Some additional checks related to secure version of the application in
anti-rollback case have been added to avoid any attempts to boot lower
security version but valid application (e.g., passive partition image).
- Read secure_version under sha256 protection
- First check has been added in the bootloader to ensure correct secure
version after application verification and loading stage. This check
happens before setting up the flash cache mapping and handling over
the final control to application. This check ensures that application
was not swapped (e.g., to lower security version but valid image) just
before the load stage in bootloader.
- Second check has been added in the application startup code to ensure
that currently booting app has higher security version than the one
programmed in the eFuse for anti-rollback scenario. This will ensure
that only the legit application boots-up on the device for
anti-rollback case.
* Using -std=gnu++2b now for both gcc and clang as clang
does not recognize gnu++23 yet
* Added a build test app to check the C++ standard in IDF
* Updated english docs to reflect the change to C++23
Changed rv_utils_intr_edge_ack and esp_cpu_intr_edge_ack to
take uint32_t instead of int to avoid build errors.
The test is to test in particular that __builtin_ffsll, used in
xt_utils.h, which is included via esp_cpu.h, compiles fine
in C++20 with -Wsign-conversion enabled.
Closes https://github.com/espressif/esp-idf/pull/10895
esp_execute_shared_stack_function always restored the stack watchpoint
regardless of CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK. This would lead
to an abondoned but active watchpoint on a former stack once the task
calling esp_execute_shared_stack_function is deleted, if
CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK is inactive.
This has been fixed now.
Closes https://github.com/espressif/esp-idf/issues/10414
- Add support for esp32s2, esp32c3 and esp32c2 for the `memprot`-related tests
- Preliminary support for esp32s3 has also been added,
the test app will be enabled for esp32s3 later when
the memprot-related issues are fixed.
- Override panic handler to dump the violation intr status
- Dump the `memprot` violation registers before calling the
real panic handler
- Handle `Illegal Instruction` exception in case of memprot permission violation
* In esp32c3 with `memprot` enabled, if we try to execute arbitrary code
from RTC_FAST_MEM we get an `Illegal Instruction` exception from the panic
handler rather than a `Memory Protection Fault`.
* This is because the Illegal Instruction interrupt occurs earlier than the
memory protection interrupt due to a higher interrupt latency.
- Added minor improvements to `panic` test app
* Replaced existing API to disable flash cache which did not disabled cache always
(`esp_flash_default_chip->os_func->start(esp_flash_default_chip->os_func_data)`)
with `spi_flash_enable_interrupts_caches_and_other_cpu`
* Included some required headers explicitly (`esp_memory_utils.h` and `esp_heap_caps.h`)
