Previously the model recv operation is a littl fuzzy.
With the changes, the model recv operation is splitted into:
- find op
- check app_idx
- check dst
- check length
- update info & handle message
On ESP32, due to fifo reset issue, UART2 will work incorrectly if reset the fifo of UART1(TX fifo and RX fifo). The software can workaround the RX fifo reset issue,
while the TX fifo reset issue can not. When UART2 is used and UART1 is used as the log output port, a software reset can reproduce this issue. So we should reset the UART memory
before the software reset to solve this problem.
Fixes the issue that signed partition table was not generated when
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES was on, because
partition_table_bin depended on unsigned_partition_bin twice.
Regression from acb7a211.
Also use final_partition_bin variable in esptool_py_flash_target_image
arguments, to avoid issues in the future if final_partition_bin is
changed.
Bugfix/collection of confirmed fixes from baidu project
Closes BT-826, BT-542, BCI-31, BCI-34, BT-840, and AUD-1857
See merge request espressif/esp-idf!8675
The transport segmented TX nack and seg_pending fields must be at least
6 bits to avoid overflow for 32 segment messages. This change rearranges
the seg_tx fields to gather all state flag fields in one byte, while
making the counter fields whole bytes.
Ensures that friend messages are enqueued, even if the packet is
received with an appkey is unknown to the friend. Previously, sdu_recv
would return EINVAL if the appkey was unknown, which would prevent the
lower transport layer from adding the packet to the friend queue. This
is irrelevant for the logic in lower transport, and should not be
returned as an error.
Bugfix(I2S): Fix i2s_comm_format_t configuration parameter does not match the TRM bug
Closes IDFGH-3040, IDFGH-2913, IDFGH-578, IDFGH-2408, and IDFGH-3117
See merge request espressif/esp-idf!8339
Heap fragmentation causes 4-8 bytes of memory to be leaked
(due to rounding up of memory sizes). Increase the leak
thresholds to prevent test cases from failing.
If esp_restart_noos() is run and the stack address points to external memory (SPIRAM)
then Cache_Read_Disable() raises up the error "Cache disabled but cached memory region accessed"
to fix this we switch stack to internal RAM before disable cache.
Added unit tests.
Closes: https://github.com/espressif/esp-idf/issues/5107
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
When compiling esp_crt_bundle.c, it would end up with a different struct layout due
to configuration options from "mbedtls/esp_config.h" not being considered.
This lead to ca_chain potentially not being set correctly.
* Add options to mbedtls for hardware acceleration
* Disable mbedtls EC curves if hardware acceleration is selected
since the hardware will have to define the curves supported
* Add a hardware ecdsa example
Device name will be reset when deinit mesh stack. If not
initializing device name during the next mesh stack init,
it will fail to set the device name when using bluedroid.
Since bt_mesh_friend_init() will only be invoked when
a device is provisioned or Provisioner is enabled, so
we add a flag to indicate if the friend functionality
is initialized in case deinit before initialization.
Most ESP32 devices will also work at 80MHz, but third party boards/modules
may not have been tested at this speed so the default is kept at 40MHz for safety.
CoAP component relies on some mbedTLS crypto configuration
options, e.g. DTLS and PSK. These configuration options if
selected, have footprint impact on generic TLS examples like
https_request or https_ota as well.
Footprint of https_request example with/without change is per below:
$ ./tools/idf_size.py new_https_request.map --diff old_https_request.map
<CURRENT> MAP file: new_https_request.map
<REFERENCE> MAP file: old_https_request.map
Difference is counted as <CURRENT> - <REFERENCE>, i.e. a positive number means that <CURRENT> is larger.
Total sizes of <CURRENT>: <REFERENCE> Difference
DRAM .data size: 14796 bytes 14796
DRAM .bss size: 23560 bytes 23680 -120
Used static DRAM: 38356 bytes ( 142380 available, 21.2% used) 38476 -120 ( +120 available, +0 total)
Used static IRAM: 89045 bytes ( 42027 available, 67.9% used) 89045 ( +0 available, +0 total)
Flash code: 554231 bytes 563823 -9592
Flash rodata: 179000 bytes 181224 -2224
Total image size:~ 860632 bytes (.bin may be padded larger) 872568 -11936
This commit moves relevant config options to CoAP specific examples
and also adds some run time warnings if they are kept disabled.
Closes https://github.com/espressif/esp-idf/issues/5262
In case of wrong passpharse, AP will keep on sending 1/4 multiple
times which may take around 10 secs to disconnect and detect
wrong password event.
Add changes to reject EAPOL1 after 3 consecutive reception
Some AP's keep NULL-padding at the end of some variable length WPS
Attributes. This is not as par the WPS2.0 specs, but to avoid interop
issues, ignore the padding by reducing the attribute length by 1.
If the root is specified (FIXED-ROOT) by set type or set parent, change ie.mesh_type to MESH_ROOT before connect to router
Release emesh_recv_toDS when the root becomes non-root
esp_mesh_set_type now supports MESH_IDLE and MESH_STA
The interface name can be used in socket API, i.e. setsockopt(). The API esp_netif_get_netif_impl_name() shoudl be used to populate standard
interface structure struct ifreq.
Earlier check was for only input buffer but it is quite likely to have
output buffer also from non-DMA memory range and hence requirement to
reallocate and then copy data from AES engine.
- for ESP32 only enabled in case of unicore config
- capability wise this region (8K) is same as DRAM, except non-DMA capable
- also fixed small issue in reserved memory region processing when (start == end)
1. Buffers for SAE messages are not freed after the handshake.
This causes memory leak, free buffers after SAE handshake.
2. SAE global data is not freed until the next WPA3 connection
takes place, holding up heap space without reason. Free this
data after SAE handshake is complete or event fails.
3. Update wifi lib which includes memory leak fix during BIP
encryption/decryption operations.
Old version of BLE Mesh has no device role storage, because
previously we only support storing mesh node info.
If the binary of the node is upgraded from old version to a
new version (support storing provisioner info), the mesh info
of the node will not be restored because mesh role does not
exist in the flash.
The tests used to measure the throughput by FreeRTOS
`xTaskGetTickCount()`. The rounding error can be quite big, compared to
total measurement time (1350 ms for 4-bit mode).
This commit use `esp_timer_get_time()` instead to measure typical time,
which is in microseconds. Moreover, to get rid of the time error from
cache miss, `ccomp_timer_*` are used to get the cache compensated time
to measure the throughput used for unit test performance assertion.
When fast provisioning is enabled, Provisioner shall not
ignore messages from the nodes whose addresses are not in
the provisioning database. Because other nodes which are
not provisioned by the Primary Provisioner will send node
address messages to the Primary Provisioner.
This commit fixes a bug as well as changes a behaviour.
Bugfix: During softap/httpd based provisioning, if a session was closed
midway and a new one started, it would never proceed if the http server
assigns same socket number to the new session (which happens almost always).
Now, if a session is closed, using the http callbacks, the older session
data is cleared so that a new one can be created.
Behavioural change: If a client (mobile app particularly) does not use
persistent http session i.e. all provisioning communication on the same
socket, the provisioning may fail. Earlier, since the session context was
not getting cleared, even if the client closed a session and continued
on a new one, it would go through if the socket number assigned was same
(which happens almost always).
Ideally, from a security perspective, all communication related
to secure provisioning must happen on the same socket, and so, this
change is required.
When using fast provisioning, the Provisioner functionality
will be enabled. Unicast addresses within the pre-allocated
range will be used for provisioning nodes. And during the
address assignment, the allocated unicast address will be
checked that if it's duplicated with other nodes addresses
and the Provisioner's own addresses.
So before starting using fast provisioning, we need to update
the Provisioner address.
Since the behavior of sending segmented messages has been
changed properly, the calculation of timeout value which
will be used when sending an acknowledged message by a
client model also needs to be updated.
Add mutex to protect some variables of the mesh segmented
messages.
Currently the timeout handler of mesh will be executed in
the btc task, while the received mesh messages will be
handled in the btu task. In case some variables are set to
NULL when handled in the btu task, meanwhile these variables
are also accessed in the timeout handler, so we add mutex to
protect these variables and related operations.
The publication context is checked for NULL in bt_mesh_model_publish()
however it was dereferenced before that. Move the assignment to
ctx.send_rel to the same place where other ctx members are set.
Split mesh_util.h into mesh_byteorder.h, mesh_compiler.h,
mesh_ffs.h and mesh_util.h based on the classification of
Zephyr, which will make further porting more clear.
The Friend queue uses the message SeqAuth to determine whether the
message is already in the queue. To facilitate this, the SeqAuth is
passed around as a pointer throughout the transport modules. In the
bt_mesh_ctl_send functions, this parameter is also exposed in the API,
but the internal usage is inconsistent and buggy. Also, no one actually
uses this parameter.
- Removes seq_auth param from bt_mesh_ctl_send, instead passing NULL
directly to the friend module, to enforce its addition to the queue.
- Makes the seq_auth pointer const throughout the friend module.
Changes the behavior of the message cache to optimize for cache
capacity. Previously, the message cache's primary function was to avoid
decrypting messages multiple times, although the cache's main function
in the spec is to avoid message rebroadcasting. Optimizing for minimal
decryption causes us to fill the network cache faster, which in turn
causes more cache misses, potentially outweighing the advantage.
Now stores src + seq in message cache instead of field hash value. This
cuts cache size in two, while including more of the sequence number than
before.
Adds messages to the cache only after the packet is successfully
decrypted. This reduces noise in the cache, and ensures that no
invalid deobfuscations are added.
Additionally, this fixes a bug where multiple calls to net_decrypt with
the same packet failed, as the message cache found its own entry from
the previous call.
Implements several changes to the transport layer segmented tx to
improve group message performance:
- Moves retransmit counter to tx context instead of per packet. As every
unacked packet is sent every retransmit, the retransmit counters would
be the same in each segment. This makes it easier to control progress.
- Delays the scheduling of the retransmit until the completion of the
last segment by adding a seg_pending counter. This is essentially the
same as the old behavior, except that the old behavior might retrigger
the sending before all segments are finished if the advertising is
slow.
- Allows the group transmits to stop as soon as all retransmits have
been exhausted, instead of timing out waiting for acks that won't
come. This allows group tx to finish without error.
- Fixes a bug where a failed TX would block IV update.
- Cancels any pending transmissions of acked segments.
- Reduces log level for several common group tx scenarios that aren't
erronous.
Backport of https://github.com/apache/mynewt-nimble/pull/724
Mesh spec 1.0.1 changes proxy disabling behavior to only affect the
relaying from proxy nodes. Previously, disabling proxy would shut down
all proxy and node activity.
Tweaks from the original commit:
- Removed redundant call to bt_mesh_adv_update() in gatt_proxy_set()
- Removed invalid ref to 4.2.11.1 in node_identity_set()
---
According to Mesh Profile Spec 1.0.1, Section 4.2.11:
"If the Proxy feature is disabled, a GATT client device can connect
over GATT to that node for configuration and control. Messages from
the GATT bearer are not relayed to the advertising bearer."
Moreover some notes have been removed from the spec compared to
version 1.0:
Mesh Profile Spec 1.0, Section 4.2.11:
"Upon transition from GATT Proxy state 0x01 to GATT Proxy state 0x00
the GATT Bearer Server shall disconnect all GATT Bearer Clients."
"The Configuration Client should turn off the Proxy state as the last
step in the configuration process."
Mesh Profile Spec 1.0, Section 4.2.11.1:
"When the GATT Proxy state is set to 0x00, the Node Identity state
for all subnets shall be set to 0x00 and shall not be changed."
Until now the choice of reliable sending (segmented messages with
acks) was implicitly dependent on the size of the payload. Add a new
member to the bt_mesh_model_pub to force using segment acks even when
the payload would fit a single unsegmented message.
When PB-GATT support has been enabled the provisioning code "borrows"
the buffer from the proxy code. However, the way that initialization
was happening the proxy buffers were initialized only after
provisioning initialization, resulting in a corrupted buffer with
buf->data pointing to NULL. Reorder the initialization calls so that
proxy is done first and provisioning only after it.
Allow models to skip a periodic publish interval by returning an error
from the publish update callback.
Previously, an error return from publish update would cancel periodic
publishing. This can't be recovered from, and as such, no valid model
implementation could return an error from this callback, and there was
no way to skip a periodic publish.
The function bt_mesh_ctl_send() used to support maximum length of
11 bytes. The segmentation complies with the BLE Mesh Standard.
The ack is disabled in case of non unicast address.
The log in the spi_bus_lock_touch may be annoying. This commit suppress
the log level, and make the log visible only when the device altered.
Resolves https://github.com/espressif/esp-idf/issues/5056
Calloc function tries to allocate 4096 bytes.
If such memory is not available, it returns NULL pointer.
This exception was not handled in the code, causing a dirty crash.
In wifi station example, set PMF(Protected Management Frames)
configuration to capable. Set WPA3 Feature in menuconfig enabled
by default. This will allow device to establish more secured
connection with AP's that support these protocols.
Reduces write cycles, and useful on ESP32 ECO3 as UART_DIS_DL is protected by
the same efuse.
Also fixes accidental macro definition introduced in 7635dce502
esp_mqtt: Change an error print to use ESP_LOGE instead of ESP_LOGI
Move Sending MQTT connect message log from Info to Debug level
docs: Makes clear that publish API could block
Change the message printed after MQTT connection failure
Closes https://github.com/espressif/esp-idf/issues/5077
(by means of referencing commit 615aeae0c2)
Use the configured esp-netif netmask to update the dhcp struct when
starting the server or starting the netif itself.
Use the netmask in dhcps setters and getters.
Previously only mesh node info is supported to be stored
in flash. So when trying to reset the node, we only need
to judge if the BLE_MESH_VALID flag is set.
Currently we support storing both node & Provisioner info
in flash, when trying to erase the node info from flash,
the BLE_MESH_NODE flag will be checked. So we need to set
bt_mesh.flags to 0 when all the erase operations are done.
BSDs and Unices defined some non standardised functions and symbols used
for endianness handling: converting from Little Endian to Big Endian,
converting from Host to a specific representation, converting from a
specific representation to Host.
With this commit, a modified version of those symbols provided by
FreeBSD is imported.
The license of the imported code is still 2-Clause BSD.
Signed-off-by: Francesco Giancane <francesco.giancane@accenture.com>
Closes https://github.com/espressif/esp-idf/pull/4784
Programs and libraries using compiler and system information about
endianness often include the system header `<endian.h>`.
In `xtensa-gcc` compiler with `newlib` distribution, that file is located in
`<machine/endian.h>`; this means that `#include <endian.h>` would fail
at compile time.
This commit fixes the issue by adding a compatibility `<endian.h>`
header which in turn just includes `<machine/endian.h>`.
Signed-off-by: Francesco Giancane <francesco.giancane@accenture.com>
Merges https://github.com/espressif/esp-idf/pull/4784
A 0 length string is still a valid input and should be treated as such, a NULL return should be reserved for when errors occur during line editing or EOF is reached.
Merges https://github.com/espressif/esp-idf/pull/4926
- Adds HID Host support in Buedroid
- Adds BLE HID Host and Device support
- Adds some general HID utilities and definitions to help integrate with other stacks and native USB
* Keep only USB related register operations in the LL.
* Move pad-related logic into the driver.
* Driver is now responsible for enabling the peripheral.
1. fix the bug for softAP update second channel wrong
2. query country code wrong when policy change from manual to auto
3. change wifi_scan_time_t from union to struct
During BLE Mesh Provisioner initialization, the stack will restore
the nodes information if settings storage is enabled.
Previously when a failure happens (e.g. found the same uuid) during
the restore procedure, the information of the following nodes will
not be restored and error will be directly returned.
But this will introduce some problem with user experience, because
some newly provisioned nodes information will not be restored and
Provisioner will not be able to control those nodes.
So we change the operation here, when a failure happens during the
restore procedure, Provisioner will only ignore the information of
the current node and continue restoring other nodes information.
With this change, if a Provisioner has provisioned the maximum
number of nodes, it can still report the unprovisioned device
beacon from other nodes to the application layer. And this will
be more reasonable compared with the previous implementation.
Previously when the node array of Provisioner is full, no beacon
from unprovisioned devices will be reported, only some warning
logs will be given.
Previously only check the node address when it is assigned by the
application layer. Here we also check the address when the address
is allocated internally. And this will be useful when some mesh
internal tests are performed.
Previously the BLE_MESH_MAX_STORED_NODES option is added for
internal mesh test, which will be a little confusing for the
users to understand.
Here we remove this option, instead the BLE_MESH_MAX_PROV_NODES
will be used for all the cases. For mesh internal test, when
the test function is called to add some nodes info, the info
will be stored in the array of provisioned nodes directly.
The replay protection list of Provisioner should be at least equal
to the number of nodes with the precondition that each node contains
only one element.
The help information of replay protection list is updated, and the
maximum number of nodes for Provisioner is adjusted based on the
replay protection list size.
flash_encryption: modify additional efuses burning method to fix them are not being written
flass_encryption: burn efuse to disable boot from RAM space
flash_encryption: added better checking for key generation state plus set read and write protect for them
soc esp32s2: Add register-level bit definitions for read & wrote protect bits
esp32s2: Fixes for flash encryption
- Write efuses in a batch
- Fix some detection of whether existing efuse blocks are read/write protected
flash_enctryption: enabled flash encryption example on esp32s2
bootloader: raise WDT overflow value providing sufficient interval to encrypt app partition
flash_ encrypt: Fixed the TODOs on flash encryption key generation for esp32s2
flash_encryption: added secure boot features to flash enctryption for esp32s2
bootloader: leave only esp32s2 compatible potentially insecure options on menuconfig.
flash_encryption: removed secure boot version 1 from esp32s2 encryption code
flash_encryption: added CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED option for esp32s2
flash_encryption: fixed the count of left plaintext flash
flash_encryption: disable dcache and icache download when using encryption in release mode
flash_encryption: add cache potentally insecure options for s2 chips
flash_encryption: fixed bug which bricked some chips in relase mode
Previously, the test uses region 3 for the illegal access test
(0x60000000 - 0x7fffffff). This caused issues with there being
peripherals located in that memory range. Change to use region 4
(0x8000000 - 0x9fffffff) instead).
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)
If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
`xQueueGenericCreateStatic` is placed into flash by the linker script to
reduce IRAM usage. This will also cause the `xRingbufferCreate` not
not callable when cache is disabled.
The SPI bus lock on SPI1 introduces two side effects:
1. The device lock for the main flash requires the
`CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION` to be selected, however this
option is disabled by default in earlier IDF versions. Some developers
may find their project cannot be built by their old sdkconfig files.
2. Usually we don't need the lock on the SPI1 bus, due to it's
restrictions. However the overhead still exists in this case, the IRAM
cost for static version of semaphore functions, and the time cost when
getting and releasing the lock.
This commit:
1. Add a CONFIG_SPI_FLASH_BYPASS_MAIN_LOCK option, which will forbid the
space cost, as well as the initialization of the main bus lock.
2. When the option is not selected, the bus lock is used, the
`CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION` will be selected explicitly.
3. Revert default value of `CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION`
to `n`.
introduced in 49a48644e4.
Closes https://github.com/espressif/esp-idf/issues/5046
We used to manually specify the CS id. However after the SPI bus lock is
introduced, the lock is responsible to assign the CS lines and provide
the CS id. The esp_flash driver now depends on the ID assigned by the
SPI bus lock, the configuration field is deprecated.
The issue is introduced in 571864e8ae. The
esp_flash API tries to clear the QE bit when the flash is not working in
quad modes.
However this introduces a regression, compared to earlier versions and
the legacy API. When the chip is not detected, the generic chip driver
is used, which cannot 100% handle the QE bit properly for all flash
vendors. There may be some flash chips (e.g. MXIC) that can be used in
dual modes by legacy API, but output wrong data when the esp_flash API
clears the QE bit in a wrong way.
This commit reverts the QE force clearing behavior, so that it's safer
for the generic chip driver to work under dual modes.
For url redirection cases (HTTP status 301/302), internal
transport ssl connection state must be reinitialized for
successful (new) connection on updated url.
Closes https://github.com/espressif/esp-idf/issues/4598
Previous implementation violated the RFC by having both the actual opcode and WS_FIN flag set for all fragments of a message.
Fixed by setting the opcode only for the first fragment and WS_FIN for the last one
Closes IDFGH-2938
Closes https://github.com/espressif/esp-idf/issues/4974
Add files required for DPP feature from upstream.
These file expose the functionality to create DPP packets.
Ported crypto layer from openssl to mbedtls.
Interfacing to use these API will be added in seperate commit
This is a regression from earlier commit related to TLSV12 which used
sha functions that are currently declared static.
Solution: Follow upstream code structure and resolve the errors.