System/Memprot: fixed voltage glitching detection logic

When the application is being debugged it should check the call result (esp_cpu_in_ocd_debug_mode())
is not given volt.glitch attack - so the result is triple-checked by ESP_FAULT_ASSERT macro. In case
the check fails, the system is reset immediately

IDF-4014

components/esp_hw_support/port/esp32c3/memprot.c

@@ -19,7 +19,7 @@
 #include "riscv/interrupt.h"
 #include "esp32c3/rom/ets_sys.h"
 #include "esp_log.h"
-
+#include "esp_fault.h"
 #include "soc/cpu.h"
 
 extern int _iram_text_end;
@@ -526,12 +526,11 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
         esp_memprot_set_monitor_en(MEMPROT_DRAM0_SRAM, false);
     }
 
-    // do not enable if being debugged
+    //if being debugged check we are not glitched and dont enable Memprot
     if (esp_cpu_in_ocd_debug_mode()) {
-        return;
-    }
+        ESP_FAULT_ASSERT(esp_cpu_in_ocd_debug_mode());
+    } else {
 
-    //panic handling
         if (invoke_panic_handler) {
             if (use_iram0) {
                 esp_memprot_set_intr_matrix(MEMPROT_IRAM0_SRAM);
@@ -546,8 +545,10 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
         esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_1_SPLITLINE, line_addr);
         esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_0_SPLITLINE, line_addr);
         esp_memprot_set_split_line(MEMPROT_IRAM0_DRAM0_SPLITLINE, line_addr);
-    esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_0_SPLITLINE, (void *)(MAP_IRAM_TO_DRAM((uint32_t)line_addr)));
-    esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_1_SPLITLINE, (void *)(MAP_IRAM_TO_DRAM((uint32_t)line_addr)));
+        esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_0_SPLITLINE,
+                                   (void *) (MAP_IRAM_TO_DRAM((uint32_t) line_addr)));
+        esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_1_SPLITLINE,
+                                   (void *) (MAP_IRAM_TO_DRAM((uint32_t) line_addr)));
 
         //set permissions
         if (required_mem_prot & MEMPROT_IRAM0_SRAM) {
@@ -557,13 +558,13 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
             esp_memprot_iram_set_pms_area(MEMPROT_IRAM0_PMS_AREA_3, true, true, false);
         }
         if (required_mem_prot & MEMPROT_DRAM0_SRAM) {
-        esp_memprot_dram_set_pms_area( MEMPROT_DRAM0_PMS_AREA_0, true, false );
+            esp_memprot_dram_set_pms_area(MEMPROT_DRAM0_PMS_AREA_0, true, false);
             esp_memprot_dram_set_pms_area(MEMPROT_DRAM0_PMS_AREA_1, true, true);
             esp_memprot_dram_set_pms_area(MEMPROT_DRAM0_PMS_AREA_2, true, true);
             esp_memprot_dram_set_pms_area(MEMPROT_DRAM0_PMS_AREA_3, true, true);
         }
 
-    //reenable protection
+        //reenable the protection
         if (use_iram0) {
             esp_memprot_monitor_clear_intr(MEMPROT_IRAM0_SRAM);
             esp_memprot_set_monitor_en(MEMPROT_IRAM0_SRAM, true);
@@ -585,6 +586,7 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
                 esp_memprot_set_monitor_lock(MEMPROT_DRAM0_SRAM);
             }
         }
+    }
 }
 
 uint32_t esp_memprot_get_dram_status_reg_1()

components/esp_hw_support/port/esp32s2/memprot.c

@@ -802,11 +802,10 @@ esp_err_t esp_memprot_set_prot(bool invoke_panic_handler, bool lock_feature, uin
         return ret;
     }
 
-    //connect to intr. matrix if not being debugged
-    if (!esp_cpu_in_ocd_debug_mode()) {
-
-        ESP_FAULT_ASSERT(!esp_cpu_in_ocd_debug_mode());
-
+    //if being debugged check we are not glitched and dont enable Memprot
+    if (esp_cpu_in_ocd_debug_mode()) {
+        ESP_FAULT_ASSERT(esp_cpu_in_ocd_debug_mode());
+    } else {
         //initialize for specific buses (any memory type does the job)
         if (invoke_panic_handler) {
             if (use_iram0 && (ret = esp_memprot_intr_init(MEMPROT_IRAM0_SRAM)) != ESP_OK) {