This change addresses a rare but critical issue observed on certain
ESP32-C3 and ESP32-S3 devices, where secure boot verification
intermittently fails due to improper cleanup of crypto peripherals
during a restart.
Background – Restart Behavior in IDF
------------------------------------
In ESP-IDF, when the device restarts (via `esp_restart()` or due to a
panic/exception), a partial peripheral reset is performed followed by a
CPU reset. However, until now, crypto-related peripherals were not
included in this selective reset sequence.
Problem Scenario
----------------
If a restart occurs while the application is in the middle of a bignum
operation (i.e., using the MPI/Bignum peripheral), the ROM code may
encounter an inconsistent peripheral state during the subsequent boot.
This leads to transient RSA-PSS secure boot verification failures.
Following such a failure, the ROM typically triggers a full-chip reset
via the watchdog timer (WDT). This full reset clears the crypto
peripheral state, allowing secure boot verification to succeed on the
next boot.
Risk with Aggressive Revocation
-------------------------------
If secure boot aggressive revocation is enabled (disabled by default in
IDF), this transient verification failure could mistakenly lead to
revocation of the secure boot digest.
If your product configuration has aggressive revocation enabled,
applying this fix is strongly recommended.
Frequency of Occurrence
-----------------------
The issue is rare and only occurs in corner cases involving
simultaneous use of the MPI peripheral and an immediate CPU reset.
Fix
---
This fix ensures that all crypto peripherals are explicitly reset prior
to any software-triggered restart (including panic scenarios),
guaranteeing a clean peripheral state for the next boot and preventing
incorrect secure boot behavior.
The test create build folder in current directory which
in this case is defined by (test_app_copy).
It also creates sdkconfig file in cmake source directory, which
is defined as $IDF_PATH/examples/build_system/cmake/idf_as_lib
The fixtures ensures proper cleanup even when test fails.
Disabling all the protocomm security versions give empty enum value build
error.
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
Note - Disabling the protocomm security 0 by default
431ee5c058 has changed the way ldgen works by introducing the
recursive lookup of component libraries reachable from the executable.
The implementation incorrectly queried LINK_LIBRARIES instead of the
INTERFACE_LINK_LIBRARIES property for INTERFACE targets.
This commit fixes an issue where the FreeRTOS kernel does not account
for the pended ticks occuring during automatic light-sleep mode and
hence causing a jump in the tick count at a later stage in the
application lifetime.
Closes: https://github.com/espressif/esp-idf/issues/15642
Due to ci/pytest-mark-formatter(branch) fix, while executing the main
function from the pytest, it gives error for the incorrect idf_path.
This commit ensure that, idf_path is fixed correctly.
