Mahavir Jain 1696be719c
crypto: add support for DPA protection configuration in C6/H2
- Technical details covered in section "15.3.2 Anti-DPA Attack Security
Control" chapter of the ESP32-C6 TRM
- Default configuration sets the security level low for the DPA
protection
- This change applies to all the crypto peripherals where the clock
frequency is dynamically adjusted to create randomness in the power
consumption trajectory
- This configuration helps to make the SCA attacks difficult on the
crypto peripherals
2023-06-08 11:09:23 +05:30

279 lines
12 KiB
Plaintext

menu "Hardware Settings"
menu "Chip revision"
# Insert chip-specific HW config
orsource "./port/$IDF_TARGET/Kconfig.hw_support"
config ESP_REV_NEW_CHIP_TEST
bool "Internal test mode"
depends on IDF_CI_BUILD
default n
help
For internal chip testing, a small number of new versions chips didn't
update the version field in eFuse, you can enable this option to force the
software recognize the chip version based on the rev selected in menuconfig.
endmenu
orsource "./port/$IDF_TARGET/Kconfig.spiram"
menu "MAC Config"
config ESP_MAC_ADDR_UNIVERSE_WIFI_STA
bool
config ESP_MAC_ADDR_UNIVERSE_WIFI_AP
bool
config ESP_MAC_ADDR_UNIVERSE_BT
bool
config ESP_MAC_ADDR_UNIVERSE_ETH
bool
config ESP_MAC_ADDR_UNIVERSE_IEEE802154
bool
config ESP_MAC_UNIVERSAL_MAC_ADDRESSES_ONE
bool
config ESP_MAC_UNIVERSAL_MAC_ADDRESSES_TWO
bool
config ESP_MAC_UNIVERSAL_MAC_ADDRESSES_FOUR
bool
# Insert chip-specific MAC config
orsource "./port/$IDF_TARGET/Kconfig.mac"
config ESP_MAC_IGNORE_MAC_CRC_ERROR
bool "Ignore MAC CRC error (not recommended)"
depends on IDF_TARGET_ESP32
default n
help
If you have an invalid MAC CRC (ESP_ERR_INVALID_CRC) problem
and you still want to use this chip, you can enable this option to bypass such an error.
This applies to both MAC_FACTORY and CUSTOM_MAC efuses.
endmenu
menu "Sleep Config"
# This is here since this option affect behavior of esp_light_sleep_start
# regardless of power management configuration.
config ESP_SLEEP_POWER_DOWN_FLASH
bool "Power down flash in light sleep when there is no SPIRAM"
depends on !SPIRAM
default n
help
If enabled, chip will try to power down flash as part of esp_light_sleep_start(), which costs
more time when chip wakes up. Can only be enabled if there is no SPIRAM configured.
This option will power down flash under a strict but relatively safe condition. Also, it is possible to
power down flash under a relaxed condition by using esp_sleep_pd_config() to set ESP_PD_DOMAIN_VDDSDIO
to ESP_PD_OPTION_OFF. It should be noted that there is a risk in powering down flash, you can refer
`ESP-IDF Programming Guide/API Reference/System API/Sleep Modes/Power-down of Flash` for more details.
config ESP_SLEEP_RTC_BUS_ISO_WORKAROUND
bool
default y if IDF_TARGET_ESP32 || IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32S3
config ESP_SLEEP_GPIO_RESET_WORKAROUND
bool "light sleep GPIO reset workaround"
default y if IDF_TARGET_ESP32C2 || IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S3 || IDF_TARGET_ESP32C6
select PM_SLP_DISABLE_GPIO if FREERTOS_USE_TICKLESS_IDLE
help
esp32c2, esp32c3 and esp32s3 will reset at wake-up if GPIO is received a small electrostatic
pulse during light sleep, with specific condition
- GPIO needs to be configured as input-mode only
- The pin receives a small electrostatic pulse, and reset occurs when the pulse
voltage is higher than 6 V
For GPIO set to input mode only, it is not a good practice to leave it open/floating,
The hardware design needs to controlled it with determined supply or ground voltage
is necessary.
This option provides a software workaround for this issue. Configure to isolate all
GPIO pins in sleep state.
config ESP_SLEEP_PSRAM_LEAKAGE_WORKAROUND
bool "PSRAM leakage current workaround in light sleep"
depends on SPIRAM
default y
help
When the CS pin of SPIRAM is not pulled up, the sleep current will
increase during light sleep. If the CS pin of SPIRAM has an external
pull-up, you do not need to select this option, otherwise, you
should enable this option.
config ESP_SLEEP_FLASH_LEAKAGE_WORKAROUND
bool "Flash leakage current workaround in light sleep"
depends on !APP_BUILD_TYPE_PURE_RAM_APP
default y
help
When the CS pin of Flash is not pulled up, the sleep current will
increase during light sleep. If the CS pin of Flash has an external
pull-up, you do not need to select this option, otherwise, you
should enable this option.
config ESP_SLEEP_MSPI_NEED_ALL_IO_PU
bool "All pins of mspi need pull up"
depends on ESP_SLEEP_PSRAM_LEAKAGE_WORKAROUND || ESP_SLEEP_FLASH_LEAKAGE_WORKAROUND
default y if IDF_TARGET_ESP32C2 || IDF_TARGET_ESP32S3
help
To reduce leakage current, some types of SPI Flash/RAM only need to pull up the CS pin
during light sleep. But there are also some kinds of SPI Flash/RAM that need to pull up
all pins. It depends on the SPI Flash/RAM chip used.
config ESP_SLEEP_DEEP_SLEEP_WAKEUP_DELAY
int "Extra delay in deep sleep wake stub (in us)"
depends on IDF_TARGET_ESP32 || IDF_TARGET_ESP32S3
default 2000
range 0 5000
help
When the chip exits deep sleep, the CPU and the flash chip are powered on
at the same time. CPU will run deep sleep stub first, and then
proceed to load code from flash. Some flash chips need sufficient
time to pass between power on and first read operation. By default,
without any extra delay, this time is approximately 900us, although
some flash chip types need more than that.
By default extra delay is set to 2000us. When optimizing startup time
for applications which require it, this value may be reduced.
If you are seeing "flash read err, 1000" message printed to the
console after deep sleep reset, try increasing this value.
endmenu
menu "ESP_SLEEP_WORKAROUND"
# No visible menu/configs for workaround
visible if 0
config ESP_SLEEP_SYSTIMER_STALL_WORKAROUND
bool "ESP32C3 SYSTIMER Stall Issue Workaround"
depends on IDF_TARGET_ESP32C3
help
Its not able to stall ESP32C3 systimer in sleep.
To fix related RTOS TICK issue, select it to disable related systimer during sleep.
TODO: IDF-7036
endmenu
menu "RTC Clock Config"
orsource "./port/$IDF_TARGET/Kconfig.rtc"
endmenu
menu "Peripheral Control"
config PERIPH_CTRL_FUNC_IN_IRAM
bool "Place peripheral control functions into IRAM"
default n
help
Place peripheral control functions (e.g. periph_module_reset) into IRAM,
so that these functions can be IRAM-safe and able to be called in the other IRAM interrupt context.
endmenu
menu "ETM Configuration"
depends on SOC_ETM_SUPPORTED
config ETM_ENABLE_DEBUG_LOG
bool "Enable debug log"
default n
help
Wether to enable the debug log message for ETM core driver.
Note that, this option only controls the ETM related driver log, won't affect other drivers.
endmenu # ETM Configuration
menu "GDMA Configuration"
depends on SOC_GDMA_SUPPORTED
config GDMA_CTRL_FUNC_IN_IRAM
bool "Place GDMA control functions into IRAM"
default n
help
Place GDMA control functions (like start/stop/append/reset) into IRAM,
so that these functions can be IRAM-safe and able to be called in the other IRAM interrupt context.
Enabling this option can improve driver performance as well.
config GDMA_ISR_IRAM_SAFE
bool "GDMA ISR IRAM-Safe"
default n
help
This will ensure the GDMA interrupt handler is IRAM-Safe, allow to avoid flash
cache misses, and also be able to run whilst the cache is disabled.
(e.g. SPI Flash write).
endmenu # GDMA Configuration
menu "Main XTAL Config"
choice XTAL_FREQ_SEL
prompt "Main XTAL frequency"
default XTAL_FREQ_40 if SOC_XTAL_SUPPORT_40M
help
This option selects the operating frequency of the XTAL (crystal) clock used to drive the ESP target.
The selected value MUST reflect the frequency of the given hardware.
Note: The XTAL_FREQ_AUTO option allows the ESP target to automatically estimating XTAL clock's
operating frequency. However, this feature is only supported on the ESP32. The ESP32 uses the
internal 8MHZ as a reference when estimating. Due to the internal oscillator's frequency being
temperature dependent, usage of the XTAL_FREQ_AUTO is not recommended in applications that operate
in high ambient temperatures or use high-temperature qualified chips and modules.
config XTAL_FREQ_24
depends on SOC_XTAL_SUPPORT_24M
bool "24 MHz"
config XTAL_FREQ_26
depends on SOC_XTAL_SUPPORT_26M
bool "26 MHz"
config XTAL_FREQ_32
depends on SOC_XTAL_SUPPORT_32M
bool "32 MHz"
config XTAL_FREQ_40
depends on SOC_XTAL_SUPPORT_40M
bool "40 MHz"
config XTAL_FREQ_AUTO
depends on SOC_XTAL_SUPPORT_AUTO_DETECT
bool "Autodetect"
endchoice
# rtc_xtal_freq_t enum in soc/rtc.h lists the XTAL frequencies can be supported
# SOC_XTAL_SUPPORT_XXX in soc_caps.h lists the XTAL frequencies already supported
config XTAL_FREQ
int
default 24 if XTAL_FREQ_24
default 26 if XTAL_FREQ_26
default 32 if XTAL_FREQ_32
default 40 if XTAL_FREQ_40
default 0 if XTAL_FREQ_AUTO
endmenu
menu "Crypto DPA Protection"
depends on SOC_CRYPTO_DPA_PROTECTION_SUPPORTED
config ESP_CRYPTO_DPA_PROTECTION_AT_STARTUP
bool "Enable crypto DPA protection at startup"
default y
help
This config controls the DPA (Differential Power Analysis) protection
knob for the crypto peripherals. DPA protection dynamically adjusts the
clock frequency of the crypto peripheral. DPA protection helps to make it
difficult to perform SCA attacks on the crypto peripherals. However,
there is also associated performance impact based on the security level
set. Please refer to the TRM for more details.
choice ESP_CRYPTO_DPA_PROTECTION_LEVEL
prompt "DPA protection level"
depends on ESP_CRYPTO_DPA_PROTECTION_AT_STARTUP
default ESP_CRYPTO_DPA_PROTECTION_LEVEL_LOW
help
Configure the DPA protection security level
config ESP_CRYPTO_DPA_PROTECTION_LEVEL_LOW
bool "Security level low"
config ESP_CRYPTO_DPA_PROTECTION_LEVEL_MEDIUM
bool "Security level medium"
config ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH
bool "Security level high"
endchoice
config ESP_CRYPTO_DPA_PROTECTION_LEVEL
int
default 1 if ESP_CRYPTO_DPA_PROTECTION_LEVEL_LOW
default 2 if ESP_CRYPTO_DPA_PROTECTION_LEVEL_MEDIUM
default 3 if ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH
endmenu
endmenu