Merge branch 'enable_flash_elf_sha_tests' into 'master'

Enable SHA256 coredump flash integrity verification for all targets

Closes IDF-1820

See merge request espressif/esp-idf!28387

Author: erhankur

components/espcoredump/CMakeLists.txt

@@ -5,11 +5,12 @@ if(${target} STREQUAL "linux")
 endif()
 
 set(srcs "src/core_dump_common.c"
-         "src/core_dump_checksum.c"
          "src/core_dump_flash.c"
          "src/core_dump_uart.c"
          "src/core_dump_elf.c"
-         "src/core_dump_binary.c")
+         "src/core_dump_binary.c"
+         "src/core_dump_sha.c"
+         "src/core_dump_crc.c")
 
 set(includes "include")
 set(priv_includes "include_core_dump")

components/espcoredump/Kconfig

@@ -44,7 +44,7 @@ menu "Core dump"
             bool "Use CRC32 for integrity verification"
         config ESP_COREDUMP_CHECKSUM_SHA256
             bool "Use SHA256 for integrity verification"
-            depends on ESP_COREDUMP_DATA_FORMAT_ELF && IDF_TARGET_ESP32
+            depends on ESP_COREDUMP_DATA_FORMAT_ELF
     endchoice
 
     config ESP_COREDUMP_CHECK_BOOT

components/espcoredump/include_core_dump/core_dump_checksum.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -34,15 +34,14 @@ extern "C" {
  * @brief Type describing a checksum context. It is an abstract type as it is
  * implementation independent, it is defined in the C source counterpart.
  */
-typedef struct core_dump_checksum_ctx core_dump_checksum_ctx;
+typedef void* core_dump_checksum_ctx;
 
 /**
  * @brief Type returned by `esp_core_dump_checksum_finish()`. It describes a
  * checksum as an array of bytes. It can also be provided to `esp_core_dump_print_checksum()`.
  */
 typedef uint8_t* core_dump_checksum_bytes;
 
-
 /**
  * @brief Get ELF core dump version.
  *
@@ -58,7 +57,7 @@ uint32_t esp_core_dump_elf_version(void);
  *
  * @param wr_data Core dump checksum context to fill.
  */
-void esp_core_dump_checksum_init(core_dump_checksum_ctx** wr_data);
+void esp_core_dump_checksum_init(void ** wr_data);
 
 /**
  * @brief Update checksum calculation by integrating the given data in the context.
@@ -68,20 +67,19 @@ void esp_core_dump_checksum_init(core_dump_checksum_ctx** wr_data);
  *                This is usually the new data to write (or already written) on
  *                the flash.
  */
-void esp_core_dump_checksum_update(core_dump_checksum_ctx* wr_data, void* data, size_t data_len);
+void esp_core_dump_checksum_update(void* wr_data, void* data, size_t data_len);
 
 /**
  * @brief Terminate and return checksum calculated for the given context.
  *
- * @param wr_data Core dump checksum context. It can be NULL only if chs_ptr is
- *                also NULL.
+ * @param wr_data Core dump checksum context.
  * @param chs_ptr Pointer used to return the checksum calculated. It can be
  *                NULL, in this case, it will be ignored but the correct size
  *                of the checksum will be returned.
  *
  * @return The size, in bytes, of the checksum.
  */
-uint32_t esp_core_dump_checksum_finish(core_dump_checksum_ctx* wr_data, core_dump_checksum_bytes* chs_ptr);
+uint32_t esp_core_dump_checksum_finish(void* wr_data, core_dump_checksum_bytes* chs_ptr);
 
 /**
  * @brief Return the size of the checksums.

components/espcoredump/include_core_dump/esp_core_dump_types.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -96,16 +96,14 @@ extern "C" {
  */
 #define COREDUMP_VERSION_CHIP CONFIG_IDF_FIRMWARE_CHIP_ID
 
-
 typedef struct _core_dump_write_data_t
 {
     uint32_t off; /*!< Current offset of data being written */
     uint8_t  cached_data[COREDUMP_CACHE_SIZE]; /*!< Cache used to write to flash */
     uint8_t  cached_bytes; /*!< Number of bytes filled in the cached */
-    core_dump_checksum_ctx* checksum_ctx; /*!< Checksum context */
+    void *checksum_ctx; /*!< Checksum context */
 } core_dump_write_data_t;
 
-
 /**
  * @brief Types below define the signatures of the callbacks that are used
  * to output a core dump. The destination of the dump is implementation

components/espcoredump/linker.lf

@@ -42,8 +42,11 @@ entries:
         core_dump_common (noflash)
         core_dump_port (noflash)
         core_dump_elf (noflash)
-        core_dump_checksum (noflash)
         core_dump_binary (noflash)
+        core_dump_crc (noflash)
+        # ESP32 uses mbedtls for the sha and mbedtls is in the flash
+        if IDF_TARGET_ESP32 = n:
+            core_dump_sha (noflash)
     else:
         * (default)
 

components/espcoredump/src/core_dump_checksum.c

@@ -0,0 +1,88 @@
+/*
+ * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include "sdkconfig.h"
+
+#if CONFIG_ESP_COREDUMP_CHECKSUM_CRC32
+
+#include "esp_rom_crc.h"
+#include "esp_core_dump_types.h"
+
+const static char TAG[] __attribute__((unused)) = "esp_core_dump_crc";
+
+typedef uint32_t core_dump_crc_t;
+
+typedef struct {
+    core_dump_crc_t crc;
+    uint32_t total_bytes_checksum;  /* Number of bytes used to calculate the checksum */
+} core_dump_crc_ctx_t;
+
+static core_dump_crc_ctx_t s_core_dump_crc_ctx = { 0 };
+
+void esp_core_dump_checksum_init(core_dump_checksum_ctx *out_ctx) __attribute__((alias("core_dump_crc_init")));
+void esp_core_dump_checksum_update(core_dump_checksum_ctx cks_ctx, void* data, size_t data_len) __attribute__((alias("core_dump_crc_update")));
+uint32_t esp_core_dump_checksum_finish(core_dump_checksum_ctx cks_ctx, core_dump_checksum_bytes* chs_ptr) __attribute__((alias("core_dump_crc_finish")));
+void esp_core_dump_print_checksum(const char* msg, core_dump_checksum_bytes checksum) __attribute__((alias("core_dump_crc_print")));
+uint32_t esp_core_dump_checksum_size(void) __attribute__((alias("core_dump_crc_size")));
+uint32_t esp_core_dump_elf_version(void) __attribute__((alias("core_dump_crc_version")));
+
+static void core_dump_crc_print(const char *msg, const uint8_t *checksum)
+{
+    ESP_COREDUMP_DEBUG_ASSERT(checksum != NULL);
+
+    if (msg != NULL) {
+        ESP_COREDUMP_PRINT("%s=", msg);
+    }
+    ESP_COREDUMP_PRINT("'%08x'\r\n", *((const uint32_t*)checksum));
+}
+
+static uint32_t core_dump_crc_size(void)
+{
+    return sizeof(core_dump_crc_t);
+}
+
+static uint32_t core_dump_crc_version(void)
+{
+    return COREDUMP_VERSION_ELF_CRC32;
+}
+
+static void core_dump_crc_init(core_dump_checksum_ctx *out_ctx)
+{
+    if (out_ctx) {
+        s_core_dump_crc_ctx.crc = 0;
+        s_core_dump_crc_ctx.total_bytes_checksum = 0;
+        *out_ctx = &s_core_dump_crc_ctx;
+    }
+}
+
+static void core_dump_crc_update(core_dump_checksum_ctx cks_ctx, void* data, size_t data_len)
+{
+    if (data) {
+        core_dump_crc_ctx_t *crc_ctx = cks_ctx;
+        crc_ctx->crc = esp_rom_crc32_le(crc_ctx->crc, data, data_len);
+        // keep counter of cashed bytes
+        crc_ctx->total_bytes_checksum += data_len;
+    } else {
+        ESP_COREDUMP_LOGE("Empty data to add to checksum calculation!");
+    }
+}
+
+static uint32_t core_dump_crc_finish(core_dump_checksum_ctx cks_ctx, core_dump_checksum_bytes* chs_ptr)
+{
+    if (cks_ctx) {
+        core_dump_crc_ctx_t *crc_ctx = cks_ctx;
+
+        if (chs_ptr) {
+            *chs_ptr = (core_dump_checksum_bytes)&crc_ctx->crc;
+        }
+
+        ESP_COREDUMP_LOG_PROCESS("Total length of hashed data: %d", crc_ctx->total_bytes_checksum);
+    }
+
+    return core_dump_crc_size();
+}
+
+#endif /* CONFIG_ESP_COREDUMP_CHECKSUM_CRC32 */

components/espcoredump/src/core_dump_crc.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */