JTAG and Secure Boot + Flash Encryption

samc77
Posts: 7
Joined: Sun Feb 16, 2020 8:08 pm

JTAG and Secure Boot + Flash Encryption

Postby samc77 » Sun Mar 22, 2020 9:20 pm

Hi,

after I successfully enabled Secure Boot and Flash Encryption, both in development mode, the JTAG now fails.

IDF Version: 4.0
OpenOCD Version: 20200309

Code: Select all

# CONFIG_BOOTLOADER_APP_ANTI_ROLLBACK is not set
CONFIG_SECURE_SIGNED_ON_BOOT=y
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_ENABLED=y
# CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH is not set
CONFIG_SECURE_BOOTLOADER_REFLASHABLE=y
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOT_SIGNING_KEY="main/key.pem"
CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_256BIT=y
# CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_192BIT is not set
# CONFIG_SECURE_BOOT_INSECURE is not set
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not set
# CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC is not set
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
Flashing is done by esptool.py, works.
The debugger tries to connect but fails like this:

Code: Select all

Info : accepting 'gdb' connection on tcp/3333
Info : JTAG tap: esp32.cpu0 tap/device found: 0x120034e5 (mfg: 0x272 (Tensilica), part: 0x2003, ver: 0x1)
Info : JTAG tap: esp32.cpu1 tap/device found: 0x120034e5 (mfg: 0x272 (Tensilica), part: 0x2003, ver: 0x1)
Info : cpu0: Debug controller 0 was reset.
Info : cpu0: Core 0 was reset.
Info : cpu0: Target halted, PC=0x500000CF, debug_reason=00000000
Info : esp32: Core 0 was reset.
Info : esp32: Debug controller 1 was reset.
Info : esp32: Core 1 was reset.
Info : Target halted. CPU0: PC=0x40000400 (active)
Info : Target halted. CPU1: PC=0x40000400
Error: cpu0: Failed to write breakpoint instruction (-4)!
Error: cpu0: Failed to add SW breakpoint!
Error: can't add breakpoint: unknown reason
Error: cpu0: Failed to write breakpoint instruction (-4)!
Error: cpu0: Failed to add SW breakpoint!
Error: can't add breakpoint: unknown reason
Error: cpu0: Failed to write breakpoint instruction (-4)!
Error: cpu0: Failed to add SW breakpoint!
Error: can't add breakpoint: unknown reason
After these errors, the debugger seems to be running, but never reaches the app_main breakpoint and cannot be paused.

Seems I am missing something, but what?

As soon as I disable the Secure Boot + Flash Encryption and run it on another PCB, debugging works fine again.

Thanks,
Simon

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: JTAG and Secure Boot + Flash Encryption

Postby ESP_Angus » Sun Mar 22, 2020 10:57 pm

Hi Simon,

Unfortunately, openocd software breakpoints ("SW breakpoint") are not supported when either flash encryption or secure boot is enabled.

The reason in both cases is that the SW breakpoints (when set in flash mapped addresses like app_main) work by writing to the flash.

This doesn't work when flash encryption is enabled because openocd doesn't encrypt/decrypt the flash contents, even when flash encryption is set in "development mode", so openocd sees the ciphertext in the flash not the plaintext instructions. I'll talk to the openocd team about whether it's possible to add support for this. This is the reason why you're seeing the errors that you're seeing now.

There is also limited support for SW breakpoints when secure boot is enabled, even if flash encryption was disabled. Writing a SW breakpoint changes the contents of the flash, which changes the secure boot digest/signature, and this will cause the Secure Boot check to fail on boot. Therefore SW breakpoints can only be set after the system has booted up, and need to be cleared on reset. This isn't the issue you see right now, but it is an issue with using JTAG in this configuration. Some discussion about this issue is here: https://github.com/espressif/esp-idf/issues/4878

You may be able to work around this by changing the "bp 0xADDR" command to "bp 0xADDR hw" to make this a hardware breakpoint instead, or remove the app_main breakpoint entirely.

I'll check with the openocd team if there's anything else that can be done in this situation.

Angus

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: JTAG and Secure Boot + Flash Encryption

Postby ESP_Angus » Mon Mar 23, 2020 11:52 pm

To disable the flash support when using flash encryption, you can launch openocd with an additional argument like this:

Code: Select all

openocd -c 'set ESP_FLASH_SIZE 0' -f board/esp32-wrover-kit-3.3v.cfg
(Or similar)

This will limit the debugger to Hardware breakpoints and Software breakpoints in IRAM functions, only.

Will add some notes about this to the ESP-IDF Programmer Guide, also. At least until this support is improved.

Who is online

Users browsing this forum: Google [Bot] and 170 guests