From 980ac9bcf5a4e2c66a12a741e7f566e5255c1a5e Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Fri, 31 May 2024 21:59:54 +0530 Subject: [PATCH 1/3] fix(soc): Fix ESP32-C5's rom mask high and subsystem high memory addresses --- .../esp_hw_support/port/esp32c5/cpu_region_protect.c | 10 +++++----- components/soc/esp32c5/include/soc/soc.h | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/components/esp_hw_support/port/esp32c5/cpu_region_protect.c b/components/esp_hw_support/port/esp32c5/cpu_region_protect.c index fb9c2053f5..2936e59d47 100644 --- a/components/esp_hw_support/port/esp32c5/cpu_region_protect.c +++ b/components/esp_hw_support/port/esp32c5/cpu_region_protect.c @@ -31,10 +31,10 @@ static void esp_cpu_configure_invalid_regions(void) __attribute__((unused)) const unsigned PMA_RWX = PMA_L | PMA_EN | PMA_R | PMA_W | PMA_X; // 1. Gap at bottom of address space - PMA_ENTRY_SET_TOR(0, SOC_DEBUG_LOW, PMA_TOR | PMA_NONE); + PMA_ENTRY_SET_TOR(0, SOC_CPU_SUBSYSTEM_LOW, PMA_TOR | PMA_NONE); // 2. Gap between debug region & IROM - PMA_ENTRY_SET_TOR(1, SOC_DEBUG_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(1, SOC_CPU_SUBSYSTEM_HIGH, PMA_NONE); PMA_ENTRY_SET_TOR(2, SOC_IROM_MASK_LOW, PMA_TOR | PMA_NONE); // 3. Gap between ROM & RAM @@ -66,7 +66,7 @@ void esp_cpu_configure_region_protection(void) // Configure just the area around 0x0 for now so that we at least get exceptions for // writes/reads to NULL pointers, as well as code that relies on writes to 0x0 // to abort/assert - PMA_ENTRY_SET_NAPOT(1, 0, SOC_DEBUG_LOW, PMA_NAPOT | PMA_EN); + PMA_ENTRY_SET_NAPOT(1, 0, SOC_CPU_SUBSYSTEM_LOW, PMA_NAPOT | PMA_EN); return; /* Notes on implementation: @@ -120,9 +120,9 @@ void esp_cpu_configure_region_protection(void) // // 1. Debug region - const uint32_t pmpaddr0 = PMPADDR_NAPOT(SOC_DEBUG_LOW, SOC_DEBUG_HIGH); + const uint32_t pmpaddr0 = PMPADDR_NAPOT(SOC_CPU_SUBSYSTEM_LOW, SOC_CPU_SUBSYSTEM_HIGH); PMP_ENTRY_SET(0, pmpaddr0, PMP_NAPOT | RWX); - _Static_assert(SOC_DEBUG_LOW < SOC_DEBUG_HIGH, "Invalid CPU debug region"); + _Static_assert(SOC_CPU_SUBSYSTEM_LOW < SOC_CPU_SUBSYSTEM_HIGH, "Invalid CPU debug region"); // 2.1 I-ROM PMP_ENTRY_SET(1, SOC_IROM_MASK_LOW, NONE); diff --git a/components/soc/esp32c5/include/soc/soc.h b/components/soc/esp32c5/include/soc/soc.h index 8185b1fccc..7f4536f0d8 100644 --- a/components/soc/esp32c5/include/soc/soc.h +++ b/components/soc/esp32c5/include/soc/soc.h @@ -154,9 +154,9 @@ #define SOC_DROM_LOW SOC_IROM_LOW #define SOC_DROM_HIGH SOC_IROM_HIGH #define SOC_IROM_MASK_LOW 0x40000000 -#define SOC_IROM_MASK_HIGH 0x40040000 +#define SOC_IROM_MASK_HIGH 0x40050000 #define SOC_DROM_MASK_LOW 0x40000000 -#define SOC_DROM_MASK_HIGH 0x40040000 +#define SOC_DROM_MASK_HIGH 0x40050000 #define SOC_IRAM_LOW 0x40800000 #define SOC_IRAM_HIGH 0x40860000 #define SOC_DRAM_LOW 0x40800000 @@ -198,9 +198,9 @@ #define SOC_PERIPHERAL_LOW 0x60000000 #define SOC_PERIPHERAL_HIGH 0x60100000 -// Debug region, not used by software -#define SOC_DEBUG_LOW 0x20000000 -#define SOC_DEBUG_HIGH 0x28000000 +// CPU sub-system region, contains interrupt config registers +#define SOC_CPU_SUBSYSTEM_LOW 0x20000000 +#define SOC_CPU_SUBSYSTEM_HIGH 0x30000000 // Start (highest address) of ROM boot stack, only relevant during early boot #define SOC_ROM_STACK_START 0x4085e9a0 From 84afc6a9557bd630886635a1ab965ccf828a7fbe Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Fri, 31 May 2024 22:31:57 +0530 Subject: [PATCH 2/3] feat(esp_hw_support): Support memory protection using PMA and PMP for ESP32-C5 --- components/bootloader/Kconfig.projbuild | 2 + .../bootloader_support/src/bootloader_mem.c | 2 +- .../port/esp32c5/cpu_region_protect.c | 144 +++++++++--------- .../esp_system/ld/esp32c5/sections.ld.in | 6 + .../esp32c5/include/soc/Kconfig.soc_caps.in | 4 + components/soc/esp32c5/include/soc/soc_caps.h | 1 + 6 files changed, 86 insertions(+), 73 deletions(-) diff --git a/components/bootloader/Kconfig.projbuild b/components/bootloader/Kconfig.projbuild index ca817d0c6a..3e094cfc78 100644 --- a/components/bootloader/Kconfig.projbuild +++ b/components/bootloader/Kconfig.projbuild @@ -248,6 +248,8 @@ menu "Bootloader config" Protects the unmapped memory regions of the entire address space from unintended accesses. This will ensure that an exception will be triggered whenever the CPU performs a memory operation on unmapped regions of the address space. + NOTE: Disabling this config on some targets (ESP32-C6, ESP32-H2, ESP32-C5) would not generate + an exception when reading from or writing to 0x0. config BOOTLOADER_WDT_ENABLE bool "Use RTC watchdog in start code" diff --git a/components/bootloader_support/src/bootloader_mem.c b/components/bootloader_support/src/bootloader_mem.c index d9f8466a1c..4edfa82526 100644 --- a/components/bootloader_support/src/bootloader_mem.c +++ b/components/bootloader_support/src/bootloader_mem.c @@ -47,6 +47,6 @@ void bootloader_init_mem(void) #ifdef CONFIG_BOOTLOADER_REGION_PROTECTION_ENABLE // protect memory region - esp_cpu_configure_region_protection(); // TODO: [ESP32C5] IDF-8833 PSRAM support write + esp_cpu_configure_region_protection(); #endif } diff --git a/components/esp_hw_support/port/esp32c5/cpu_region_protect.c b/components/esp_hw_support/port/esp32c5/cpu_region_protect.c index 2936e59d47..e0a9873588 100644 --- a/components/esp_hw_support/port/esp32c5/cpu_region_protect.c +++ b/components/esp_hw_support/port/esp32c5/cpu_region_protect.c @@ -23,6 +23,9 @@ #define CONDITIONAL_RWX RWX #endif +#define ALIGN_UP_TO_MMU_PAGE_SIZE(addr) (((addr) + (SOC_MMU_PAGE_SIZE) - 1) & ~((SOC_MMU_PAGE_SIZE) - 1)) +#define ALIGN_DOWN_TO_MMU_PAGE_SIZE(addr) ((addr) & ~((SOC_MMU_PAGE_SIZE) - 1)) + static void esp_cpu_configure_invalid_regions(void) { const unsigned PMA_NONE = PMA_L | PMA_EN; @@ -30,50 +33,50 @@ static void esp_cpu_configure_invalid_regions(void) __attribute__((unused)) const unsigned PMA_RX = PMA_L | PMA_EN | PMA_R | PMA_X; __attribute__((unused)) const unsigned PMA_RWX = PMA_L | PMA_EN | PMA_R | PMA_W | PMA_X; - // 1. Gap at bottom of address space - PMA_ENTRY_SET_TOR(0, SOC_CPU_SUBSYSTEM_LOW, PMA_TOR | PMA_NONE); + // 0. Gap at bottom of address space + PMA_ENTRY_SET_NAPOT(0, 0, SOC_CPU_SUBSYSTEM_LOW, PMA_NAPOT | PMA_NONE); - // 2. Gap between debug region & IROM + // 1. Gap between debug region & IROM PMA_ENTRY_SET_TOR(1, SOC_CPU_SUBSYSTEM_HIGH, PMA_NONE); PMA_ENTRY_SET_TOR(2, SOC_IROM_MASK_LOW, PMA_TOR | PMA_NONE); + // 2. ROM has configured the ROM region to be cacheable, so we just need to lock the configuration + PMA_ENTRY_SET_TOR(3, SOC_IROM_MASK_LOW, PMA_NONE); + PMA_ENTRY_SET_TOR(4, SOC_DROM_MASK_HIGH, PMA_TOR | PMA_RX); + // 3. Gap between ROM & RAM - PMA_ENTRY_SET_TOR(3, SOC_DROM_MASK_HIGH, PMA_NONE); - PMA_ENTRY_SET_TOR(4, SOC_IRAM_LOW, PMA_TOR | PMA_NONE); + PMA_ENTRY_SET_TOR(5, SOC_DROM_MASK_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(6, SOC_IRAM_LOW, PMA_TOR | PMA_NONE); // 4. Gap between DRAM and I_Cache - PMA_ENTRY_SET_TOR(5, SOC_IRAM_HIGH, PMA_NONE); - PMA_ENTRY_SET_TOR(6, SOC_IROM_LOW, PMA_TOR | PMA_NONE); + PMA_ENTRY_SET_TOR(7, SOC_IRAM_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(8, SOC_IROM_LOW, PMA_TOR | PMA_NONE); - // 5. Gap between D_Cache & LP_RAM - PMA_ENTRY_SET_TOR(7, SOC_DROM_HIGH, PMA_NONE); - PMA_ENTRY_SET_TOR(8, SOC_RTC_IRAM_LOW, PMA_TOR | PMA_NONE); + // 5. ROM has configured the MSPI region with RX permission, we should add W attribute for psram and lock the configuration + // This function sets invalid regions but this is a valid memory region configuration that could have + // been configured using PMP as well, but due to insufficient PMP entries we are configuring this using PMA. + PMA_ENTRY_SET_NAPOT(9, SOC_IROM_LOW, (SOC_IROM_HIGH - SOC_IROM_LOW), PMA_NAPOT | PMA_RWX); - // 6. Gap between LP memory & peripheral addresses - PMA_ENTRY_SET_TOR(9, SOC_RTC_IRAM_HIGH, PMA_NONE); - PMA_ENTRY_SET_TOR(10, SOC_PERIPHERAL_LOW, PMA_TOR | PMA_NONE); + // 6. Gap between D_Cache & LP_RAM + PMA_ENTRY_SET_TOR(10, SOC_DROM_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(11, SOC_RTC_IRAM_LOW, PMA_TOR | PMA_NONE); - // 7. End of address space - PMA_ENTRY_SET_TOR(11, SOC_PERIPHERAL_HIGH, PMA_NONE); - PMA_ENTRY_SET_TOR(12, UINT32_MAX, PMA_TOR | PMA_NONE); + // 7. Gap between LP memory & peripheral addresses + PMA_ENTRY_SET_TOR(12, SOC_RTC_IRAM_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(13, SOC_PERIPHERAL_LOW, PMA_TOR | PMA_NONE); + + // 8. End of address space + PMA_ENTRY_SET_TOR(14, SOC_PERIPHERAL_HIGH, PMA_NONE); + PMA_ENTRY_SET_TOR(15, UINT32_MAX, PMA_TOR | PMA_NONE); } void esp_cpu_configure_region_protection(void) { - // ROM has configured the MSPI region with RX permission, we should add W attribute for psram - PMA_ENTRY_SET_NAPOT(0, SOC_IROM_LOW, (SOC_IROM_HIGH - SOC_IROM_LOW), PMA_NAPOT | PMA_EN | PMA_R | PMA_W | PMA_X); - - // Configure just the area around 0x0 for now so that we at least get exceptions for - // writes/reads to NULL pointers, as well as code that relies on writes to 0x0 - // to abort/assert - PMA_ENTRY_SET_NAPOT(1, 0, SOC_CPU_SUBSYSTEM_LOW, PMA_NAPOT | PMA_EN); - - return; /* Notes on implementation: * - * 1) Note: ESP32-C6 CPU doesn't support overlapping PMP regions + * 1) Note: ESP32-C5 CPU support overlapping PMP regions // TODO: verify this statement? * - * 2) ESP32-C6 supports 16 PMA regions so we use this feature to block all the invalid address ranges + * 2) ESP32-C5 supports 16 PMA regions so we use this feature to block all the invalid address ranges * * 3) We use combination of NAPOT (Naturally Aligned Power Of Two) and TOR (top of range) * entries to map all the valid address space, bottom to top. This leaves us with some extra PMP entries @@ -105,10 +108,10 @@ void esp_cpu_configure_region_protection(void) * We also lock these entries so the R/W/X permissions are enforced even for machine mode */ const unsigned NONE = PMP_L; - const unsigned R = PMP_L | PMP_R; - const unsigned RW = PMP_L | PMP_R | PMP_W; - const unsigned RX = PMP_L | PMP_R | PMP_X; - const unsigned RWX = PMP_L | PMP_R | PMP_W | PMP_X; + __attribute__((unused)) const unsigned R = PMP_L | PMP_R; + __attribute__((unused)) const unsigned RW = PMP_L | PMP_R | PMP_W; + __attribute__((unused)) const unsigned RX = PMP_L | PMP_R | PMP_X; + __attribute__((unused)) const unsigned RWX = PMP_L | PMP_R | PMP_W | PMP_X; // // Configure all the invalid address regions using PMA @@ -119,36 +122,27 @@ void esp_cpu_configure_region_protection(void) // Configure all the valid address regions using PMP // - // 1. Debug region + // 1. CPU Subsystem region - contains interrupt config registers const uint32_t pmpaddr0 = PMPADDR_NAPOT(SOC_CPU_SUBSYSTEM_LOW, SOC_CPU_SUBSYSTEM_HIGH); PMP_ENTRY_SET(0, pmpaddr0, PMP_NAPOT | RWX); - _Static_assert(SOC_CPU_SUBSYSTEM_LOW < SOC_CPU_SUBSYSTEM_HIGH, "Invalid CPU debug region"); + _Static_assert(SOC_CPU_SUBSYSTEM_LOW < SOC_CPU_SUBSYSTEM_HIGH, "Invalid CPU subsystem region"); - // 2.1 I-ROM + // 2. I/D-ROM PMP_ENTRY_SET(1, SOC_IROM_MASK_LOW, NONE); PMP_ENTRY_SET(2, SOC_IROM_MASK_HIGH, PMP_TOR | RX); - _Static_assert(SOC_IROM_MASK_LOW < SOC_IROM_MASK_HIGH, "Invalid I-ROM region"); - - // 2.2 D-ROM - PMP_ENTRY_SET(3, SOC_DROM_MASK_LOW, NONE); - PMP_ENTRY_SET(4, SOC_DROM_MASK_HIGH, PMP_TOR | R); - _Static_assert(SOC_DROM_MASK_LOW < SOC_DROM_MASK_HIGH, "Invalid D-ROM region"); + _Static_assert(SOC_IROM_MASK_LOW < SOC_IROM_MASK_HIGH, "Invalid I/D-ROM region"); + // 3. IRAM and DRAM if (esp_cpu_dbgr_is_attached()) { // Anti-FI check that cpu is really in ocd mode ESP_FAULT_ASSERT(esp_cpu_dbgr_is_attached()); - // 5. IRAM and DRAM - // const uint32_t pmpaddr5 = PMPADDR_NAPOT(SOC_IRAM_LOW, SOC_IRAM_HIGH); - // PMP_ENTRY_SET(5, pmpaddr5, PMP_NAPOT | RWX); - // _Static_assert(SOC_IRAM_LOW < SOC_IRAM_HIGH, "Invalid RAM region"); PMP_ENTRY_SET(5, SOC_IRAM_LOW, NONE); PMP_ENTRY_SET(6, SOC_IRAM_HIGH, PMP_TOR | RWX); _Static_assert(SOC_IRAM_LOW < SOC_IRAM_HIGH, "Invalid RAM region"); } else { #if CONFIG_ESP_SYSTEM_PMP_IDRAM_SPLIT && !BOOTLOADER_BUILD extern int _iram_end; - // 5. IRAM and DRAM /* Reset the corresponding PMP config because PMP_ENTRY_SET only sets the given bits * Bootloader might have given extra permissions and those won't be cleared */ @@ -159,55 +153,61 @@ void esp_cpu_configure_region_protection(void) PMP_ENTRY_SET(6, (int)&_iram_end, PMP_TOR | RX); PMP_ENTRY_SET(7, SOC_DRAM_HIGH, PMP_TOR | RW); #else - // 5. IRAM and DRAM - // const uint32_t pmpaddr5 = PMPADDR_NAPOT(SOC_IRAM_LOW, SOC_IRAM_HIGH); - // PMP_ENTRY_SET(5, pmpaddr5, PMP_NAPOT | CONDITIONAL_RWX); - // _Static_assert(SOC_IRAM_LOW < SOC_IRAM_HIGH, "Invalid RAM region"); - PMP_ENTRY_SET(5, SOC_IRAM_LOW, NONE); - PMP_ENTRY_SET(6, SOC_IRAM_HIGH, PMP_TOR | RWX); + PMP_ENTRY_SET(5, SOC_IRAM_LOW, CONDITIONAL_NONE); + PMP_ENTRY_SET(6, SOC_IRAM_HIGH, PMP_TOR | CONDITIONAL_RWX); _Static_assert(SOC_IRAM_LOW < SOC_IRAM_HIGH, "Invalid RAM region"); #endif } - // 4. I_Cache (flash) + // 4. I_Cache / D_Cache (flash) +#if CONFIG_ESP_SYSTEM_PMP_IDRAM_SPLIT && !BOOTLOADER_BUILD + extern int _instruction_reserved_end; + extern int _rodata_reserved_end; + + const uint32_t irom_resv_end = ALIGN_UP_TO_MMU_PAGE_SIZE((uint32_t)(&_instruction_reserved_end)); + const uint32_t drom_resv_end = ALIGN_UP_TO_MMU_PAGE_SIZE((uint32_t)(&_rodata_reserved_end)); + + PMP_ENTRY_CFG_RESET(8); + PMP_ENTRY_CFG_RESET(9); + PMP_ENTRY_CFG_RESET(10); + PMP_ENTRY_SET(8, SOC_IROM_LOW, NONE); + PMP_ENTRY_SET(9, irom_resv_end, PMP_TOR | RX); + PMP_ENTRY_SET(10, drom_resv_end, PMP_TOR | R); +#else const uint32_t pmpaddr8 = PMPADDR_NAPOT(SOC_IROM_LOW, SOC_IROM_HIGH); - PMP_ENTRY_SET(8, pmpaddr8, PMP_NAPOT | RX); - _Static_assert(SOC_IROM_LOW < SOC_IROM_HIGH, "Invalid I_Cache region"); + // Add the W attribute in the case of PSRAM + PMP_ENTRY_SET(8, pmpaddr8, PMP_NAPOT | CONDITIONAL_RWX); + _Static_assert(SOC_IROM_LOW < SOC_IROM_HIGH, "Invalid I/D_Cache region"); +#endif - // 5. D_Cache (flash) - const uint32_t pmpaddr9 = PMPADDR_NAPOT(SOC_DROM_LOW, SOC_DROM_HIGH); - PMP_ENTRY_SET(9, pmpaddr9, PMP_NAPOT | R); - _Static_assert(SOC_DROM_LOW < SOC_DROM_HIGH, "Invalid D_Cache region"); - - // 6. LP memory + // 5. LP memory #if CONFIG_ESP_SYSTEM_PMP_IDRAM_SPLIT && !BOOTLOADER_BUILD extern int _rtc_text_end; /* Reset the corresponding PMP config because PMP_ENTRY_SET only sets the given bits * Bootloader might have given extra permissions and those won't be cleared */ - PMP_ENTRY_CFG_RESET(10); PMP_ENTRY_CFG_RESET(11); PMP_ENTRY_CFG_RESET(12); PMP_ENTRY_CFG_RESET(13); - PMP_ENTRY_SET(10, SOC_RTC_IRAM_LOW, NONE); + PMP_ENTRY_CFG_RESET(14); + PMP_ENTRY_SET(11, SOC_RTC_IRAM_LOW, NONE); #if CONFIG_ULP_COPROC_RESERVE_MEM // First part of LP mem is reserved for coprocessor - PMP_ENTRY_SET(11, SOC_RTC_IRAM_LOW + CONFIG_ULP_COPROC_RESERVE_MEM, PMP_TOR | RW); + PMP_ENTRY_SET(12, SOC_RTC_IRAM_LOW + CONFIG_ULP_COPROC_RESERVE_MEM, PMP_TOR | RW); #else // CONFIG_ULP_COPROC_RESERVE_MEM // Repeat same previous entry, to ensure next entry has correct base address (TOR) - PMP_ENTRY_SET(11, SOC_RTC_IRAM_LOW, NONE); + PMP_ENTRY_SET(12, SOC_RTC_IRAM_LOW, NONE); #endif // !CONFIG_ULP_COPROC_RESERVE_MEM - PMP_ENTRY_SET(12, (int)&_rtc_text_end, PMP_TOR | RX); - PMP_ENTRY_SET(13, SOC_RTC_IRAM_HIGH, PMP_TOR | RW); + PMP_ENTRY_SET(13, (int)&_rtc_text_end, PMP_TOR | RX); + PMP_ENTRY_SET(14, SOC_RTC_IRAM_HIGH, PMP_TOR | RW); #else - const uint32_t pmpaddr10 = PMPADDR_NAPOT(SOC_RTC_IRAM_LOW, SOC_RTC_IRAM_HIGH); - PMP_ENTRY_SET(10, pmpaddr10, PMP_NAPOT | CONDITIONAL_RWX); + const uint32_t pmpaddr11 = PMPADDR_NAPOT(SOC_RTC_IRAM_LOW, SOC_RTC_IRAM_HIGH); + PMP_ENTRY_SET(11, pmpaddr11, PMP_NAPOT | CONDITIONAL_RWX); _Static_assert(SOC_RTC_IRAM_LOW < SOC_RTC_IRAM_HIGH, "Invalid RTC IRAM region"); #endif - - // 7. Peripheral addresses - const uint32_t pmpaddr14 = PMPADDR_NAPOT(SOC_PERIPHERAL_LOW, SOC_PERIPHERAL_HIGH); - PMP_ENTRY_SET(14, pmpaddr14, PMP_NAPOT | RW); + // 6. Peripheral addresses + const uint32_t pmpaddr15 = PMPADDR_NAPOT(SOC_PERIPHERAL_LOW, SOC_PERIPHERAL_HIGH); + PMP_ENTRY_SET(15, pmpaddr15, PMP_NAPOT | RW); _Static_assert(SOC_PERIPHERAL_LOW < SOC_PERIPHERAL_HIGH, "Invalid peripheral region"); } diff --git a/components/esp_system/ld/esp32c5/sections.ld.in b/components/esp_system/ld/esp32c5/sections.ld.in index 54673f7a82..4059d97d36 100644 --- a/components/esp_system/ld/esp32c5/sections.ld.in +++ b/components/esp_system/ld/esp32c5/sections.ld.in @@ -27,6 +27,9 @@ SECTIONS *rtc_wake_stub*.*(.text .text.*) *(.rtc_text_end_test) + /* Align the end of RTC code region as per PMP granularity */ + . = ALIGN(_esp_pmp_align_size); + _rtc_text_end = ABSOLUTE(.); } > lp_ram_seg @@ -166,6 +169,9 @@ SECTIONS /* Marks the end of IRAM code segment */ .iram0.text_end (NOLOAD) : { + /* Align the end of code region as per PMP region granularity */ + . = ALIGN(_esp_pmp_align_size); + ALIGNED_SYMBOL(4, _iram_text_end) } > sram_seg diff --git a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in index a9d6abc8e6..027e0d7e1f 100644 --- a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in @@ -235,6 +235,10 @@ config SOC_CPU_IDRAM_SPLIT_USING_PMP bool default y +config SOC_CPU_PMP_REGION_GRANULARITY + int + default 128 + config SOC_DS_SIGNATURE_MAX_BIT_LEN int default 3072 diff --git a/components/soc/esp32c5/include/soc/soc_caps.h b/components/soc/esp32c5/include/soc/soc_caps.h index 155000b197..07d38f623f 100644 --- a/components/soc/esp32c5/include/soc/soc_caps.h +++ b/components/soc/esp32c5/include/soc/soc_caps.h @@ -154,6 +154,7 @@ #define SOC_CPU_HAS_PMA 1 #define SOC_CPU_IDRAM_SPLIT_USING_PMP 1 +#define SOC_CPU_PMP_REGION_GRANULARITY 128 /*-------------------------- DIGITAL SIGNATURE CAPS ----------------------------------------*/ /** The maximum length of a Digital Signature in bits. */ From bd4e48d0d92c0fab34d12b81a00c619153c9b2bc Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Wed, 19 Jun 2024 17:36:14 +0530 Subject: [PATCH 3/3] feat(cpu): Configure panic exception generation using asm illegal instruction --- components/esp_system/panic.c | 9 ++++++--- tools/test_apps/system/panic/pytest_panic.py | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/components/esp_system/panic.c b/components/esp_system/panic.c index 20851d554c..4abdac0437 100644 --- a/components/esp_system/panic.c +++ b/components/esp_system/panic.c @@ -461,9 +461,12 @@ void IRAM_ATTR __attribute__((noreturn, no_sanitize_undefined)) panic_abort(cons #endif #endif - ESP_COMPILER_DIAGNOSTIC_PUSH_IGNORE("-Wanalyzer-null-dereference") - *((volatile int *) 0) = 0; // NOLINT(clang-analyzer-core.NullDereference) should be an invalid operation on targets - ESP_COMPILER_DIAGNOSTIC_POP("-Wanalyzer-null-dereference") +#ifdef __XTENSA__ + asm("ill"); // should be an invalid operation on xtensa targets +#elif __riscv + asm("unimp"); // should be an invalid operation on RISC-V targets +#endif + while (1); } diff --git a/tools/test_apps/system/panic/pytest_panic.py b/tools/test_apps/system/panic/pytest_panic.py index a5269a0c6e..3339147b20 100644 --- a/tools/test_apps/system/panic/pytest_panic.py +++ b/tools/test_apps/system/panic/pytest_panic.py @@ -1050,9 +1050,9 @@ def _test_coredump_summary(dut: PanicTestDut, flash_encrypted: bool, coredump_en dut.expect_elf_sha256('App ELF file SHA256: ') dut.expect_exact('Crashed task: main') if dut.is_xtensa: - dut.expect_exact('Exception cause: 29') + dut.expect_exact('Exception cause: 0') else: - dut.expect_exact('Exception cause: 7') + dut.expect_exact('Exception cause: 2') dut.expect(PANIC_ABORT_PREFIX + r'assert failed:[\s\w()]*?\s[.\w/]*\.(?:c|cpp|h|hpp):\d.*$')