blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 09:09:10 -04:00
Code Issues Projects Releases Wiki Activity

feat(esp_https_ota): added check for revision check while performing OTA

Browse Source 
This commit added check to verify revision while performing OTA process.
OTA with version greater than chip revision will be prohibited.
This commit is contained in:
nilesh.kale 2025-02-25 16:46:22 +05:30
parent bf51415d86
commit 714ebfc0d1
5 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
components/esp_https_ota/include/esp_https_ota.h
View File

@ -29,6 +29,7 @@ typedef enum {
ESP_HTTPS_OTA_CONNECTED, /*!< Connected to server */ ESP_HTTPS_OTA_CONNECTED, /*!< Connected to server */
ESP_HTTPS_OTA_GET_IMG_DESC, /*!< Read app/bootloader description from image header */ ESP_HTTPS_OTA_GET_IMG_DESC, /*!< Read app/bootloader description from image header */
ESP_HTTPS_OTA_VERIFY_CHIP_ID, /*!< Verify chip id of new image */ ESP_HTTPS_OTA_VERIFY_CHIP_ID, /*!< Verify chip id of new image */
ESP_HTTPS_OTA_VERIFY_CHIP_REVISION, /*!< Verify chip revision of new image */
ESP_HTTPS_OTA_DECRYPT_CB, /*!< Callback to decrypt function */ ESP_HTTPS_OTA_DECRYPT_CB, /*!< Callback to decrypt function */
ESP_HTTPS_OTA_WRITE_FLASH, /*!< Flash write operation */ ESP_HTTPS_OTA_WRITE_FLASH, /*!< Flash write operation */
ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION, /*!< Boot partition update after successful ota update */ ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION, /*!< Boot partition update after successful ota update */

21
components/esp_https_ota/src/esp_https_ota.c
View File

@ -14,6 +14,7 @@
#include <sys/param.h> #include <sys/param.h>
#include <inttypes.h> #include <inttypes.h>
#include "esp_check.h" #include "esp_check.h"
#include "hal/efuse_hal.h"
ESP_EVENT_DEFINE_BASE(ESP_HTTPS_OTA_EVENT); ESP_EVENT_DEFINE_BASE(ESP_HTTPS_OTA_EVENT);
@ -203,6 +204,7 @@ static const char* ota_event_name_table[] = {
"ESP_HTTPS_OTA_CONNECTED", "ESP_HTTPS_OTA_CONNECTED",
"ESP_HTTPS_OTA_GET_IMG_DESC", "ESP_HTTPS_OTA_GET_IMG_DESC",
"ESP_HTTPS_OTA_VERIFY_CHIP_ID", "ESP_HTTPS_OTA_VERIFY_CHIP_ID",
"ESP_HTTPS_OTA_VERIFY_CHIP_REVISION",
"ESP_HTTPS_OTA_DECRYPT_CB", "ESP_HTTPS_OTA_DECRYPT_CB",
"ESP_HTTPS_OTA_WRITE_FLASH", "ESP_HTTPS_OTA_WRITE_FLASH",
"ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION", "ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION",
@ -624,6 +626,20 @@ static esp_err_t esp_ota_verify_chip_id(const void *arg)
return ESP_OK; return ESP_OK;
} }
static esp_err_t esp_ota_verify_chip_revision(const void *arg)
{
esp_image_header_t *data = (esp_image_header_t *)(arg);
esp_https_ota_dispatch_event(ESP_HTTPS_OTA_VERIFY_CHIP_REVISION, (void *)(&data->min_chip_rev_full), sizeof(uint16_t));
uint16_t ota_img_revision = data->min_chip_rev_full;
uint32_t chip_revision = efuse_hal_chip_revision();
if (ota_img_revision > chip_revision) {
ESP_LOGE(TAG, "Image requires chip rev >= v%d.%d, but chip is v%d.%d", ota_img_revision / 100, ota_img_revision % 100, chip_revision / 100, chip_revision % 100);
return ESP_ERR_INVALID_VERSION;
}
return ESP_OK;
}
esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle) esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle)
{ {
esp_https_ota_t *handle = (esp_https_ota_t *)https_ota_handle; esp_https_ota_t *handle = (esp_https_ota_t *)https_ota_handle;
@ -685,6 +701,11 @@ esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle)
if (err != ESP_OK) { if (err != ESP_OK) {
return err; return err;
} }
err = esp_ota_verify_chip_revision(data_buf);
if (err != ESP_OK) {
return err;
}
} }
return _ota_write(handle, data_buf, binary_file_len); return _ota_write(handle, data_buf, binary_file_len);
case ESP_HTTPS_OTA_RESUME: case ESP_HTTPS_OTA_RESUME:

4
docs/en/api-reference/system/esp_https_ota.rst
View File

@ -121,6 +121,9 @@ Event Handler Example
case ESP_HTTPS_OTA_VERIFY_CHIP_ID: case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data); ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
break; break;
case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(uint16_t *)event_data);
break;
case ESP_HTTPS_OTA_DECRYPT_CB: case ESP_HTTPS_OTA_DECRYPT_CB:
ESP_LOGI(TAG, "Callback to decrypt function"); ESP_LOGI(TAG, "Callback to decrypt function");
break; break;
@ -146,6 +149,7 @@ Expected data type for different ESP HTTPS OTA events in the system event loop:
- ESP_HTTPS_OTA_CONNECTED : ``NULL`` - ESP_HTTPS_OTA_CONNECTED : ``NULL``
- ESP_HTTPS_OTA_GET_IMG_DESC : ``NULL`` - ESP_HTTPS_OTA_GET_IMG_DESC : ``NULL``
- ESP_HTTPS_OTA_VERIFY_CHIP_ID : ``esp_chip_id_t`` - ESP_HTTPS_OTA_VERIFY_CHIP_ID : ``esp_chip_id_t``
- ESP_HTTPS_OTA_VERIFY_CHIP_REVISION : ``uint16_t``
- ESP_HTTPS_OTA_DECRYPT_CB : ``NULL`` - ESP_HTTPS_OTA_DECRYPT_CB : ``NULL``
- ESP_HTTPS_OTA_WRITE_FLASH : ``int`` - ESP_HTTPS_OTA_WRITE_FLASH : ``int``
- ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION : ``esp_partition_subtype_t`` - ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION : ``esp_partition_subtype_t``

4
docs/zh_CN/api-reference/system/esp_https_ota.rst
View File

@ -121,6 +121,9 @@ ESP HTTPS OTA 过程中可能发生各种系统事件。当特定事件发生时
case ESP_HTTPS_OTA_VERIFY_CHIP_ID: case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data); ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
break; break;
case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(uint16_t *)event_data);
break;
case ESP_HTTPS_OTA_DECRYPT_CB: case ESP_HTTPS_OTA_DECRYPT_CB:
ESP_LOGI(TAG, "Callback to decrypt function"); ESP_LOGI(TAG, "Callback to decrypt function");
break; break;
@ -146,6 +149,7 @@ ESP HTTPS OTA 过程中可能发生各种系统事件。当特定事件发生时
- ESP_HTTPS_OTA_CONNECTED : ``NULL`` - ESP_HTTPS_OTA_CONNECTED : ``NULL``
- ESP_HTTPS_OTA_GET_IMG_DESC : ``NULL`` - ESP_HTTPS_OTA_GET_IMG_DESC : ``NULL``
- ESP_HTTPS_OTA_VERIFY_CHIP_ID : ``esp_chip_id_t`` - ESP_HTTPS_OTA_VERIFY_CHIP_ID : ``esp_chip_id_t``
- ESP_HTTPS_OTA_VERIFY_CHIP_REVISION : ``uint16_t``
- ESP_HTTPS_OTA_DECRYPT_CB : ``NULL`` - ESP_HTTPS_OTA_DECRYPT_CB : ``NULL``
- ESP_HTTPS_OTA_WRITE_FLASH : ``int`` - ESP_HTTPS_OTA_WRITE_FLASH : ``int``
- ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION : ``esp_partition_subtype_t`` - ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION : ``esp_partition_subtype_t``

3
examples/system/ota/advanced_https_ota/main/advanced_https_ota_example.c
View File

@ -148,6 +148,9 @@ static void event_handler(void* arg, esp_event_base_t event_base,
case ESP_HTTPS_OTA_VERIFY_CHIP_ID: case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data); ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
break; break;
case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(esp_chip_id_t *)event_data);
break;
case ESP_HTTPS_OTA_DECRYPT_CB: case ESP_HTTPS_OTA_DECRYPT_CB:
ESP_LOGI(TAG, "Callback to decrypt function"); ESP_LOGI(TAG, "Callback to decrypt function");
break; break;