Commit Graph

4475 Commits

Author SHA1 Message Date
Harshit Malpani
90d0689331
fix(esp-tls): Use TLS 1.2 and TLS 1.3 simultaneously
This commit fixes the issue with TLS 1.2 connection when TLS 1.3 is
enabled in config.
2024-05-02 17:15:08 +05:30
Jiang Jiang Jian
98d17f23ef Merge branch 'feature/update-openocd-to-v0.12.0-esp32-20240318_v5.0' into 'release/v5.0'
feat(tools): update openocd version to v0.12.0-esp32-20240318 (v5.0)

See merge request espressif/esp-idf!30047
2024-04-17 10:44:44 +08:00
Alexey Gerenkov
57bd998cda feat(tools): update openocd version to v0.12.0-esp32-20240318 2024-04-08 03:34:24 +08:00
wuzhenghui
c6186be010
fix(esp_pm): update CPU frequency immediately after updating pm_config
Closes https://github.com/espressif/esp-idf/issues/13492
2024-04-07 14:50:25 +08:00
Jakub Kocka
c8f8185561 refactor(idf_tools): IDF version is acquired only from version or header file
Closes https://github.com/espressif/esp-idf/issues/13385
2024-03-20 07:59:58 +01:00
Roland Dobai
914d893c5c Merge branch 'fix/fix_curses_py312_v5.0' into 'release/v5.0'
Fix Access Violation Error on Windows with Python 3.12 (v5.0)

See merge request espressif/esp-idf!29511
2024-03-15 16:19:57 +08:00
Martin Vychodil
05a45e9c96 Merge branch 'bugfix/nvs_lock_initi_and_multipage_blob_v5.0' into 'release/v5.0'
Bugfix/nvs Improved handling of BLOB during unreliable power environment and concurrent data access scenarios (v5.0)

See merge request espressif/esp-idf!29322
2024-03-13 23:06:23 +08:00
Jan Beran
5b9a0a3379 fix(menuconfig): Prevent Access violation on Windows with Python 3.12
Closes https://github.com/espressif/esp-idf/issues/13232
2024-03-08 14:25:49 +01:00
Martin Vychodil
f68a7bc76b Revert "Merge branch 'update/littlefs_demo_example_v5.0' into 'release/v5.0'"
This reverts merge request !28453
2024-03-06 18:41:31 +01:00
Martin Vychodil
2809d47a80 Merge branch 'update/littlefs_demo_example_v5.0' into 'release/v5.0'
LittleFS demo example added (v5.0)

See merge request espressif/esp-idf!28453
2024-03-04 19:35:52 +08:00
Jiang Jiang Jian
d409df4bfb Merge branch 'contrib/github_pr_12867_v5.0' into 'release/v5.0'
fix(esp32): Removed rogue semicolon in #define in esp_smartconfig.h (GitHub PR) (v5.0)

See merge request espressif/esp-idf!29113
2024-03-04 10:44:28 +08:00
Xiao Xufeng
c32a56fe3b spi_flash: fixed issue that enabling HPM-DC by default may cause app unable to restart 2024-03-03 23:11:43 +08:00
Marius Vikhammer
f00e5a042f Merge branch 'ci/new-known_failure_cases_workflow(v5.0)' into 'release/v5.0'
ci: change known_failure_cases workflow(v5.0)

See merge request espressif/esp-idf!27964
2024-03-01 15:04:04 +08:00
Simon H
515f085f70
fix(esp_wifi): Remove semicolon from SMARTCONFIG_START_CONFIG_DEFAULT
Removed rogue semicolon from SMARTCONFIG_START_CONFIG_DEFAULT() macro. This
fixes build issues when this macro is used via C++ brace initialization.

Closes https://github.com/espressif/esp-idf/pull/12867

[Darian Leung: Updated commit message]
Signed-off-by: Darian Leung <darian@espressif.com>
2024-02-29 17:59:51 +08:00
radek.tandler
56cb47be79 fix(nvs): Improved lockig mechanism for initialization phase 2024-02-28 12:43:51 +01:00
Jiang Jiang Jian
6d5f4bcda6 Merge branch 'feat/use_esp_debug_backend_pkg' into 'release/v5.0'
Replace 'debug_backend' with 'esp-debug-backend' from PyPi

See merge request espressif/esp-idf!28820
2024-02-23 10:42:38 +08:00
Roland Dobai
21abe3eda6 Merge branch 'fix/py_dep_check_v5.0' into 'release/v5.0'
fix(tools): catch more general errors in python dependency checker (v5.0)

See merge request espressif/esp-idf!29165
2024-02-23 01:10:08 +08:00
Peter Dragun
575e924d61 fix(tools): catch more general errors in python dependency checker 2024-02-22 11:33:52 +01:00
Mahavir Jain
534e3ad1fa Merge branch 'bugfix/ota_anti_rollback_checks_2_v5.0' into 'release/v5.0'
feat(bootloader_support): Read secure_version under sha256 protection (v5.0)

See merge request espressif/esp-idf!29061
2024-02-22 17:13:17 +08:00
Aditya Patwardhan
bcca689866
change(version): Update version to 5.0.6 2024-02-20 10:03:13 +05:30
Mahavir Jain
f2743707b8 fix(ota): additional checks for secure version in anti-rollback case
Some additional checks related to secure version of the application in
anti-rollback case have been added to avoid any attempts to boot lower
security version but valid application (e.g., passive partition image).

- Read secure_version under sha256 protection

- First check has been added in the bootloader to ensure correct secure
  version after application verification and loading stage. This check
  happens before setting up the flash cache mapping and handling over
  the final control to application. This check ensures that application
  was not swapped (e.g., to lower security version but valid image) just
  before the load stage in bootloader.

- Second check has been added in the application startup code to ensure
  that currently booting app has higher security version than the one
  programmed in the eFuse for anti-rollback scenario. This will ensure
  that only the legit application boots-up on the device for
  anti-rollback case.
2024-02-15 15:14:51 +02:00
Alexey Gerenkov
164be1cd52 tests: Replace 'debug_backend' with 'esp-debug-backend' from PyPi 2024-01-31 18:49:21 +03:00
igor.udot
8003214fd5 ci: change known_failure_cases workflow 2024-01-30 14:27:42 +08:00
Adam Múdry
43d0b27053 feat: LittleFS bump version to 1.13.0 2024-01-22 20:21:21 +08:00
Jakub Kocka
cb6de0af4e fix(kconfcheck): Fixed false-positive indent errors and extended limits 2024-01-15 09:15:58 +01:00
Roland Dobai
abad298532 fix(gdbgui): Fix support of gdbgui on Unix with Python 3.11
Closes https://github.com/espressif/esp-idf/issues/12764
2024-01-05 18:52:37 +01:00
xueyunfei
e0cdfe3590 Fix(esp_wifi): Add the missing header file to the wifi header files 2024-01-03 10:38:31 +08:00
Roland Dobai
97acb47d2f Merge branch 'feat/manifest_check_v5.0' into 'release/v5.0'
feat: use esp-idf-sbom pre-commit plugin (v5.0)

See merge request espressif/esp-idf!27750
2023-12-20 00:10:38 +08:00
Frantisek Hrbata
b20cd8ccfa feat: use esp-idf-sbom pre-commit plugin
Currently sbom manifest is checked only in .gitmodules and
this check is done in pre-commit and also in CI. Meaning it's running
three times(pre-commit before push if user has it enabled, in CI
as there is the pre-commit run again and again with test in CI). Since
esp-idf-sbom contains a full manifest validation support and pre-commit
plugin for it, let's use it. This removes all the current sbom testing
and replaces it with a signle pre-commit plugin which validates all
manifests files(sbom.yml, idf_component.yml, .gitmodules and also
referenced manifests) in repository. Note that this checks all
manifests, not only ones which were modified. The check is reasonably
fast though, so it should not cause any problem. The reason for
validating all manifest files is that we want to make sure that the sbom
information in .gitmodules is updated too and that the hash
recorded in .gitmodules is up-to-date. Meaning submodule update
would not trigger this plugin, because no manifest was changed.

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-12-19 12:55:35 +01:00
Roland Dobai
4c5ba485cc Merge branch 'tools/use_recommended_tool_priority' into 'release/v5.0'
fix (idf_tools): Opt for the recommended tool in tools.json rather than the supported one (v5.0)

See merge request espressif/esp-idf!27794
2023-12-19 19:37:00 +08:00
Roland Dobai
ed375f22e0 Merge branch 'contrib/github_pr_12683_v5.0' into 'release/v5.0'
fix(tools): fix path delimiter in gdbinit for Windows (v5.0)

See merge request espressif/esp-idf!27576
2023-12-19 19:35:30 +08:00
Roland Dobai
585c252527 Merge branch 'feature/docker_git_safe_dirs_v5.0' into 'release/v5.0'
feat(docker): allow to add dirs into git's safe.directory (v5.0)

See merge request espressif/esp-idf!27561
2023-12-19 19:34:36 +08:00
morris
6dc42296d7 Merge branch 'contrib/github_pr_12559_v5.0' into 'release/v5.0'
fix(spi): Correct REG_SPI_BASE(i) macro for all targets (GitHub PR) (v5.0)

See merge request espressif/esp-idf!27716
2023-12-19 16:50:14 +08:00
Martin Vychodil
ead2652c33 Merge branch 'fix/fatfsgen_construct_v5.0' into 'release/v5.0'
fix(tools): Fix fatfsgen construct dependency (v5.0)

See merge request espressif/esp-idf!27656
2023-12-18 21:20:23 +08:00
Anton Maklakov
93c25851c1 Merge branch 'feature/update-gdb-to-12.1_20231023_v5.0' into 'release/v5.0'
feat(tools): update gdb version to 12.1_20231023 (v5.0)

See merge request espressif/esp-idf!27378
2023-12-18 18:13:30 +08:00
Mahavir Jain
d198439225 Merge branch 'fix/aes_mpi_interrupt_allocation_workflow_v5.0' into 'release/v5.0'
fix(mbedtls): move interrupt allocation during initialization phase (v5.0)

See merge request espressif/esp-idf!27442
2023-12-15 17:49:12 +08:00
GuyBrush
40263563fd fix(tools): fix path delimiter in gdbinit for Windows
Merges https://github.com/espressif/esp-idf/pull/12683

Signed-off-by: Alexey Lapshin <alexey.lapshin@espressif.com>
2023-12-13 09:27:44 +00:00
Aditya Patwardhan
03d7a3807b change(version): Update version to 5.0.5 2023-12-13 13:49:52 +05:50
Aleksei Apaseev
d17433623d fix(idf_tools): Opt for the recommended tool in tools.json rather than the supported one (v5.0) 2023-12-12 14:19:39 +08:00
TD-er
a27b43a6db fix(spi): Correct REG_SPI_BASE(i) macro for all targets
The existing formula can never match these registers.

Closes https://github.com/espressif/esp-idf/pull/12559
Closes https://github.com/espressif/esp-idf/pull/12562
2023-12-06 16:27:06 +08:00
Roland Dobai
53bebcade5 fix(tools): Fix fatfsgen construct exception type and dependency
construct=2.10.70 fixed an issue
(c3866e9492)
and StringError is raised instead of UnicodeDecodeError.
2023-12-04 17:24:46 +01:00
harshal.patil
b72804340c
fix(mbedtls): move interrupt allocation during initialization phase 2023-12-01 16:49:47 +05:30
Frantisek Hrbata
13e4c1a9e7 feat(docker): allow to add paths into git's safe.directory
With 8959555cee7e[1] ("setup_git_directory(): add an owner check for the top..")
git added an ownership check of the git directory and refuses to
run any git commands, even parsing the config file, if the git directory
is not owned by the current user. The "fatal: detected dubious ownership in repository"
is reported.

This fixes CVE-2022-24765[2], which allows to compromise user account. On a
multi-user system or e.g. on a shared file system, one user may create a "rogue"
git repository with e.g. core.fsmonitor set to an arbitrary command. Other user
may unwillingly execute this command by running e.g. git-diff or
git-status within the "rogue" git repository, which may be in one of the parent
directories. If e.g. PS1 is set to display information about a git
repository in CWD, as suggested in Git in Bash[3], the user do not need to run
any git command to trigger this, just entering some subdirectory under
this "rogue" git repository is enough, because the git command will be
started transparently through the script used in PS1. The core.fsmonitor
can be set to arbitrary command. It's purpose is to help git to identify changed files
and speed up the scanning for changed files.

rogue
├── .git     # owned by user1
└── dir1     # owned by user2
    ├── dir2 # owned by user2
    └── .git # owned by user2

user1 sets core.fsmonitor for git repository in rogue directory
$ git config --add core.fsmonitor "bash -c 'rm -rf \$HOME'"

user2 enters dir1 and runs e.g. git diff and triggers the core.fsmonitor command.

The ownership check may cause problems when running git commands in
ESP-IDF Docker container. For example user may run the container as
root, but the mounted project may be owned by a particular user.

In this case git will refuse to execute any git command within the
"/project" directory, because it's not owned by root. To overcome this,
git allows to set safe.directories, for which the ownership check is
skipped. The security check may be completely disabled by setting
safe.directories to "*". This solution was proposed in PR 12636[4], but
it would allow make it possible to exploit this vulnerability again.

This fix allows user to specify git's safe.directory in IDF_GIT_SAFE_DIR
environmental variable, which may be set during container startup.

The IDF_GIT_SAFE_DIR has same format as PATH and multiple directories can be
specified by using a ":" separator. To entirely disable this git security check
within the container, user may set IDF_GIT_SAFE_DIR='*'. This might be
heplfull in CI.

Closes https://github.com/espressif/esp-idf/pull/12636

[1] - 8959555cee
[2] - https://nvd.nist.gov/vuln/detail/cve-2022-24765
[3] - https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
[4] - https://github.com/espressif/esp-idf/pull/12636

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-12-01 08:31:06 +01:00
Alexey Lapshin
f7a6ca13e9 feat(tools): update gdb version to 12.1_20231023 2023-11-24 11:17:52 +04:00
Jiang Jiang Jian
15825570a3 Merge branch 'contrib/github_pr_12052_v5.0' into 'release/v5.0'
Two small patches for build system and fatfs (GitHub PR) (v5.0)

See merge request espressif/esp-idf!26432
2023-11-23 19:27:38 +08:00
Jiang Jiang Jian
ae02cc7b7c Merge branch 'feat/dynamic_integration_pipeline_v5.0' into 'release/v5.0'
CI: dynamic integration pipeline v5.0

See merge request espressif/esp-idf!26947
2023-11-23 15:17:12 +08:00
Jiang Jiang Jian
85651c507f Merge branch 'contrib/github_pr_12558_v5.0' into 'release/v5.0'
Fix: esptool_py incorrectly assumed target name equals binary name (GitHub PR) (v5.0)

See merge request espressif/esp-idf!27272
2023-11-23 15:13:59 +08:00
Jiang Jiang Jian
a8caeb9af4 Merge branch 'bugfix/fix_lightsleep_current_leakage_on_usj_pad_v5.0' into 'release/v5.0'
fix(esp_hw_support): fix lightsleep current leakage on usb pad (backport v5.0)

See merge request espressif/esp-idf!27208
2023-11-23 14:46:38 +08:00
wuzhenghui
ead822e6ee
fix(esp_hw_support): fix lightsleep current leakage on usb-phy controlled pad 2023-11-23 10:21:02 +08:00
Frantisek Hrbata
d587d24c43 feat(ci): add test for custom cmake CMAKE_EXECUTABLE_SUFFIX
Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-11-22 14:44:18 +00:00