The tlsf implementation in the ROM does not provide a mechanism
to register a callback to be called in by tlsf_check().
This commit is creating a patch of the tlsf implementation to provide
a definition of the function allowing to register the callback called
in tlsf_check() and add the call of this callback in tlsf_check().
This patch is only compiled for target(s) with ESP_ROM_HAS_HEAP_TLSF
set and ESP_ROM_TLSF_CHECK_PATCH set. For all the other configurations
the environment remains unchanged by those modifications.
sizeof(time_t) was previously switched from 4 to 8, ROM functions that use
time_t or dependent types (such as "struct stat") are no longer called due as
they still treat sizeof(time_t) as 4 (see commit
24c20d188e).
However, there is a ROM callpath that was left out. If putchar is the first
stdio print related call, the call path will result in cantwrite() ->
__swsetup_r() -> __smakebuf_r() -> __swhatbuf_r() using the ROM "struct stat"
(where sizeof(time_t)==4).
Instead of removing all printf related ROM newlib functions (which will result
in increased binary size), this commit adds a workaround to setup the stdio
files before any print related calls occur.
This results in cantwrite() always returning false, thus the callpath described
above never being reached.
Closes https://github.com/espressif/esp-idf/issues/9269
- The declaration is moved to esp_rom/include/esp32c2/rom/tlsf.h.
- multi_heap_poisoning.h now includes rom/tlsf.h instead of declaring
tlsf_poison_fill_pfunc_set().
Note: If more targets will support an implementation of the TLSF in ROM,
esp_rom will be extended with new headers in the respective target directories
but multi_heap_poisoning.h will remain unchanged.
This updates the minimal supported version of CMake to 3.16, which in turn enables us to use more CMake features and have a cleaner build system.
This is the version that provides most new features and also the one we use in our latest docker image for CI.
Eliminate UT_T1_GPIO runner requirement by routing internally through gpio matrix and by setting gpio pins to GPIO_MODE_INPUT_OUTPUT mode for all interrupt related test cases.
This fixes passing -Wimplicit-fallthrough=0 flag to Clang, which it
doesn't recognize, and is not necessary for this file.
Also the flag is changed from PUBLIC to PRIVATE since it is necessary
when compiling this component only.
To make the transition from 32-bit time_t to 64-bit time_t smoother,
detect the size of this type in CMake and remove the manual option in
Kconfig.
The information about 64-bit time_t support is moved from Kconfig help
string into the "system time" section of the API reference.
...and all their callers.
With the upcoming switch from sizeof(time_t)==4 to sizeof(time_t)==8,
sizeof(struct stat) is also increasing.
A few newlib functions present in ROM allocate 'struct stat' on the
stack and call _fstat_r on this structure. The implementation of
fstat is provided in ESP-IDF. This implementation will often do
memset(st, 0, sizeof(*st)), where st is 'struct stat*', before setting
some fields of this structure. If IDF is built with sizeof(st)
different from sizeof(st) which ROM was built with, this will lead
to an out-of-bounds write and a stack corruption.
This commit removes problematic ROM functions from the linker script.
Here are the functions which allocate 'struct stat':
* _isatty_r (in ROM)
* __swhatbuf_r, called by __smakebuf_r, called by __swsetup_r and
__srefill_r (in ROM)
* _fseeko_r (not in ROM)
* glob2 (not in ROM)
* _gettemp (not in ROM)
As a result, these functions are used from libc.a, and use correct
size of 'stat' structure.
Closes https://github.com/espressif/esp-idf/issues/7980
1. fix(pp): fix fragment plt loss when 2td pn compare with 1th pn
2. pmf allow keyindex in big endian format to workaround faulty APs
3. docs: update miswritten and abbreviated words and syntax errors for initialize WiFi section in esp_wifi.h header file
4. allow for minimal scope of wifi_init_config_t
We found conflict in "sizeof(time_t)" due to inclusion of this
header over toolchain specific "newlib.h".
Moreover, there are no users for this header and implementation
for API is also not available in ROM. Hence removing it.
The following files have been ported:
* esp_rom_crc.h
* esp_rom_sys.h
* esp_rom_efuse.h (mostly no-ops)
* esp_rom_md5.h
Integrated Linux-based rom implementation into log
and NVS component.
Added brief host tests for ROM to ensure basic
consistency on Linux.
Added ROM printf host unit tests.
Temporarily added reset reason for Linux in ROM.
* On S3, the placement of ROM functions is
ECO-dependent. Hence, we don't jump into
the middle of the longjmp function in ROM
on S3 anymore.
Instead, the whole longjump function is used
in the patch.
* Also properly excluded the patch from
bootloader build with Makefiles
Closes IDF-3391
Updates the following with changes from verification branches:
* esp_rom linker files
* rtc_cntl and system reg and struct headers
Also updates:
* GDMA driver with new register layout
* esptool submodule commit
Additionally, always enable the partition MD5 check if flash encryption is on in
Release mode. This ensures the partition table ciphertext has not been modified
(CVE-2021-27926).
The exception is pre-V3.1 ESP-IDF bootloaders and partition tables, which
don't have support for the MD5 entry.
* Patched longjmp to be context-switch safe
longjmp modifies the windowbase and windowstart
registers, which isn't safe if a context switch
occurs during the modification. After a context
switch, windowstart and windowbase will be
different, leading to a wrongly set windowstart
bit due to longjmp writing it based on the
windowbase before the context switch. This
corrupts the registers at the next window
overflow reaching that wrongly set bit.
The solution is to disable interrupts during
this code. It is only 6 instructions long,
the impact shouldn't be significant.
The fix is implemented as a wrapper which
replaces the original first instructions of
longjmp which are buggy. Then, it jumps back
to execute the rest of the original longjmp
function.
Added a comparably reliable test to the
test apps.
1. Fix the bug that Wi-Fi performance is impacted by BLE starting scan for a while in some scenarios on ESP32-C3.
2. Fix the bug that Wi-Fi performance is impacted when Bluetooth change state for a while in some scenarios on ESP32-C3.
3. Fix the bug that BLE performance is impacted by Wi-Fi scan on ESP32-C3.
4. Fix the bug that Wi-Fi scan fails when BLE is scanning on ESP32-C3.
5. Fix Wi-Fi ACK and CTS rate when low rate is disabled on ESP32-C3.
components/bt: Do not use feature: timer support isr dispatch method
disable controller after wake up finished.
protect critical section of power down
choose clk in sleep
components/coex: mac bb power down in light sleep
components/coex: Macro changed
components/os: protect reserved interrupt number
update phy to phy_version 300,6e46ba7,Jan 25 2021
some bugfix
This adds support for the retargetable locking implementation in
newlib 3. This feature will be enabled in the future toolchain builds.
With the present version of the toolchain, this code doesn't get used.
When _RETARGETABLE_LOCKING gets enabled, newlib locking implementation
will be modified as follows:
- Legacy ESP-specific _lock_xxx functions are preserved. This is done
because ROM copies of newlib in ESP32 and ESP32-S2 rely on these
functions through the function pointer table. Also there is some
code in IDF which still uses these locking functions.
- New __retarget_lock_xxx functions are introduced. Newlib expects
these functions to be provided by the system. These functions work
pretty much the same way as the ESP-specific _lock_xxx functions,
except one major difference: _lock_acquire receives the lock pointer
by value, and as such doesn't support lazy initialization.
- Static locks used by newlib are now explicitly initialized at
startup. Since it is unlikely that these static locks are used at
the same time, all compatible locks are set to point to the same
mutex. This saves a bit of RAM. Note that there are still many locks
not initialized statically, in particular those inside FILE
structures.
During HAL layer refactoring and new chip bringup, we have several
caps.h for each part, to reduce the conflicts to minimum. But this is
The capabilities headers will be relataive stable once completely
written (maybe after the featues are supported by drivers).
Now ESP32 and ESP32-S2 drivers are relative stable, making it a good
time to combine all these caps.h into one soc_caps.h
This cleanup also move HAL config and pin config into separated files,
to make the responsibilities of these headers more clear. This is
helpful for the stabilities of soc_caps.h because we want to make it
public some day.
The remaining 4 kB had been reserved for storing RF calibration and
BT stack state since 4e092be6. However, these features never got
implemented. If we ever need to place RF related data into RTC slow
memory, we can do this by creating a variable with RTC_NOINIT_ATTR
instead.
Closes https://github.com/espressif/esp-idf/issues/3993
1. The 2nd bootloader always call `rom_spiflash_unlock()`, but never help to clear the WEL bit when exit. This may cause system unstability.
This commit helps to clear WEL when flash configuration is done.
**RISK:** When the app starts, it didn't have to clear the WEL before it actually write/erase. But now the very first write/erase operation should be done after a WEL clear. Though the risk is little (all the following write/erase also need to clear the WEL), we still have to test this carefully, especially for those functions used by the OTA.
2. The `rom_spiflash_unlock()` function in the patch of ESP32 may (1) trigger the QPI, (2) clear the QE or (3) fail to unlock the ISSI chips.
Status register bitmap of ISSI chip and GD chip:
| SR | ISSI | GD25LQ32C |
| -- | ---- | --------- |
| 0 | WIP | WIP |
| 1 | WEL | WEL |
| 2 | BP0 | BP0 |
| 3 | BP1 | BP1 |
| 4 | BP2 | BP2 |
| 5 | BP3 | BP3 |
| 6 | QE | BP4 |
| 7 | SRWD | SRP0 |
| 8 | | SRP1 |
| 9 | | QE |
| 10 | | SUS2 |
| 11 | | LB1 |
| 12 | | LB2 |
| 13 | | LB3 |
| 14 | | CMP |
| 15 | | SUS1 |
QE bit of other chips are at the bit 9 of the status register (i.e. bit 1 of SR2), which should be read by RDSR2 command.
However, the RDSR2 (35H, Read Status 2) command for chip of other vendors happens to be the QIOEN (Enter QPI mode) command of ISSI chips. When the `rom_spiflash_unlock()` function trys to read SR2, it may trigger the QPI of ISSI chips.
Moreover, when `rom_spiflash_unlock()` try to clear the BP4 bit in the status register, QE (bit 6) of ISSI chip may be cleared by accident. Or if the ISSI chip doesn't accept WRSR command with argument of two bytes (since it only have status register of one byte), it may fail to clear the other protect bits (BP0~BP3) as expected.
This commit makes the `rom_spiflash_unlock()` check whether the vendor is issi. if so, `rom_spiflash_unlock()` only send RDSR to read the status register, send WRSR with only 1 byte argument, and also avoid clearing the QE bit (bit 6).
3. `rom_spiflash_unlock()` always send WRSR command to clear protection bits even when there is no protection bit active. And the execution of clearing status registers, which takes about 700us, will also happen even when there's no bits cleared.
This commit skips the clearing of status register if there is no protection bits active.
Also move the execute_flash_command to be a bootloader API; move
implementation of spi_flash_wrap_set to the bootloader
* changing dependencies from unity->cmock
* added component.mk and Makefile.projbuild
* ignore test dir in gen_esp_err_to_name.py
* added some brief introduction of CMock in IDF
Goal is that multiple faults would be required to bypass a boot-time signature check.
- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32
Add some additional checks for invalid sections:
- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
