blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-04-01 20:30:09 -04:00
Code Issues Projects Releases Wiki Activity

Merge branch 'bugfix/fix_efuse_example_c2_v5.3' into 'release/v5.3'

Browse Source 
fix(efuse): Fix efuse test examples (v5.3)

See merge request espressif/esp-idf!33729
This commit is contained in:
Marius Vikhammer 2024-09-23 16:42:41 +08:00
commit fbf7f2c031
5 changed files with 53 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
examples/system/efuse/conftest.py
View File

@ -1,9 +1,12 @@
# SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD # SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
import json
import logging import logging
import os import os
import tempfile
from typing import Any
import espefuse
import pytest import pytest
from _pytest.fixtures import FixtureRequest from _pytest.fixtures import FixtureRequest
from _pytest.monkeypatch import MonkeyPatch from _pytest.monkeypatch import MonkeyPatch
@ -52,6 +55,12 @@ class EfuseFlashEncSerial(IdfSerial):
# Restore self.app.flash files to original value # Restore self.app.flash files to original value
self.app.flash_files = prev_flash_files self.app.flash_files = prev_flash_files
def erase_field_on_emul_efuse_by_name(self, efuse_names: list) -> None:
pos_of_bits = []
for name in efuse_names:
pos_of_bits.append(self.get_efuse_offset(name))
self.erase_field_on_emul_efuse(pos_of_bits)
def erase_field_on_emul_efuse(self, pos_of_bits: list) -> None: def erase_field_on_emul_efuse(self, pos_of_bits: list) -> None:
emul_efuse_bin_path = os.path.join(self.app.binary_path, 'emul_efuse.bin') emul_efuse_bin_path = os.path.join(self.app.binary_path, 'emul_efuse.bin')
self.dump_flash(output=emul_efuse_bin_path, partition='emul_efuse') self.dump_flash(output=emul_efuse_bin_path, partition='emul_efuse')
@ -86,6 +95,20 @@ class EfuseFlashEncSerial(IdfSerial):
self.flash() self.flash()
self.app.flash_files = prev_flash_files self.app.flash_files = prev_flash_files
def get_efuse_offset(self, efuse_name: str) -> Any:
with tempfile.NamedTemporaryFile(suffix='.json') as temp_file:
temp_file_path = temp_file.name
espefuse.main(f'--virt -c {self.target} summary --format json --file {temp_file_path}'.split())
with open(temp_file_path, 'r') as file:
efuse_summary = json.load(file)
if efuse_name in efuse_summary:
data = efuse_summary[efuse_name]
offset = int(data['word'] * 32) + data['pos']
print(f'{efuse_name} offset = {offset}')
return offset
else:
raise ValueError(f"eFuse '{efuse_name}' not found in the summary.")
@pytest.fixture(scope='module') @pytest.fixture(scope='module')
def monkeypatch_module(request: FixtureRequest) -> MonkeyPatch: def monkeypatch_module(request: FixtureRequest) -> MonkeyPatch:

8
examples/system/efuse/main/efuse_main.c
View File

@ -15,8 +15,14 @@
#include "esp_efuse.h" #include "esp_efuse.h"
#include "esp_efuse_table.h" #include "esp_efuse_table.h"
#include "esp_efuse_custom_table.h" #include "esp_efuse_custom_table.h"
#if CONFIG_SECURE_BOOT || CONFIG_IDF_TARGET_ESP32C2
#include "esp_secure_boot.h" #include "esp_secure_boot.h"
#endif
#if CONFIG_SECURE_FLASH_ENC_ENABLED || CONFIG_IDF_TARGET_ESP32C2
#include "esp_flash_encrypt.h" #include "esp_flash_encrypt.h"
#endif
#include "sdkconfig.h" #include "sdkconfig.h"
static const char* TAG = "example"; static const char* TAG = "example";
@ -28,7 +34,7 @@ typedef struct {
uint8_t setting_1; /*!< Setting 1: length 6 bits */ uint8_t setting_1; /*!< Setting 1: length 6 bits */
uint8_t setting_2; /*!< Setting 2: length 5 bits */ uint8_t setting_2; /*!< Setting 2: length 5 bits */
size_t custom_secure_version; /*!< Custom secure version: length 16 bits */ size_t custom_secure_version; /*!< Custom secure version: length 16 bits */
uint16_t reserv; /*!< Reserv */ uint16_t reserve; /*!< Reserve */
} device_desc_t; } device_desc_t;

56
examples/system/efuse/pytest_system_efuse_example.py
View File

@ -1,7 +1,5 @@
# SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD # SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Unlicense OR CC0-1.0 # SPDX-License-Identifier: Unlicense OR CC0-1.0
from __future__ import unicode_literals
import logging import logging
import os import os
@ -162,20 +160,12 @@ def test_examples_efuse_with_virt_flash_enc_pre_loaded(dut: Dut) -> None:
dut.expect('example: Done') dut.expect('example: Done')
if dut.app.target == 'esp32': if dut.app.target == 'esp32':
print(' - Flash emul_efuse with pre-loaded efuses (FLASH_CRYPT_CNT 1 -> 0)') CRYPT_CNT_EFUSE_NAME = 'FLASH_CRYPT_CNT'
# offset of this eFuse is taken from components/efuse/esp32/esp_efuse_table.csv
FLASH_CRYPT_CNT = 20
# Resets eFuse, which enables Flash encryption feature
dut.serial.erase_field_on_emul_efuse([FLASH_CRYPT_CNT])
elif dut.app.target == 'esp32c2':
FLASH_CRYPT_CNT = 39
dut.serial.erase_field_on_emul_efuse([FLASH_CRYPT_CNT])
else: else:
# offset of this eFuse is taken from components/efuse/{target}/esp_efuse_table.csv CRYPT_CNT_EFUSE_NAME = 'SPI_BOOT_CRYPT_CNT'
print(' - Flash emul_efuse with pre-loaded efuses (SPI_BOOT_CRYPT_CNT 1 -> 0)') print(f' - Flash emul_efuse with pre-loaded efuses ({CRYPT_CNT_EFUSE_NAME} 1 -> 0)')
SPI_BOOT_CRYPT_CNT = 82 # Resets eFuse, which enables Flash encryption feature
# Resets eFuse, which enables Flash encryption feature dut.serial.erase_field_on_emul_efuse_by_name([CRYPT_CNT_EFUSE_NAME])
dut.serial.erase_field_on_emul_efuse([SPI_BOOT_CRYPT_CNT])
print(' - Start app (flash partition_table and app)') print(' - Start app (flash partition_table and app)')
dut.serial.write_flash_no_enc() dut.serial.write_flash_no_enc()
@ -333,10 +323,8 @@ def test_examples_efuse_with_virt_secure_boot_v1_pre_loaded(dut: Dut) -> None:
dut.expect('example: Done') dut.expect('example: Done')
print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_0 1 -> 0)') print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_0 1 -> 0)')
# offset of this eFuse is taken from components/efuse/esp32/esp_efuse_table.csv
ABS_DONE_0 = 196
# Resets eFuse, which enables Secure boot (V1) feature # Resets eFuse, which enables Secure boot (V1) feature
dut.serial.erase_field_on_emul_efuse([ABS_DONE_0]) dut.serial.erase_field_on_emul_efuse_by_name(['ABS_DONE_0'])
print(' - Start app (flash partition_table and app)') print(' - Start app (flash partition_table and app)')
dut.serial.flash() dut.serial.flash()
@ -439,10 +427,8 @@ def test_examples_efuse_with_virt_secure_boot_v2(dut: Dut) -> None:
dut.expect('example: Done') dut.expect('example: Done')
print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_1 1 -> 0)') print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_1 1 -> 0)')
# offset of this eFuse is taken from components/efuse/esp32/esp_efuse_table.csv
ABS_DONE_1 = 197
# Resets eFuse, which enables Secure boot (V2) feature # Resets eFuse, which enables Secure boot (V2) feature
dut.serial.erase_field_on_emul_efuse([ABS_DONE_1]) dut.serial.erase_field_on_emul_efuse_by_name(['ABS_DONE_1'])
print(' - Start app (flash partition_table and app)') print(' - Start app (flash partition_table and app)')
dut.serial.flash() dut.serial.flash()
@ -504,10 +490,8 @@ def test_examples_efuse_with_virt_secure_boot_v2_pre_loaded(dut: Dut) -> None:
dut.expect('example: Done') dut.expect('example: Done')
print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_1 1 -> 0)') print(' - Flash emul_efuse with pre-loaded efuses (ABS_DONE_1 1 -> 0)')
# offset of this eFuse is taken from components/efuse/esp32/esp_efuse_table.csv
ABS_DONE_1 = 197
# Resets eFuse, which enables Secure boot (V2) feature # Resets eFuse, which enables Secure boot (V2) feature
dut.serial.erase_field_on_emul_efuse([ABS_DONE_1]) dut.serial.erase_field_on_emul_efuse_by_name(['ABS_DONE_1'])
print(' - Start app (flash partition_table and app)') print(' - Start app (flash partition_table and app)')
dut.serial.flash() dut.serial.flash()
@ -576,7 +560,7 @@ def test_examples_efuse_with_virt_secure_boot_v2_esp32xx(dut: Dut) -> None:
dut.expect('Verifying image signature...') dut.expect('Verifying image signature...')
dut.expect('secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set') dut.expect('secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set')
if dut.app.target == 'esp32c2': if dut.app.sdkconfig.get('SECURE_SIGNED_APPS_ECDSA_V2_SCHEME'):
signed_scheme = 'ECDSA' signed_scheme = 'ECDSA'
else: else:
signed_scheme = 'RSA-PSS' signed_scheme = 'RSA-PSS'
@ -648,24 +632,19 @@ def test_example_efuse_with_virt_secure_boot_v2_esp32xx_pre_loaded(dut: Dut) ->
print(' - Flash emul_efuse with pre-loaded efuses (SECURE_BOOT_EN 1 -> 0, SECURE_BOOT_KEY_REVOKE[0..2] -> 0)') print(' - Flash emul_efuse with pre-loaded efuses (SECURE_BOOT_EN 1 -> 0, SECURE_BOOT_KEY_REVOKE[0..2] -> 0)')
# offsets of eFuses are taken from components/efuse/{target}/esp_efuse_table.csv # offsets of eFuses are taken from components/efuse/{target}/esp_efuse_table.csv
if dut.app.target == 'esp32c2': # Resets eFuse, which enables Secure boot feature
SECURE_BOOT_EN = 53 # Resets eFuses, which control digest slots
dut.serial.erase_field_on_emul_efuse([SECURE_BOOT_EN]) if dut.app.sdkconfig.get('SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS'):
dut.serial.erase_field_on_emul_efuse_by_name(['SECURE_BOOT_EN', 'SECURE_BOOT_KEY_REVOKE0', 'SECURE_BOOT_KEY_REVOKE1', 'SECURE_BOOT_KEY_REVOKE2'])
else: else:
SECURE_BOOT_EN = 116 dut.serial.erase_field_on_emul_efuse_by_name(['SECURE_BOOT_EN'])
SECURE_BOOT_KEY_REVOKE0 = 85
SECURE_BOOT_KEY_REVOKE1 = 86
SECURE_BOOT_KEY_REVOKE2 = 87
# Resets eFuse, which enables Secure boot feature
# Resets eFuses, which control digest slots
dut.serial.erase_field_on_emul_efuse([SECURE_BOOT_EN, SECURE_BOOT_KEY_REVOKE0, SECURE_BOOT_KEY_REVOKE1, SECURE_BOOT_KEY_REVOKE2])
print(' - Start app (flash partition_table and app)') print(' - Start app (flash partition_table and app)')
dut.serial.flash() dut.serial.flash()
dut.expect('Loading virtual efuse blocks from flash') dut.expect('Loading virtual efuse blocks from flash')
dut.expect('Verifying image signature...') dut.expect('Verifying image signature...')
if dut.app.target == 'esp32c2': if dut.app.sdkconfig.get('SECURE_SIGNED_APPS_ECDSA_V2_SCHEME'):
signed_scheme = 'ECDSA' signed_scheme = 'ECDSA'
else: else:
signed_scheme = 'RSA-PSS' signed_scheme = 'RSA-PSS'
@ -957,7 +936,10 @@ def test_examples_efuse_with_virt_sb_v2_and_fe_esp32xx(dut: Dut) -> None:
dut.expect('Verifying image signature...') dut.expect('Verifying image signature...')
dut.expect('secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set') dut.expect('secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set')
signed_scheme = 'ECDSA' if dut.app.target == 'esp32c2' else 'RSA-PSS' if dut.app.sdkconfig.get('SECURE_SIGNED_APPS_ECDSA_V2_SCHEME'):
signed_scheme = 'ECDSA'
else:
signed_scheme = 'RSA-PSS'
dut.expect('secure_boot_v2: Verifying with %s...' % signed_scheme) dut.expect('secure_boot_v2: Verifying with %s...' % signed_scheme)
dut.expect('secure_boot_v2: Signature verified successfully!') dut.expect('secure_boot_v2: Signature verified successfully!')

2
examples/system/efuse/sdkconfig.ci.virt_sb_v2_and_fe.esp32p4
View File

@ -2,7 +2,7 @@
CONFIG_IDF_TARGET="esp32p4" CONFIG_IDF_TARGET="esp32p4"
CONFIG_PARTITION_TABLE_OFFSET=0xD000 CONFIG_PARTITION_TABLE_OFFSET=0xE000
CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv" CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"

2
examples/system/efuse/sdkconfig.ci.virt_secure_boot_v2.esp32p4
View File

@ -2,7 +2,7 @@
CONFIG_IDF_TARGET="esp32p4" CONFIG_IDF_TARGET="esp32p4"
CONFIG_PARTITION_TABLE_OFFSET=0xC000 CONFIG_PARTITION_TABLE_OFFSET=0xD000
CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv" CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="test/partitions_efuse_emul.csv"