9305 Commits

Author SHA1 Message Date
ChenJianxing
e2526915b7 esp_wifi: fix amsdu & fragment vulnerabilities 2021-06-21 19:26:43 +08:00
wangjialiang
16898897a9 ble_mesh: stack: Fix crash for net_key_del when subnet is NULL 2021-06-21 11:26:10 +08:00
wangjialiang
9aecaa6fd0 ble_mesh: stack: Make unprovisioned beacon interval configurable.
Closes https://github.com/espressif/esp-idf/issues/6722
2021-06-21 11:26:03 +08:00
Renz Bagaporo
bf341d966c components: fix ldgen check errors 2021-06-21 09:52:03 +10:00
Renz Bagaporo
b9d288879d ci: exempt upstream libmbedtls mapping for sha256 2021-06-21 09:45:23 +10:00
Ivan Grokhotkov
8ef0017662 gdbstub: fix thread list generation
This commit fixes an issue with gdbstub, where it would list threads
with TIDs 1 to N in qfThreadInfo/qsThreadInfo responses, and then
would tell GDB that the current TID is 0 in the qC response. This
caused an assertion failure in GDB, because it couldn't find the
thread structure corresponding to TID 0:

src/gdb/gdb/thread.c:93: internal-error: thread_info* inferior_thread(): Assertion `tp' failed.

The issue was caused by the logic of qfThreadInfo/qsThreadInfo.
If the "paniced" task index was 1, the code would report it in the
response to qfThreadInfo, and then mistakenly skip task with index 0
in qsThreadInfo, due to the use of pre-increment instead of a
post-increment.

With that issue fixed, GDB assertion doesn't happen anymore. However
the code contained a deeper problem, which manifested itself in the
fact that GDB would incorrectly show task index 0 as the current task,
after the above fix.

Previous version of the code assumed that when GDB requests the thread
list, it uses the first thread returned by the target as the "default"
thread, and subsequently shows the user that the program is stopped
in that thread. This assumption was incorrect. In fact, after
connecting to a remote target, GDB obtains information about the
"default" or "current" thread from two sources:
1. the 'thread' special register indicated in the status response
   ($T00thread;00000001#ee)
2. if the target has only sent the plain stop response ($T00#ee), GDB
   would ask for the current thread using a qC packet.
With that in mind, it is not necessary to report the paniced task as
the first task in qfThreadInfo response. We can simply returns the
tasks in their natural order, and then indicate the current task in
the qS packet response.

However even that change does not fully resolve the issues with task
list. The previous version of this code also incorrectly interpreted
the meaning of GDB TIDs -1 and 0. When GDB sends an "Hg0" command
early in the connection process, it doesn't expect the server to set
task 0 as the current task, as the code assumed. Rather, it tells the
server to "set any (arbitrary) task as the current one", and the most
logical thing to do for the server that is already in "stopped" state
is to keep the current task selection.

Since TID 0 has a special meaning in GDB remote protocol, gdbstub code
is now modified to map task indices (which start from 0) to GDB TIDs.
GDB TIDs are arbitrary, and for simplicity we keep the same order and
start counting them from 1.

The summary of all the above changes is:

1. Use "task index + 1" as the TID reported to GDB
2. Report the tasks in natural order; don't complicate the code to
   make the paniced task first in the list.
3. Centralize modification of 'current_task_index' and 'regfile'
   in the new 'set_active_task' function, to improve encapsulation.
2021-06-18 16:04:02 +02:00
Itay Perl
27fe437412 app_update: fix incorrect first byte from esp_ota_get_app_elf_sha256
At -O2 optimization level, GCC seems to optimize out the copying of the
first byte of the checksum, assuming it is zero. This "miscompilation"
happens because the esp_app_desc struct is declared const, but then modified
post-compilation. Casting to volatile disables the optimization.

Closes: https://github.com/espressif/esp-idf/pull/6389
2021-06-17 17:32:49 +08:00
wangjialiang
bfcaa64b49 ble_mesh: stack: Fix AuthValue Leak and Predictable AuthValue in Bluetooth Mesh Provisioning Leads to MITM 2021-06-17 17:23:49 +08:00
morris
41c82efcb9 i2s: fix driver uninstall issue 2021-06-17 16:37:11 +08:00
laokaiyao
45ee699eae driver/timer: only re-enable alarm in callback when auto reload is true
closes https://github.com/espressif/esp-idf/issues/7001
2021-06-17 10:37:32 +08:00
wangjialiang
4c453660ae ble_mesh: stack: Add check the value of Provisioning Random & Confirmation sent and received by provisioner 2021-06-16 17:03:38 +08:00
Michael (XIAO Xufeng)
fd1a67dd61 Merge branch 'bugfix/spi_flash_cs_setup_v4.1' into 'release/v4.1'
spi_flash: fix cs line setup to make the flash driver more stable(backport v4.1)

See merge request espressif/esp-idf!13964
2021-06-16 07:36:06 +00:00
David Čermák
1f76c9014b Merge branch 'bugfix/start_emac_after_phy_reset_v4.1' into 'release/v4.1'
esp_eth: restart negotiation in esp_eth_start (v4.1)

See merge request espressif/esp-idf!13700
2021-06-16 06:00:32 +00:00
Suren Gabrielyan
b1e5705bbd mdns: Fix of crash when wifi interface get deleted and mdns receives the packets
Closes https://github.com/espressif/esp-idf/issues/6973
2021-06-15 16:54:44 +08:00
Michael (XIAO Xufeng)
cd99f0856c Merge branch 'bugfix/freemodbus_change_max_task_prio_v41' into 'release/v4.1'
Bugfix/freemodbus change max task prio (backport v4.1)

See merge request espressif/esp-idf!13721
2021-06-15 07:55:03 +00:00
Cao Sen Miao
7180526645 spi_flash: fix cs line setup to make the flash driver more stable 2021-06-15 15:11:47 +08:00
Island
a22cd6f542 Merge branch 'bugfix/btdm_enable_gattc_cache_will_crash_v4.1' into 'release/v4.1'
component/bt: fix enable gattc nvs cache lead to crash

See merge request espressif/esp-idf!13917
2021-06-10 02:56:50 +00:00
Wang Meng Yang
1f075dc346 Merge branch 'bugfix/btdm_incorrectly_spelled_v4.1' into 'release/v4.1'
component/bt: fix Spelling mistakes (release v4.1)

See merge request espressif/esp-idf!12817
2021-06-09 10:05:53 +00:00
XieWenxiang
9daeddac0b component/bt: Modify some ambiguous descriptions(release v4.1) 2021-06-09 14:14:18 +08:00
xiewenxiang
a1f743772f component/bt: fix enable gattc nvs cache lead to crash 2021-06-07 17:56:55 +08:00
Chinmay Chhajed
74b48f1df7 Bluedroid: Check only x component of passkey to avoid passkey impersonation attack. 2021-06-07 07:18:16 +00:00
Angus Gratton
1e84e87f7f pthread: Fix possible deadlock when using pthread_join() and Debug log level
Possible for a joined task to be deleted at the moment it is logging,
meaning it might hold the stdout lock. In that case the lock isn't
released and the next task to try and take it (i.e. call printf)
will block indefinitely.
2021-06-07 02:15:36 +00:00
Alexey Gerenkov
ce04bc87e1 gcov: Fixes not linked gcov rtio functions 2021-06-02 22:17:56 +03:00
liaowenhao
eb36b63e7d bugfix/fix crash when lmp flooding 2021-06-02 09:48:30 +00:00
baohongde
cf5d810bae components/bt: Delete BLE ADV priority high 2021-06-02 09:48:30 +00:00
Chinmay Chhajed
a81a6c5471 bt controller: Fixed handling for invalid feature page. 2021-06-02 09:48:30 +00:00
wangmengyang
c08d81a91f components/bt: fix PATH of libbtdm_app.a in build script 2021-06-02 09:48:30 +00:00
Angus Gratton
8d1a99e026 paritition_table: Verify the partition table md5sum when loading the app
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).

The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
2021-06-02 16:31:19 +10:00
Jakob Hasse
aba87df4f2 [system]: Made longjmp save for context switch
* Patched longjmp to be context-switch safe
  longjmp modifies the windowbase and windowstart
  registers, which isn't safe if a context switch
  occurs during the modification. After a context
  switch, windowstart and windowbase will be
  different, leading to a wrongly set windowstart
  bit due to longjmp writing it based on the
  windowbase before the context switch. This
  corrupts the registers at the next window
  overflow reaching that wrongly set bit.

  The solution is to disable interrupts during
  this code. It is only 6 instructions long,
  the impact shouldn't be significant.

  The fix is implemented as a wrapper which
  replaces the original first instructions of
  longjmp which are buggy. Then, it jumps back
  to execute the rest of the original longjmp
  function.

  Added a comparably reliable test to the
  test apps.
2021-06-01 07:38:50 +00:00
Jakob Hasse
ba11976efb [C++]: wrapper functions around unwind code
* Replaced all C++ exception related
  functions with wrappers if -fno-exception
  is used. This prevents linking of the
  corresponding code in libgcc. The code
  size will decrease by around 7-9 KB when
  building with -fno-exception.
* added no except test app

Closes https://github.com/espressif/esp-idf/pull/5380
Closes https://github.com/espressif/esp-idf/issues/5363
Closes https://github.com/espressif/esp-idf/issues/5224
Closes IDFGH-3153
Closes IDF-2577
2021-06-01 14:51:15 +08:00
aleks
998b67094b freemodbus: increase max priority of modbus tasks
allows to avoid issues with modbus processing when higher priority tasks are used in user application
2021-05-31 12:20:15 +02:00
Michael (XIAO Xufeng)
1ddac24b0a ci: decrease the flash performance threshold 2021-05-27 14:07:01 +08:00
Jiang Jiang Jian
3c3eab0bd8 Merge branch 'bugfix/fix_set_channel_error_after_wifi_stop_v4.1' into 'release/v4.1'
esp_wifi: Fix setting channel error after WiFi stop (backport v4.1)

See merge request espressif/esp-idf!13449
2021-05-25 14:53:11 +00:00
Jiang Jiang Jian
2a63d1058e Merge branch 'nimble/fix_ble_sm_sc_pub_key_v4.1' into 'release/v4.1'
NimBLE: Fix MITM vulnerability and free AES context (v4.1)

See merge request espressif/esp-idf!13598
2021-05-25 14:52:59 +00:00
Prasad Alatkar
3319702355 NimBLE: Fix MITM vulnerability and free AES context (v4.1) 2021-05-25 14:47:22 +05:30
xiongweichao
7c53e88b05 Remove btc_hf_idx_by_bdaddr in both btc_hf_init and btc_hf_deinit functions 2021-05-25 09:00:09 +00:00
xiongweichao
5b5a36a7b2 fix ag use dynamic memory error 2021-05-25 09:00:09 +00:00
David Cermak
6aa902c509 MQTT: Update submodule reference to support new config modes
* Queueing publish messages to outbox when the client is not connected (default=off -> messages are queued if disconnected)
* Use of incremental msg-id instead of random id (default=off -> msg-id uses platform_random())
* Posting a new event-id if a queued message gets deleted from the outbox (default=off -> events are not posted)

Detailed description of included `esp-mqtt` changes
(da850b0add1e71b3659bfac5d797cc834dc3e89b...9ea804e0ab5368d5ab53ae2301a5fec9d1f12f1a)
* mqtt: Remove unused mqtt_header_state_t
  - esp-mqtt commit: b7158a4aea
  - esp-mqtt MR: espressif/esp-mqtt!84
  - Merges https://github.com/espressif/esp-mqtt/pull/180
* Cleanup public include dirs
  - esp-mqtt commit: f65d5d05db
  - esp-mqtt MR: espressif/esp-mqtt!85
* Config: Add a new option to use incremental message id
  - esp-mqtt commit: 8bb4a26f46
  - esp-mqtt MR: espressif/esp-mqtt!85
  - Closes https://github.com/espressif/esp-mqtt/issues/176
* Publish: Add new API to enqueue qos>0 messages
  - esp-mqtt commit: dc7fd5c0b1
  - esp-mqtt MR: espressif/esp-mqtt!85
  - Closes https://github.com/espressif/esp-mqtt/issues/155
* Config: Add a new option to disable publishing when disconnected
  - esp-mqtt commit: f44dcb1c26
  - esp-mqtt MR: espressif/esp-mqtt!85
  - Related https://github.com/espressif/esp-mqtt/issues/177
* Events: Add new event to report deleted messages from outbox
  - esp-mqtt commit: 2e35d4d4d5
  - esp-mqtt MR: espressif/esp-mqtt!85
* Publish: Allow for qos=0 messages to be stored using esp_mqtt_client_enqueue()
  - esp-mqtt commit: e2de0f3e3e
  - esp-mqtt MR: espressif/esp-mqtt!85
2021-05-25 09:56:29 +02:00
morris
bf9587132b esp_eth: restart negotiation in esp_eth_start 2021-05-25 15:26:09 +08:00
Prasad Alatkar
98116a627e NimBLE: Update submodule to fix host flow control bugs. 2021-05-18 18:46:26 +05:30
Prasad Alatkar
842a55cda3 NimBLE: Fix host flow control in NimBLE porting layer.
- Register `ble_hs_flow_acl_free` callback in NimBLE porting layer.
2021-05-17 19:53:37 +05:30
Marius Vikhammer
5241d68bf4 timer: add IRAM_ATTR to spinlock give/take API
Closes https://github.com/espressif/esp-idf/issues/6824
2021-05-13 16:07:01 +08:00
Jiang Jiang Jian
b1a5c00ee7 Merge branch 'bugfix/gtk_reinstallation_fix_v4.1' into 'release/v4.1'
wpa_supplicant: Prevent reinstallation of an already in-use group key (v4.1)

See merge request espressif/esp-idf!13183
2021-05-13 07:35:05 +00:00
Hrudaynath Dhabe
e1af1fe126 wpa_supplicant: Group key reinstallation fixes
This commit reverts previous commit for GTK reinstallation fix
and corrects original fix.
2021-05-13 15:34:58 +08:00
Angus Gratton
966e45598b Merge branch 'bugfix/otatool_wrong_switch_ota_partition_slots_v4.1' into 'release/v4.1'
otatool: Fix incorrect using otadata.seq&crc in switch_ota_partition cmd (v4.1)

See merge request espressif/esp-idf!13369
2021-05-11 02:10:07 +00:00
Ivan Grokhotkov
ad9987f859 esp_pm: fix formatting issues in esp_pm_dump_locks
- line was truncated because 64 characters were not sufficient
- length passed to snprintf should be full buffer length, not -1
- make the width of lock name field fixed
- fix alignment of lock type column
2021-05-10 16:29:29 +00:00
Jiang Jiang Jian
0f1801d6b4 Merge branch 'bugfix/backport_some_lwip_bugs_0428_v4.1' into 'release/v4.1'
lw-ip:backport bugfix lwip for v4.1(backport 4.1)

See merge request espressif/esp-idf!13377
2021-05-10 05:37:29 +00:00
Jiang Jiang Jian
d3f11b1e9d Merge branch 'bugfix/fix_uart_set_rx_timeout_feature_v41' into 'release/v4.1'
Bugfix/fix uart set rx timeout feature (backport v4.1)

See merge request espressif/esp-idf!11538
2021-05-10 03:41:08 +00:00
Alex Lisitsyn
538117a904 Bugfix/fix uart set rx timeout feature (backport v4.1) 2021-05-10 11:41:02 +08:00
Jiang Jiang Jian
099daf7873 Merge branch 'bugfix/fix_gpio_wakeup_light_sleep_backport_v4.1' into 'release/v4.1'
bugfix: gpio can't wakeup light sleep (backport v4.1)

See merge request espressif/esp-idf!12884
2021-05-10 03:37:28 +00:00