From 714ebfc0d16555f1e826c7ae3590f7a196bcb91a Mon Sep 17 00:00:00 2001
From: "nilesh.kale" <nilesh.kale@espressif.com>
Date: Tue, 25 Feb 2025 16:46:22 +0530
Subject: [PATCH] feat(esp_https_ota): added check for revision check while
 performing OTA

This commit added check to verify revision while performing OTA process.
OTA with version greater than chip revision will be prohibited.
---
 .../esp_https_ota/include/esp_https_ota.h     |  1 +
 components/esp_https_ota/src/esp_https_ota.c  | 21 +++++++++++++++++++
 .../en/api-reference/system/esp_https_ota.rst |  4 ++++
 .../api-reference/system/esp_https_ota.rst    |  4 ++++
 .../main/advanced_https_ota_example.c         |  3 +++
 5 files changed, 33 insertions(+)

diff --git a/components/esp_https_ota/include/esp_https_ota.h b/components/esp_https_ota/include/esp_https_ota.h
index 6cfef10f8b..42bf1d1954 100644
--- a/components/esp_https_ota/include/esp_https_ota.h
+++ b/components/esp_https_ota/include/esp_https_ota.h
@@ -29,6 +29,7 @@ typedef enum {
     ESP_HTTPS_OTA_CONNECTED,                /*!< Connected to server */
     ESP_HTTPS_OTA_GET_IMG_DESC,             /*!< Read app/bootloader description from image header */
     ESP_HTTPS_OTA_VERIFY_CHIP_ID,           /*!< Verify chip id of new image */
+    ESP_HTTPS_OTA_VERIFY_CHIP_REVISION,     /*!< Verify chip revision of new image */
     ESP_HTTPS_OTA_DECRYPT_CB,               /*!< Callback to decrypt function */
     ESP_HTTPS_OTA_WRITE_FLASH,              /*!< Flash write operation */
     ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION,    /*!< Boot partition update after successful ota update */
diff --git a/components/esp_https_ota/src/esp_https_ota.c b/components/esp_https_ota/src/esp_https_ota.c
index f771f3c54c..ea140877dd 100644
--- a/components/esp_https_ota/src/esp_https_ota.c
+++ b/components/esp_https_ota/src/esp_https_ota.c
@@ -14,6 +14,7 @@
 #include <sys/param.h>
 #include <inttypes.h>
 #include "esp_check.h"
+#include "hal/efuse_hal.h"
 
 ESP_EVENT_DEFINE_BASE(ESP_HTTPS_OTA_EVENT);
 
@@ -203,6 +204,7 @@ static const char* ota_event_name_table[] = {
     "ESP_HTTPS_OTA_CONNECTED",
     "ESP_HTTPS_OTA_GET_IMG_DESC",
     "ESP_HTTPS_OTA_VERIFY_CHIP_ID",
+    "ESP_HTTPS_OTA_VERIFY_CHIP_REVISION",
     "ESP_HTTPS_OTA_DECRYPT_CB",
     "ESP_HTTPS_OTA_WRITE_FLASH",
     "ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION",
@@ -624,6 +626,20 @@ static esp_err_t esp_ota_verify_chip_id(const void *arg)
     return ESP_OK;
 }
 
+static esp_err_t esp_ota_verify_chip_revision(const void *arg)
+{
+    esp_image_header_t *data = (esp_image_header_t *)(arg);
+    esp_https_ota_dispatch_event(ESP_HTTPS_OTA_VERIFY_CHIP_REVISION, (void *)(&data->min_chip_rev_full), sizeof(uint16_t));
+
+    uint16_t ota_img_revision = data->min_chip_rev_full;
+    uint32_t chip_revision = efuse_hal_chip_revision();
+    if (ota_img_revision > chip_revision) {
+        ESP_LOGE(TAG, "Image requires chip rev >= v%d.%d, but chip is v%d.%d", ota_img_revision / 100, ota_img_revision % 100, chip_revision / 100, chip_revision % 100);
+        return ESP_ERR_INVALID_VERSION;
+    }
+    return ESP_OK;
+}
+
 esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle)
 {
     esp_https_ota_t *handle = (esp_https_ota_t *)https_ota_handle;
@@ -685,6 +701,11 @@ esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle)
                 if (err != ESP_OK) {
                     return err;
                 }
+
+                err = esp_ota_verify_chip_revision(data_buf);
+                if (err != ESP_OK) {
+                    return err;
+                }
             }
             return _ota_write(handle, data_buf, binary_file_len);
         case ESP_HTTPS_OTA_RESUME:
diff --git a/docs/en/api-reference/system/esp_https_ota.rst b/docs/en/api-reference/system/esp_https_ota.rst
index 8f02cc1e7c..e3fcdd2025 100644
--- a/docs/en/api-reference/system/esp_https_ota.rst
+++ b/docs/en/api-reference/system/esp_https_ota.rst
@@ -121,6 +121,9 @@ Event Handler Example
                     case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
                         ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
                         break;
+                    case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
+                        ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(uint16_t *)event_data);
+                        break;
                     case ESP_HTTPS_OTA_DECRYPT_CB:
                         ESP_LOGI(TAG, "Callback to decrypt function");
                         break;
@@ -146,6 +149,7 @@ Expected data type for different ESP HTTPS OTA events in the system event loop:
     - ESP_HTTPS_OTA_CONNECTED                 : ``NULL``
     - ESP_HTTPS_OTA_GET_IMG_DESC              : ``NULL``
     - ESP_HTTPS_OTA_VERIFY_CHIP_ID            : ``esp_chip_id_t``
+    - ESP_HTTPS_OTA_VERIFY_CHIP_REVISION      : ``uint16_t``
     - ESP_HTTPS_OTA_DECRYPT_CB                : ``NULL``
     - ESP_HTTPS_OTA_WRITE_FLASH               : ``int``
     - ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION     : ``esp_partition_subtype_t``
diff --git a/docs/zh_CN/api-reference/system/esp_https_ota.rst b/docs/zh_CN/api-reference/system/esp_https_ota.rst
index 6139c3377f..669742c961 100644
--- a/docs/zh_CN/api-reference/system/esp_https_ota.rst
+++ b/docs/zh_CN/api-reference/system/esp_https_ota.rst
@@ -121,6 +121,9 @@ ESP HTTPS OTA 过程中可能发生各种系统事件。当特定事件发生时
                     case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
                         ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
                         break;
+                    case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
+                        ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(uint16_t *)event_data);
+                        break;
                     case ESP_HTTPS_OTA_DECRYPT_CB:
                         ESP_LOGI(TAG, "Callback to decrypt function");
                         break;
@@ -146,6 +149,7 @@ ESP HTTPS OTA 过程中可能发生各种系统事件。当特定事件发生时
     - ESP_HTTPS_OTA_CONNECTED                 : ``NULL``
     - ESP_HTTPS_OTA_GET_IMG_DESC              : ``NULL``
     - ESP_HTTPS_OTA_VERIFY_CHIP_ID            : ``esp_chip_id_t``
+    - ESP_HTTPS_OTA_VERIFY_CHIP_REVISION      : ``uint16_t``
     - ESP_HTTPS_OTA_DECRYPT_CB                : ``NULL``
     - ESP_HTTPS_OTA_WRITE_FLASH               : ``int``
     - ESP_HTTPS_OTA_UPDATE_BOOT_PARTITION     : ``esp_partition_subtype_t``
diff --git a/examples/system/ota/advanced_https_ota/main/advanced_https_ota_example.c b/examples/system/ota/advanced_https_ota/main/advanced_https_ota_example.c
index 5659a9d950..9664133d4f 100644
--- a/examples/system/ota/advanced_https_ota/main/advanced_https_ota_example.c
+++ b/examples/system/ota/advanced_https_ota/main/advanced_https_ota_example.c
@@ -148,6 +148,9 @@ static void event_handler(void* arg, esp_event_base_t event_base,
             case ESP_HTTPS_OTA_VERIFY_CHIP_ID:
                 ESP_LOGI(TAG, "Verifying chip id of new image: %d", *(esp_chip_id_t *)event_data);
                 break;
+            case ESP_HTTPS_OTA_VERIFY_CHIP_REVISION:
+                ESP_LOGI(TAG, "Verifying chip revision of new image: %d", *(esp_chip_id_t *)event_data);
+                break;
             case ESP_HTTPS_OTA_DECRYPT_CB:
                 ESP_LOGI(TAG, "Callback to decrypt function");
                 break;