You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by xi...@apache.org on 2022/01/01 12:37:51 UTC
[incubator-nuttx] 02/04: risc-v/esp32c3: Enable the creation of encrypted Flash partitions
This is an automated email from the ASF dual-hosted git repository.
xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
commit 25f2dc20775de8a15672687169f0191074600b1f
Author: Gustavo Henrique Nihei <gu...@espressif.com>
AuthorDate: Thu Dec 30 11:51:03 2021 -0300
risc-v/esp32c3: Enable the creation of encrypted Flash partitions
Signed-off-by: Gustavo Henrique Nihei <gu...@espressif.com>
---
arch/risc-v/src/esp32c3/Kconfig | 10 ++++++
arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c | 37 +++++++++++++++-------
arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h | 5 ++-
boards/risc-v/esp32c3/esp32c3-devkit/Kconfig | 5 +++
.../esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c | 27 ++++++++++++++--
5 files changed, 69 insertions(+), 15 deletions(-)
diff --git a/arch/risc-v/src/esp32c3/Kconfig b/arch/risc-v/src/esp32c3/Kconfig
index 7b3cdd1..1e0b498 100644
--- a/arch/risc-v/src/esp32c3/Kconfig
+++ b/arch/risc-v/src/esp32c3/Kconfig
@@ -778,6 +778,11 @@ config ESP32C3_WIFI_FS_MOUNTPT
---help---
Mount point of Wi-Fi storage file system.
+config ESP32C3_WIFI_MTD_ENCRYPT
+ bool "Encrypt Wi-Fi MTD partition"
+ default y
+ depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
config ESP32C3_WIFI_MTD_OFFSET
hex "Wi-Fi MTD partition offset"
default 0x280000 if !ESP32C3_HAVE_OTA_PARTITION
@@ -891,6 +896,11 @@ if ESP32C3_HAVE_OTA_PARTITION
comment "Application Image OTA Update support"
+config ESP32C3_OTA_PARTITION_ENCRYPT
+ bool "Encrypt OTA partitions"
+ default y
+ depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
config ESP32C3_OTA_PRIMARY_SLOT_OFFSET
hex "Application image primary slot offset"
default 0x10000
diff --git a/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c b/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c
index c9933f7..68dc75d 100644
--- a/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c
+++ b/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c
@@ -691,30 +691,40 @@ static int esp32c3_ioctl(struct mtd_dev_s *dev, int cmd,
* Name: esp32c3_spiflash_alloc_mtdpart
*
* Description:
- * Allocate SPI Flash MTD.
+ * Allocate an MTD partition from the ESP32-C3 SPI Flash.
*
* Input Parameters:
- * None
+ * mtd_offset - MTD Partition offset from the base address in SPI Flash.
+ * mtd_size - Size for the MTD partition.
+ * encrypted - Flag indicating whether the newly allocated partition will
+ * have its content encrypted.
*
* Returned Value:
- * SPI Flash MTD data pointer if success or NULL if fail.
+ * ESP32-C3 SPI Flash MTD data pointer if success or NULL if fail.
*
****************************************************************************/
struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
- uint32_t mtd_size)
+ uint32_t mtd_size,
+ bool encrypted)
{
- struct esp32c3_mtd_dev_s *priv =
- (struct esp32c3_mtd_dev_s *)&g_esp32c3_spiflash;
- const esp32c3_spiflash_chip_t *chip = &(*priv->data)->chip;
+ const struct esp32c3_mtd_dev_s *priv;
+ const esp32c3_spiflash_chip_t *chip;
struct mtd_dev_s *mtd_part;
uint32_t blocks;
uint32_t startblock;
uint32_t size;
- ASSERT((mtd_offset + mtd_size) <= chip->chip_size);
- ASSERT((mtd_offset % chip->sector_size) == 0);
- ASSERT((mtd_size % chip->sector_size) == 0);
+ if (encrypted)
+ {
+ priv = &g_esp32c3_spiflash_encrypt;
+ }
+ else
+ {
+ priv = &g_esp32c3_spiflash;
+ }
+
+ chip = &(*priv->data)->chip;
finfo("ESP32-C3 SPI Flash information:\n");
finfo("\tID = 0x%" PRIx32 "\n", chip->device_id);
@@ -724,6 +734,10 @@ struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
finfo("\tSector size = %" PRId32 " KB\n", chip->sector_size / 1024);
finfo("\tBlock size = %" PRId32 " KB\n", chip->block_size / 1024);
+ ASSERT((mtd_offset + mtd_size) <= chip->chip_size);
+ ASSERT((mtd_offset % chip->sector_size) == 0);
+ ASSERT((mtd_size % chip->sector_size) == 0);
+
if (mtd_size == 0)
{
size = chip->chip_size - mtd_offset;
@@ -739,7 +753,8 @@ struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
startblock = MTD_SIZE2BLK(priv, mtd_offset);
blocks = MTD_SIZE2BLK(priv, size);
- mtd_part = mtd_partition(&priv->mtd, startblock, blocks);
+ mtd_part = mtd_partition((struct mtd_dev_s *)&priv->mtd, startblock,
+ blocks);
if (!mtd_part)
{
ferr("ERROR: Failed to create MTD partition\n");
diff --git a/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h b/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h
index 3c3a261..1d0700a 100644
--- a/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h
+++ b/arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h
@@ -87,6 +87,8 @@ struct mtd_dev_s *esp32c3_spiflash_encrypt_mtd(void);
* Input Parameters:
* mtd_offset - MTD Partition offset from the base address in SPI Flash.
* mtd_size - Size for the MTD partition.
+ * encrypted - Flag indicating whether the newly allocated partition will
+ * have its content encrypted.
*
* Returned Value:
* SPI Flash MTD data pointer if success or NULL if fail.
@@ -94,7 +96,8 @@ struct mtd_dev_s *esp32c3_spiflash_encrypt_mtd(void);
****************************************************************************/
struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
- uint32_t mtd_size);
+ uint32_t mtd_size,
+ bool encrypted);
#ifdef __cplusplus
}
diff --git a/boards/risc-v/esp32c3/esp32c3-devkit/Kconfig b/boards/risc-v/esp32c3/esp32c3-devkit/Kconfig
index 0a8b03b..1712a03 100644
--- a/boards/risc-v/esp32c3/esp32c3-devkit/Kconfig
+++ b/boards/risc-v/esp32c3/esp32c3-devkit/Kconfig
@@ -50,6 +50,11 @@ config ESP32C3_MERGE_BINS
This is only useful when the path to binary files (e.g. bootloader)
is provided via the ESPTOOL_BINDIR variable.
+config ESP32C3_STORAGE_MTD_ENCRYPT
+ bool "Encrypt Storage MTD partition"
+ default y
+ depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
config ESP32C3_STORAGE_MTD_OFFSET
hex "Storage MTD base address in SPI Flash"
default 0x180000 if !ESP32C3_HAVE_OTA_PARTITION
diff --git a/boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c b/boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c
index 5ca5874..0c244bd 100644
--- a/boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c
+++ b/boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c
@@ -52,6 +52,24 @@
#define ARRAYSIZE(x) (sizeof((x)) / sizeof((x)[0]))
+#ifdef CONFIG_ESP32C3_OTA_PARTITION_ENCRYPT
+# define OTA_ENCRYPT true
+#else
+# define OTA_ENCRYPT false
+#endif
+
+#ifdef CONFIG_ESP32C3_WIFI_MTD_ENCRYPT
+# define WIFI_ENCRYPT true
+#else
+# define WIFI_ENCRYPT false
+#endif
+
+#ifdef CONFIG_ESP32C3_STORAGE_MTD_ENCRYPT
+# define STORAGE_ENCRYPT true
+#else
+# define STORAGE_ENCRYPT false
+#endif
+
/****************************************************************************
* Private Types
****************************************************************************/
@@ -130,7 +148,8 @@ static int init_ota_partitions(void)
for (int i = 0; i < ARRAYSIZE(g_ota_partition_table); ++i)
{
const struct ota_partition_s *part = &g_ota_partition_table[i];
- mtd = esp32c3_spiflash_alloc_mtdpart(part->offset, part->size);
+ mtd = esp32c3_spiflash_alloc_mtdpart(part->offset, part->size,
+ OTA_ENCRYPT);
ret = ftl_initialize(i, mtd);
if (ret < 0)
@@ -370,7 +389,8 @@ static int init_wifi_partition(void)
FAR struct mtd_dev_s *mtd;
mtd = esp32c3_spiflash_alloc_mtdpart(CONFIG_ESP32C3_WIFI_MTD_OFFSET,
- CONFIG_ESP32C3_WIFI_MTD_SIZE);
+ CONFIG_ESP32C3_WIFI_MTD_SIZE,
+ WIFI_ENCRYPT);
if (!mtd)
{
ferr("ERROR: Failed to alloc MTD partition of SPI Flash\n");
@@ -434,7 +454,8 @@ static int init_storage_partition(void)
FAR struct mtd_dev_s *mtd;
mtd = esp32c3_spiflash_alloc_mtdpart(CONFIG_ESP32C3_STORAGE_MTD_OFFSET,
- CONFIG_ESP32C3_STORAGE_MTD_SIZE);
+ CONFIG_ESP32C3_STORAGE_MTD_SIZE,
+ STORAGE_ENCRYPT);
if (!mtd)
{
ferr("ERROR: Failed to alloc MTD partition of SPI Flash\n");