Security: ESP32C3 memory protection feature (IRAM0/DRAM0)

Software support for PMS module. Allows controlled memory access to IRAM (R/W/X) and DRAM0 (R/W) On/locked by default, configurable in Kconfig (esp_system) Closes https://jira.espressif.com:8443/browse/IDF-2092
2026-05-03 19:41:55 +02:00 · 2021-01-04 19:38:10 +01:00
parent d097988608
commit 69096ddce5
24 changed files with 1166 additions and 374 deletions
@@ -29,29 +29,6 @@ menu "ESP32S2-specific"
        default 160 if ESP32S2_DEFAULT_CPU_FREQ_160
        default 240 if ESP32S2_DEFAULT_CPU_FREQ_240

-    menu "Memory protection"
-
-        config ESP32S2_MEMPROT_FEATURE
-            bool "Enable memory protection"
-            default "y"
-            help
-                If enabled, permission control module watches all memory access and fires panic handler
-                if permission violation is detected. This feature automatically splits
-                memory into data and instruction segments and sets Read/Execute permissions
-                for instruction part (below splitting address) and Read/Write permissions
-                for data part (above splitting address). The memory protection is effective
-                on all access through IRAM0 and DRAM0 buses.
-
-        config ESP32S2_MEMPROT_FEATURE_LOCK
-            depends on ESP32S2_MEMPROT_FEATURE
-            bool "Lock memory protection settings"
-            default "y"
-            help
-                Once locked, memory protection settings cannot be changed anymore.
-                The lock is reset only on the chip startup.
-
-    endmenu  # Memory protection
-
    menu "Cache config"

        choice ESP32S2_INSTRUCTION_CACHE_SIZE