Secure boot and Flash encryption

chriselef
Posts: 15
Joined: Wed Jun 13, 2018 11:47 am

Secure boot and Flash encryption

Postby chriselef » Wed Jul 18, 2018 10:03 am

Hello,

I am bit confused on the order of things to follow while enabling the secure boot and flash encryption.
The procedure I take is :
(I have the latest idf version)
-------------------------------------
1) make clean
2) make menuconfig (where I enable the secure boot (reflashable) and flash encryption on boot).
3) make
4) make bootloader

all make commands signing the bins with the a "secure_boot_signing_key.pem"

The commands I use to flash the device are :

1)for a 512kb spiffs partition
python /data/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 2000000 --before default_reset --after no_reset write_flash --flash_size detect 0x310000 /home/cte/spiffs.img


2)for the actual firmware and partitions
python /data/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 2000000 --before default_reset --after no_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x10000 /data/esp/iot/build/firmware.bin 0x8000 /data/esp/iot/build/partitions.bin


3)for the bootloader
a)first time
python /data/esp/esp-idf/components/esptool_py/esptool/espefuse.py burn_key secure_boot /data/esp/iot/build/bootloader/secure-bootloader-key.bin
python /data/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 2000000 --before default_reset --after no_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x1000 /data/esp/iot/build/bootloader/bootloader.bin

b)for next times
python /data/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 2000000 --before default_reset --after no_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x0 /data/esp/iot/build/bootloader/bootloader-reflash-digest.bin

All "flash" commands report "Staying in bootloader."


Then I run :
make monitor


And I get the following output when I have enabled "Verbose" output on (Bootloader log verbosity)
---------------------------------------------------------------------------
I (35) boot: ESP-IDF v3.2-dev-209-gbe81d2c 2nd stage bootloader
I (35) boot: compile time 11:22:46
I (35) boot: Enabling RNG early entropy source...
D (35) boot: magic e9
D (35) boot: segments 04
D (35) boot: spi_mode 02
D (36) boot: spi_speed 0f
D (36) boot: spi_size 02
I (36) boot: SPI Speed : 80MHz
I (36) boot: SPI Mode : DIO
I (36) boot: SPI Flash Size : 4MB
D (37) bootloader_flash: mmu set paddr=00000000 count=1
D (37) boot: mapped partition table 0x8000 at 0x3f408000
E (37) flash_parts: partition 0 invalid magic number 0x195
E (38) boot: Failed to verify partition table
E (38) boot: load partition table error!
user code done
---------------------------------------------------------------------------

and the following when I have enabled "No output" (Bootloader log verbosity)
---------------------------------------------------------------------------
Fatal exception (28): LoadProhibited
epc1=0x400813cc, epc2=0x00000000, epc3=0x00000000, excvaddr=0x0000002d, depc=0x00000000
0x400813cc: xPortGetCoreID at /data/esp/esp-idf/components/freertos/include/freertos/portable.h:208
(inlined by) ipc_task at /data/esp/esp-idf/components/esp32/ipc.c:47

---------------------------------------------------------------------------

and if I press the reset button I get
---------------------------------------------------------------------------
Fatal exception (0): IllegalInstruction
epc1=0x400813cc, epc2=0x00000000, epc3=0x00000000, excvaddr=0x00000000, depc=0x00000000
0x400813cc: xPortGetCoreID at /data/esp/esp-idf/components/freertos/include/freertos/portable.h:208
(inlined by) ipc_task at /data/esp/esp-idf/components/esp32/ipc.c:47
---------------------------------------------------------------------------


My partitions.csv looks like :
---------------------------------------------------------------------------
nvs,data,nvs,0x9000,16K
otadata,data,ota,0xd000,8K
phy_init,data,phy,0xf000,4K
factory,app,factory,0x10000,1M
ota_0,app,ota_0,0x110000,1M
ota_1,app,ota_1,0x210000,1M
storage,data,spiffs,,512K
---------------------------------------------------------------------------

I tried the same with different SPI speeds and always use make erase_flash at the beginning of the cycle.

Sorry for the long post :)

Regards
Chris

PS : If I disable the secure boot and flash encryption and then build, my firmware works as it should..

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: Secure boot and Flash encryption

Postby ESP_Angus » Thu Jul 19, 2018 12:24 am

Hi Chris,

From the steps you've given, it sounds like you're doing everything correctly. Unfortunately there are a couple of issues (one long-standing, and one a recent regression on the master branch) that you've bumped into.
chriselef wrote: And I get the following output when I have enabled "Verbose" output on (Bootloader log verbosity)
---------------------------------------------------------------------------
I (35) boot: ESP-IDF v3.2-dev-209-gbe81d2c 2nd stage bootloader
I (35) boot: compile time 11:22:46
I (35) boot: Enabling RNG early entropy source...
D (35) boot: magic e9
D (35) boot: segments 04
D (35) boot: spi_mode 02
D (36) boot: spi_speed 0f
D (36) boot: spi_size 02
I (36) boot: SPI Speed : 80MHz
I (36) boot: SPI Mode : DIO
I (36) boot: SPI Flash Size : 4MB
D (37) bootloader_flash: mmu set paddr=00000000 count=1
D (37) boot: mapped partition table 0x8000 at 0x3f408000
E (37) flash_parts: partition 0 invalid magic number 0x195
E (38) boot: Failed to verify partition table
E (38) boot: load partition table error!
user code done
There is a common issue with flash encryption & secure boot enabled, and a high log level, where the bootloader gets too big and overwrites the partition table. The maximum bootloader size is 0x7000 (28672) bytes, before it overwrites the partition table at 0x8000. You can check the size of build/bootloader/bootloader.bin to be sure.

There are two options to resolve this:

- Reduce the log verbosity level. Usually Warning will produce a small enough bootloader.
- Move the partition table to a later offset. There's a config item for this under Partition Table. If you move the partition table, you've need to change the starting offsets in your partition table CSV file. Partition table is 0x1000 bytes long, so if you move it to (say) offset 0x10000 then the first partition can't start before 0x11000.

A note in the docs about this limit was merged earlier this week but it hasn't been pushed out to GitHub yet because of an issue with our internal test/deploy system, it should be on GitHub very soon.

(Checking the bootloader binary size in the build is a little awkward with GNU Make, but once we move to CMake we plan to check it automatically as part of the build process, as well.)
chriselef wrote: and the following when I have enabled "No output" (Bootloader log verbosity)
---------------------------------------------------------------------------
Fatal exception (28): LoadProhibited
epc1=0x400813cc, epc2=0x00000000, epc3=0x00000000, excvaddr=0x0000002d, depc=0x00000000
0x400813cc: xPortGetCoreID at /data/esp/esp-idf/components/freertos/include/freertos/portable.h:208
(inlined by) ipc_task at /data/esp/esp-idf/components/esp32/ipc.c:47

---------------------------------------------------------------------------
Unfortunately there was a regression on the master branch a few weeks ago that temporarily broke secure boot. The fix was merged to "master" earlier this week also, and is in the same "waiting to deploy" state waiting for our automated test/deploy infra becomes unstuck.

If you'd rather not wait for deployment, you can check out commit 86148a740b12b which is the last commit before the regression.

Sorry for the double inconvenience. Will update you once these fixes hit GitHub (I expect this week).

chriselef
Posts: 15
Joined: Wed Jun 13, 2018 11:47 am

Re: Secure boot and Flash encryption

Postby chriselef » Thu Jul 19, 2018 8:18 am

ESP_Angus,

Thank you so much for the info... :)
I will wait for the fixes before testing and post the results here.

Best regards,
Chris

chriselef
Posts: 15
Joined: Wed Jun 13, 2018 11:47 am

Re: Secure boot and Flash encryption

Postby chriselef » Fri Jul 20, 2018 12:28 pm

Hello,

I couldn't wait for the new release to come out and tried 86148a740b12b to see how this will go. :)
It worked as expected.. esp_flash_encryption_enabled() returns true and when I dumped the data
I couldn't locate any string that there are in an un-encrypted firmware bin ..

The problem, I encounter this time was that the spiffs partition did not got encrypted
I also tried hard coding the flag in partitions.csv
------------------------------------------------------------
nvs,data,nvs,0x9000,16K
otadata,data,ota,0xd000,8K
phy_init,data,phy,0xf000,4K
factory,app,factory,0x10000,1M
ota_0,app,ota_0,0x110000,1M
ota_1,app,ota_1,0x210000,1M
storage,data,spiffs,0x310000,512K, encrypted
------------------------------------------------------------

From what I understand all app and data types should be encrypted on the first boot.
Isn't that true for spiffs ?

regards,
Chris

ESP_igrr
Posts: 2067
Joined: Tue Dec 01, 2015 8:37 am

Re: Secure boot and Flash encryption

Postby ESP_igrr » Fri Jul 20, 2018 1:43 pm

Hi chriselef,

FYI, SPIFFS is not compatible with flash encryption because it uses NAND-write method to clear bits in flash.

Bootloader encrypts partition table, apps (factor, test, OTA), and ota_data. It doesn't encrypt other types of partitions.

chriselef
Posts: 15
Joined: Wed Jun 13, 2018 11:47 am

Re: Secure boot and Flash encryption

Postby chriselef » Mon Jul 23, 2018 6:46 am

Thanks ESP_igrr..

I'll see what I can do.. I have some plain text data in that partition which I would like to be encrypted..

regards
Chris

snahmad75
Posts: 445
Joined: Wed Jan 24, 2018 6:32 pm

Re: Secure boot and Flash encryption

Postby snahmad75 » Thu Oct 11, 2018 10:41 pm

So nvs and storage does not support encryption.

Anyone can read using esptool by physical access to device.

Can I also do make erase_flash when encrypted bin / encrypted partition without know key.

Who is online

Users browsing this forum: No registered users and 110 guests