esp-idf: Secure boot v2 does not write BLOCK2 properly, causes device to be bricked (IDFGH-5102)
Hi,
We have been using Secure Boot v2 + Flash Encrypiton succesfully, however after the latest uplift of ESP-IDF v4.2-414-g71e5b8757, devices started to get bricked becuase of BLOCK2 fuse not being written properly - all the bytes in the digest are 0x00.
I tried to compare changes in the bootloader since the old version, however I did not see any significant changes that might have broken the functionality.
Any guesses what could go wrong?
Here is menuconfig of the security settings:
Here is efuse summary:
Detecting chip type... ESP32
espefuse.py v3.0
EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0): BLOCK3 partially served for ADC calibration data = False R/W (0b0)
ADC_VREF (BLOCK0): Voltage reference calibration = 1121 R/- (0b00011)
Config fuses:
XPD_SDIO_FORCE (BLOCK0): Ignore MTDI pin (GPIO12) for VDD_SDIO on reset = False R/W (0b0)
XPD_SDIO_REG (BLOCK0): If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0): If XPD_SDIO_FORCE & XPD_SDIO_REG = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0): 8MHz clock freq override = 49 R/W (0x31)
SPI_PAD_CONFIG_CLK (BLOCK0): Override SD_CLK pad (GPIO6/SPICLK) = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0): Override SD_DATA_0 pad (GPIO7/SPIQ) = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0): Override SD_DATA_1 pad (GPIO8/SPID) = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0): Override SD_DATA_2 pad (GPIO9/SPIHD) = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0): Override SD_CMD pad (GPIO11/SPICS0) = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0): Disable SDIO host = False R/W (0b0)
Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 385 R/W (0x0181)
RD_DIS (BLOCK0): Efuse read disable mask = 1 R/- (0x1)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)
Identity fuses:
MAC (BLOCK0): Factory MAC Address
= 7c:9e:bd:d1:55:e8 (CRC 0xed OK) R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 237 R/W (0xed)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = True R/W (0b1)
CHIP_VERSION (BLOCK0): Reserved for future chip versions = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 1 R/W (0b001)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)
Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 127 R/W (0b1111111)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = False R/W (0b0)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = True R/W (0b1)
JTAG_DISABLE (BLOCK0): Disable JTAG = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = True R/W (0b1)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = True R/W (0b1)
BLOCK1 (BLOCK1): Flash encryption key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK2 (BLOCK2): Secure boot key
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/-
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).
Log from the first boot after flashing the device:
Ùé0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:1
load:0x3fff0030,len:28
ho 0 tail 12 room 4
load:0x3fff004c,len:12016
load:0x40078000,len:19048
load:0x40080400,len:4568
entry 0x400806f4
I (31) boot: ESP-IDF v4.2-414-g71e5b8757 2nd stage bootloader
I (31) boot: compile time 11:29:02
I (31) boot: chip revision: 3
I (35) boot.esp32: SPI Speed : 80MHz
I (40) boot.esp32: SPI Mode : DIO
I (44) boot.esp32: SPI Flash Size : 8MB
I (49) boot: Enabling RNG early entropy source...
I (54) boot: Partition Table:
I (58) boot: ## Label Usage Type ST Offset Length
I (65) boot: 0 nvs WiFi data 01 02 0000d000 00100000
I (73) boot: 1 nvs_2 WiFi data 01 02 0010d000 000ec000
I (80) boot: 2 otadata OTA data 01 00 001f9000 00002000
I (88) boot: 3 phy_init RF data 01 01 001fb000 00001000
I (95) boot: 4 factory_data WiFi data 01 02 001fc000 00003000
I (103) boot: 5 nvs_key NVS keys 01 04 001ff000 00001000
I (110) boot: 6 ota_0 OTA app 00 10 00200000 00300000
I (118) boot: 7 ota_1 OTA app 00 11 00500000 00300000
I (125) boot: End of partition table
I (130) boot: No factory image, trying OTA 0
I (134) esp_image: segment 0: paddr=0x00200020 vaddr=0x3f400020 size=0x47544 (292164) map
I (237) esp_image: segment 1: paddr=0x0024756c vaddr=0x3ffbdb60 size=0x04368 ( 17256) load
I (244) esp_image: segment 2: paddr=0x0024b8dc vaddr=0x40080000 size=0x00404 ( 1028) load
I (244) esp_image: segment 3: paddr=0x0024bce8 vaddr=0x40080404 size=0x04330 ( 17200) load
I (259) esp_image: segment 4: paddr=0x00250020 vaddr=0x400d0020 size=0xe9b50 (957264) map
I (569) esp_image: segment 5: paddr=0x00339b78 vaddr=0x40084734 size=0x175e0 ( 95712) load
I (605) esp_image: segment 6: paddr=0x00351160 vaddr=0x00000000 size=0x0ee70 ( 61040)
I (625) esp_image: Verifying image signature...
I (625) secure_boot: Secure Boot eFuse bit(ABS_DONE_1) not yet programmed.
I (627) secure_boot: Verifying with RSA-PSS...
I (651) boot: Loaded app from partition at offset 0x200000
I (666) boot: Set actual ota_seq=1 in otadata[0]
I (667) secure_boot_v2: enabling secure boot v2...
I (667) esp_image: segment 0: paddr=0x00001020 vaddr=0x3fff0030 size=0x0001c ( 28)
I (675) esp_image: segment 1: paddr=0x00001044 vaddr=0x3fff004c size=0x02ef0 ( 12016)
I (687) esp_image: segment 2: paddr=0x00003f3c vaddr=0x40078000 size=0x04a68 ( 19048)
I (698) esp_image: segment 3: paddr=0x000089ac vaddr=0x40080400 size=0x011d8 ( 4568)
I (702) esp_image: Verifying image signature...
I (706) secure_boot: Secure Boot eFuse bit(ABS_DONE_1) not yet programmed.
I (713) secure_boot: Verifying with RSA-PSS...
I (731) secure_boot_v2: valid signature block found
I (736) secure_boot_v2: Burning public key hash to efuse.
I (736) secure_boot_v2: Write protecting public key digest...
I (1072) secure_boot_v2: valid signature block found
I (1077) secure_boot_v2: blowing secure boot efuse...
I (1077) secure_boot_v2: Disable JTAG...
I (1077) secure_boot_v2: Disable ROM BASIC interpreter fallback...
I (1095) secure_boot_v2: secure boot v2 is now enabled.
I (1095) boot: Checking flash encryption...
I (1095) flash_encrypt: Generating new flash encryption key...
I (1104) flash_encrypt: Read & write protecting new key...
I (1109) flash_encrypt: Setting CRYPT_CONFIG efuse to 0xF
I (1115) flash_encrypt: Disable UART bootloader encryption...
I (1122) flash_encrypt: Disable UART bootloader decryption...
I (1128) flash_encrypt: Disable UART bootloader MMU cache...
I (1135) flash_encrypt: Disable JTAG...
I (1139) flash_encrypt: Disable ROM BASIC interpreter fallback...
I (1157) esp_image: segment 0: paddr=0x00001020 vaddr=0x3fff0030 size=0x0001c ( 28)
I (1157) esp_image: segment 1: paddr=0x00001044 vaddr=0x3fff004c size=0x02ef0 ( 12016)
I (1169) esp_image: segment 2: paddr=0x00003f3c vaddr=0x40078000 size=0x04a68 ( 19048)
I (1180) esp_image: segment 3: paddr=0x000089ac vaddr=0x40080400 size=0x011d8 ( 4568)
I (1184) esp_image: Verifying image signature...
I (1189) secure_boot: Verifying with RSA-PSS...
Sig block 0 signed with untrusted key
E (1197) secure_boot: Secure Boot V2 verification failed.
E (1203) esp_image: Secure boot signature verification failed
I (1209) esp_image: Calculating simple hash to check for corruption...
W (1225) esp_image: image valid, signature bad
W (1225) flash_encrypt: no valid bootloader was found
I (1277) flash_encrypt: Encrypting partition 2 at offset 0x1f9000...
I (1355) flash_encrypt: Encrypting partition 5 at offset 0x1ff000...
I (1406) esp_image: segment 0: paddr=0x00200020 vaddr=0x3f400020 size=0x47544 (292164) map
I (1500) esp_image: segment 1: paddr=0x0024756c vaddr=0x3ffbdb60 size=0x04368 ( 17256)
I (1506) esp_image: segment 2: paddr=0x0024b8dc vaddr=0x40080000 size=0x00404 ( 1028)
I (1506) esp_image: segment 3: paddr=0x0024bce8 vaddr=0x40080404 size=0x04330 ( 17200)
I (1520) esp_image: segment 4: paddr=0x00250020 vaddr=0x400d0020 size=0xe9b50 (957264) map
I (1831) esp_image: segment 5: paddr=0x00339b78 vaddr=0x40084734 size=0x175e0 ( 95712)
I (1862) esp_image: segment 6: paddr=0x00351160 vaddr=0x00000000 size=0x0ee70 ( 61040)
I (1882) esp_image: Verifying image signature...
I (1882) secure_boot: Verifying with RSA-PSS...
Sig block 0 signed with untrusted key
E (1884) secure_boot: Secure Boot V2 verification failed.
E (1890) esp_image: Secure boot signature verification failed
I (1897) esp_image: Calculating simple hash to check for corruption...
W (2226) esp_image: image valid, signature bad
E (2226) esp_image: image at 0x500000 has invalid magic byte
W (2226) esp_image: image at 0x500000 has invalid SPI mode 255
W (2233) esp_image: image at 0x500000 has invalid SPI size 15
I (2239) flash_encrypt: Setting FLASH_CRYPT_CNT for permanent encryption
I (2258) flash_encrypt: Flash encryption completed
I (2258) boot: Resetting with flash encryption enabled...
ets Jul 29 2019 12:21:46
rst:0x3 (SW_RESET),boot:0x17 (SPI_FAST_FLASH_BOOT)
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
invalid header: 0x573542f2
ets Jul 29 2019 12:21:46
Thanks, /Erik
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 16 (6 by maintainers)
Commits related to this issue
- secure_boot_v2: Fix case when BLOCK2 is left blank Closes: https://github.com/espressif/esp-idf/issues/6886 — committed to espressif/esp-idf by KonstantinKondrashov 3 years ago
No further info needed, we’ve confirmed the issue exists in latest release/v4.2 branch. Fix will be available ASAP.