Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Firmware binaries are missing SHA256 hash of the original ELF #272

Closed
rohansingh opened this issue Jan 15, 2020 · 3 comments · Fixed by #290
Closed

Firmware binaries are missing SHA256 hash of the original ELF #272

rohansingh opened this issue Jan 15, 2020 · 3 comments · Fixed by #290

Comments

@rohansingh
Copy link
Contributor

When building binaries from an ELF, the ESP-IDF build system adds a SHA256 hash of the original ELF at offset 0xb0. This is vital for setting up ESP OTA correctly, since the SHA256 hash is an important method of checking whether the device needs to update its firmware, whether an update succeeded, etc.

In pratical terms, this means that esp_ota_get_app_description always returns an esp_app_desc_t* with an empty SHA256 hash, and esp_ota_get_app_elf_sha256 returns an empty array as well.

You can see the following logs when an ESP-IDF app built with PlatformIO boots up:

I (742) cpu_start: Application information:
I (747) cpu_start: Project name:     firmware
I (752) cpu_start: App version:      1.0.0
I (757) cpu_start: Compile time:     Jan 11 2020 01:47:20
I (763) cpu_start: ELF file SHA256:  0000000000000000...
I (769) cpu_start: ESP-IDF:          aafab7d68

The 0000000000000000 should contain the SHA256 prefix of the ELF file.
rohansingh added a commit to tidbyt/platform-espressif32 that referenced this issue Feb 26, 2020
@rohansingh
Add ELF file hash to images generated by elf2image
35619e3 
Fixes platformio#272.
rohansingh added a commit to tidbyt/platform-espressif32 that referenced this issue Feb 26, 2020
@rohansingh
Add ELF file hash to images generated by elf2image
d1c9f6e 
Fixes platformio#272.
@rohansingh rohansingh mentioned this issue Feb 26, 2020
Merged
valeros pushed a commit that referenced this issue Mar 4, 2020
@rohansingh
Add ELF file hash to images generated by elf2image (#290) // Fixes #272.
2ee164a
@ajaybhargav
Copy link

@valeros adding hash to ElfToBin will also add hash to booloader binary. So I believe this might break the bootloader?

From IDF, flag is only added if its not bootloader build:

ifndef IS_BOOTLOADER_BUILD
ESPTOOL_ELF2IMAGE_OPTIONS += --elf-sha256-offset 0xb0
endif

@rohansingh
Copy link
Contributor Author

I've been running with this patch for a while and it doesn't seem to break the bootloader. I can send another patch that restricts this to the firmware binary only though.

@ajaybhargav
Copy link

That will be appropriate and inline with IDF implementation.

valeros added a commit that referenced this issue Mar 16, 2020
@valeros
Add sha256 hash only to application elf // Issue #272, #290
4a1871d 
Bootloader uses the same ElfToBin builder, so a special emitter is used to add extra flag only for application image
This was referenced Dec 2, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add ELF file hash to images generated by elf2image tidbyt/platform-espressif32
2 participants
@rohansingh @ajaybhargav