Merge branch 'bugfix/psram_enc_workaround' into 'master'

fix(psram): provide boot warning about PSRAM encryption issue on C5/C61

See merge request espressif/esp-idf!40913

components/esp_psram/Kconfig.spiram.common

@@ -69,6 +69,7 @@ choice SPIRAM_USE
         return SPI RAM pointers.
 
     config SPIRAM_USE_MEMMAP
+        depends on IDF_TARGET_ESP32
         bool "Integrate RAM into memory map"
     config SPIRAM_USE_CAPS_ALLOC
         bool "Make RAM allocatable using heap_caps_malloc(..., MALLOC_CAP_SPIRAM)"

components/esp_psram/system_layer/esp_psram.c

@@ -114,6 +114,11 @@ static const DRAM_ATTR char TAG[] = "esp_psram";
 ESP_SYSTEM_INIT_FN(add_psram_to_heap, CORE, BIT(0), 103)
 {
 #if CONFIG_SPIRAM_BOOT_INIT && (CONFIG_SPIRAM_USE_CAPS_ALLOC || CONFIG_SPIRAM_USE_MALLOC)
+
+#if (CONFIG_IDF_TARGET_ESP32C5 && CONFIG_ESP32C5_REV_MIN_FULL <= 100) || (CONFIG_IDF_TARGET_ESP32C61 && CONFIG_ESP32C61_REV_MIN_FULL <= 100)
+    ESP_EARLY_LOGW(TAG, "Due to hardware issue on ESP32-C5/C61 (Rev v1.0), PSRAM contents won't be encrypted (for flash encryption enabled case)");
+    ESP_EARLY_LOGW(TAG, "Please avoid using PSRAM for security sensitive data e.g., TLS stack allocations (CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC)");
+#endif
     if (esp_psram_is_initialized()) {
         esp_err_t r = esp_psram_extram_add_to_heap_allocator();
         if (r != ESP_OK) {
@@ -383,6 +388,10 @@ esp_err_t esp_psram_init(void)
     __attribute__((unused)) uint32_t start_page = 0;
 
 #if CONFIG_SPIRAM_FETCH_INSTRUCTIONS || CONFIG_SPIRAM_RODATA
+#if (CONFIG_IDF_TARGET_ESP32C5 && CONFIG_ESP32C5_REV_MIN_FULL <= 100) || (CONFIG_IDF_TARGET_ESP32C61 && CONFIG_ESP32C61_REV_MIN_FULL <= 100)
+    ESP_EARLY_LOGW(TAG, "Due to hardware issue on ESP32-C5/C61 (Rev v1.0), PSRAM contents won't be encrypted (for flash encryption enabled case)");
+    ESP_EARLY_LOGW(TAG, "Please avoid using PSRAM for execution as the code/rodata shall be copied as plaintext and this could pose a security risk.");
+#endif
     s_xip_psram_placement(&psram_available_size, &start_page);
 #endif
 

components/hal/esp32c5/include/hal/mmu_ll.h

@@ -17,6 +17,7 @@
 #include "hal/mmu_types.h"
 #if SOC_EFUSE_SUPPORTED
 #include "hal/efuse_ll.h"
+#include "hal/efuse_hal.h"
 #endif
 
 
@@ -214,8 +215,11 @@ __attribute__((always_inline)) static inline void mmu_ll_write_entry(uint32_t mm
 {
     uint32_t mmu_raw_value;
     if (mmu_ll_cache_encryption_enabled()) {
+        // For PSRAM case, avoid encryption due to a bug in the hardware
+        if (!(target == MMU_TARGET_PSRAM0 && efuse_hal_chip_revision() <= 100)) {
             mmu_val |= SOC_MMU_SENSITIVE;
         }
+    }
     mmu_val |= (target == MMU_TARGET_FLASH0) ? SOC_MMU_ACCESS_FLASH : SOC_MMU_ACCESS_SPIRAM;
 
     mmu_raw_value = mmu_val | SOC_MMU_VALID;

components/hal/esp32c61/include/hal/mmu_ll.h

@@ -13,6 +13,7 @@
 #include "hal/assert.h"
 #include "hal/mmu_types.h"
 #include "hal/efuse_ll.h"
+#include "hal/efuse_hal.h"
 
 // TODO: [ESP32C61] IDF-9265, inherit from c6
 
@@ -216,8 +217,11 @@ __attribute__((always_inline)) static inline void mmu_ll_write_entry(uint32_t mm
     (void)mmu_id;
     uint32_t mmu_raw_value;
     if (mmu_ll_cache_encryption_enabled()) {
+        // For PSRAM case, avoid encryption due to a bug in the hardware
+        if (!(target == MMU_TARGET_PSRAM0 && efuse_hal_chip_revision() <= 100)) {
             mmu_val |= SOC_MMU_SENSITIVE;
         }
+    }
     mmu_val |= (target == MMU_TARGET_FLASH0) ? SOC_MMU_ACCESS_FLASH : SOC_MMU_ACCESS_SPIRAM;
 
     mmu_raw_value = mmu_val | SOC_MMU_VALID;