Merge branch 'task/def_security_enable' into 'master'

shahpiyushv · shahpiyushv · commit abc00d3c0fd9 · 2022-01-25T11:20:07.000Z
examples: Enable some security features and change order of component dirs

See merge request app-frameworks/esp-rainmaker!274
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,5 +1,19 @@
 # Changes
 
+## 25-Jan-2022 (examples: Enable some security features and change order of component dirs)
+
+A couple of security features were added some time back, viz.
+
+1. esp_rmaker_local_ctrl: Added support for sec1
+2. esp_rmaker_user_mapping: Add checks for user id for better security
+
+These are kept disabled by default at component level to maintain backward compatibility and not
+change any existing projects. However, since enabling them is recommended, these are added in
+the sdkconfig.defaults of all examples.
+
+A minor change in CMakeLists.txt has also been done for all examples so that the rmaker_common
+component from esp-rainmaker gets used, rather than the one from esp-insights.
+
 ## 12-Jan-2022 (esp_rmaker_local_ctrl: Added support for sec1)
 
 This commit adds support for security1 for local control. This can be enabled by setting
diff --git a/examples/fan/CMakeLists.txt b/examples/fan/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/fan/sdkconfig.defaults b/examples/fan/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/gpio/CMakeLists.txt b/examples/gpio/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/gpio/sdkconfig.defaults b/examples/gpio/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/homekit_switch/CMakeLists.txt b/examples/homekit_switch/CMakeLists.txt
@@ -13,7 +13,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS $ENV{HOMEKIT_PATH}/components/homekit ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS $ENV{HOMEKIT_PATH}/components/homekit ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/homekit_switch/sdkconfig.defaults b/examples/homekit_switch/sdkconfig.defaults
@@ -29,3 +29,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/led_light/CMakeLists.txt b/examples/led_light/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/led_light/sdkconfig.defaults b/examples/led_light/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/multi_device/CMakeLists.txt b/examples/multi_device/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/multi_device/sdkconfig.defaults b/examples/multi_device/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/switch/CMakeLists.txt b/examples/switch/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/switch/sdkconfig.defaults b/examples/switch/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
diff --git a/examples/temperature_sensor/CMakeLists.txt b/examples/temperature_sensor/CMakeLists.txt
@@ -9,7 +9,7 @@ else()
 endif(DEFINED ENV{RMAKER_PATH})
 
 # Add RainMaker components and other common application components
-set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common ${RMAKER_PATH}/components/esp-insights/components)
+set(EXTRA_COMPONENT_DIRS ${RMAKER_PATH}/components/esp-insights/components ${RMAKER_PATH}/components ${RMAKER_PATH}/examples/common)
 
 set(PROJECT_VER "1.0")
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/examples/temperature_sensor/sdkconfig.defaults b/examples/temperature_sensor/sdkconfig.defaults
@@ -19,3 +19,10 @@ CONFIG_BT_NIMBLE_ENABLED=y
 
 # Temporary Fix for Timer Overflows
 CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH=3120
+
+# For additional security on reset to factory
+CONFIG_ESP_RMAKER_USER_ID_CHECK=y
+
+# Secure Local Control
+CONFIG_ESP_RMAKER_LOCAL_CTRL_ENABLE=y
+CONFIG_ESP_RMAKER_LOCAL_CTRL_SECURITY_1=y
