif()
 
 if(CONFIG_SECURE_BOOT AND NOT CONFIG_SECURE_BOOT_ALLOW_SHORT_APP_PARTITION)
-    set(partition_secure_opt --secure)
+    if(CONFIG_SECURE_BOOT_V2_ENABLED)
+        set(partition_secure_opt --secure v2)
+    else()
+        set(partition_secure_opt --secure v1)
+    endif()
 else()
     set(partition_secure_opt "")
 endif()

diff --git a/components/partition_table/gen_esp32part.py b/components/partition_table/gen_esp32part.py
@@ -38,6 +38,10 @@
 MIN_PARTITION_SUBTYPE_APP_OTA = 0x10
 NUM_PARTITION_SUBTYPE_APP_OTA = 16
 
+SECURE_NONE = None
+SECURE_V1 = 'v1'
+SECURE_V2 = 'v2'
+
 __version__ = '1.2'
 
 APP_TYPE = 0x00
@@ -68,9 +72,23 @@
     },
 }
 
+
+def get_alignment_size_for_type(ptype):
+    if ptype == APP_TYPE and secure == SECURE_V1:
+        # For secure boot v1 case, app partition must be 64K aligned
+        # signature block (68 bytes) lies at the very end of 64K block
+        return 0x10000
+    if ptype == APP_TYPE and secure == SECURE_V2:
+        # For secure boot v2 case, app partition must be 4K aligned
+        # signature block (4K) is kept after padding the unsigned image to 64K boundary
+        return 0x1000
+    # No specific size alignement requirement as such
+    return 0x1
+
+
 quiet = False
 md5sum = True
-secure = False
+secure = SECURE_NONE
 offset_part_table = 0
 
 
@@ -367,10 +385,12 @@ def verify(self):
         align = self.ALIGNMENT.get(self.type, 4)
         if self.offset % align:
             raise ValidationError(self, 'Offset 0x%x is not aligned to 0x%x' % (self.offset, align))
-        if self.size % align and secure:
-            raise ValidationError(self, 'Size 0x%x is not aligned to 0x%x' % (self.size, align))
         if self.size is None:
             raise ValidationError(self, 'Size field is not set')
+        if self.type == APP_TYPE and secure is not SECURE_NONE:
+            size_align = get_alignment_size_for_type(self.type)
+            if self.size % size_align:
+                raise ValidationError(self, 'Size 0x%x is not aligned to 0x%x' % (self.size, size_align))
 
         if self.name in TYPES and TYPES.get(self.name, '') != self.type:
             critical("WARNING: Partition has name '%s' which is a partition type, but does not match this partition's "
@@ -475,7 +495,7 @@ def main():
                                                'enabled by default and this flag does nothing.', action='store_true')
     parser.add_argument('--quiet', '-q', help="Don't print non-critical status messages to stderr", action='store_true')
     parser.add_argument('--offset', '-o', help='Set offset partition table', default='0x8000')
-    parser.add_argument('--secure', help='Require app partitions to be suitable for secure boot', action='store_true')
+    parser.add_argument('--secure', help='Require app partitions to be suitable for secure boot', nargs='?', const=SECURE_V1, choices=[SECURE_V1, SECURE_V2])
     parser.add_argument('input', help='Path to CSV or binary file to parse.', type=argparse.FileType('rb'))
     parser.add_argument('output', help='Path to output converted binary or CSV file. Will use stdout if omitted.',
                         nargs='?', default='-')

diff --git a/components/partition_table/test_gen_esp32part_host/gen_esp32part_tests.py b/components/partition_table/test_gen_esp32part_host/gen_esp32part_tests.py
@@ -397,6 +397,38 @@ def test_basic_cmdline(self):
 
 class VerificationTests(Py23TestCase):
 
+    def _run_genesp32(self, csvcontents, args):
+        csvpath = tempfile.mktemp()
+        with open(csvpath, 'w') as f:
+            f.write(csvcontents)
+        try:
+            output = subprocess.check_output([sys.executable, '../gen_esp32part.py', csvpath] + args, stderr=subprocess.STDOUT)
+            return output.strip()
+        except subprocess.CalledProcessError as e:
+            return e.output.strip()
+        finally:
+            os.remove(csvpath)
+
+    def test_check_secure_app_size(self):
+        sample_csv = """
+ota_0,  app, ota_0, ,  0x101000
+ota_1,  app, ota_1, ,  0x100800
+        """
+
+        def rge(args):
+            return self._run_genesp32(sample_csv, args)
+
+        # Valid test that would pass with the above partition table
+        partfile = tempfile.mktemp()
+        self.assertEqual(rge([partfile]), b'Parsing CSV input...\nVerifying table...')
+        os.remove(partfile)
+        # Failure case 1, incorrect ota_0 partition size
+        self.assertEqual(rge(['-q', '--secure', 'v1']),
+                         b'Partition ota_0 invalid: Size 0x101000 is not aligned to 0x10000')
+        # Failure case 2, incorrect ota_1 partition size
+        self.assertEqual(rge(['-q', '--secure', 'v2']),
+                         b'Partition ota_1 invalid: Size 0x100800 is not aligned to 0x1000')
+
     def test_bad_alignment(self):
         csv = """
 # Name,Type, SubType,Offset,Size