1. If the root is specified (FIXED-ROOT) by set type or set parent, change ie.mesh_type to MESH_ROOT before connect to router.
2. Release esp_mesh_recv_toDS when the root becomes non-root.
3. esp_mesh_set_type now supports MESH_IDLE and MESH_STA.
4. Fix ie.rc_rssi is not updated during scan and vote.
5. Fix ie.mesh_type do not match ie.layer caused by parent switch.
6. Fix during root switch, the original root doesn't disconnect from the router after it receives the switch request from the new voted root. (root switch happens by invoking esp_mesh_waive_root).
7. Fix the routing announce timer is not stopped immediately in a new root if the new root is transformed from non-root.
8. Choose the candidate with less ie.assoc when doing parent switch.
Also remove some redundant CONFIG_BLE_MESH_PROXY checks, because
when the following options are satisfied, the CONFIG_BLE_MESH_PROXY
option will be selected mandatorily.
- Before updating the "beacon_sent" of a subnet, we need to check
if the subnet still exists, especially for a Provisioner.
- Fix a bug which will cause Provisioner failed to send Secure
Network Beacon if no device is provisioned
ctx values to cb_params for the mesh stack.
recv_rssi was not copied.
This means the rssi could not be read when receiving generic server messages using ble_mesh.
Prevent a remote device from doing a Bluetooth Impersonation Attack
(BIAS) by:
- Preventing remote device to downgrade secure connection
feature mask. Secure connection feature mask should remain same or
increase to enabled in link key generation and authentication.
- Doing a mutual authentication during Legacy Authentication.
Move the TAG definition of each example to the corresponding
source file (previously it is defined in the common example
intialization header file), which can avoid the redefinition
of TAG in some situations.
- This issue was introduced in the commit: a788e7cd3d
which updated the bt_hex() function incorrectly.
- And in bt_hex(), we use 2 for the two-dimensional array, because currently
at most two bt_hex() will be used at the same time. Also this will save
some DRAM compared with using 4.
When using DPort to read fifo, fifo_cnt is not credible, we need to calculate the real cnt based on the fifo read and write pointer. When using AHB to read FIFO, we can use fifo_cnt to indicate the data length in fifo.
Some AP's keep NULL-padding at the end of some variable length WPS
Attributes. This is not as par the WPS2.0 specs, but to avoid interop
issues, ignore the padding by reducing the attribute length by 1.
Previously the model recv operation is a littl fuzzy.
With the changes, the model recv operation is splitted into:
- find op
- check app_idx
- check dst
- check length
- update info & handle message
The transport segmented TX nack and seg_pending fields must be at least
6 bits to avoid overflow for 32 segment messages. This change rearranges
the seg_tx fields to gather all state flag fields in one byte, while
making the counter fields whole bytes.
Ensures that friend messages are enqueued, even if the packet is
received with an appkey is unknown to the friend. Previously, sdu_recv
would return EINVAL if the appkey was unknown, which would prevent the
lower transport layer from adding the packet to the friend queue. This
is irrelevant for the logic in lower transport, and should not be
returned as an error.
Previous implementation violated the RFC by having both the actual opcode and WS_FIN flag set for all fragments of a message.
Fixed by setting the opcode only for the first fragment and WS_FIN for the last one
Closes IDFGH-2938
Closes https://github.com/espressif/esp-idf/issues/4974
Since the scripts of CI will bypass components when trying
to get EXAMPLE_PATHS, and these BLE Mesh components will
only be used by other mesh examples, i.e. no need to be
compiled as a single example, so we rename the folder
to componnets.
Device name will be reset when deinit mesh stack. If not
initializing device name during the next mesh stack init,
it will fail to set the device name when using bluedroid.
Since bt_mesh_friend_init() will only be invoked when
a device is provisioned or Provisioner is enabled, so
we add a flag to indicate if the friend functionality
is initialized in case deinit before initialization.
1. fix the bug for softAP update second channel wrong
2. change wifi_scan_time_t from union to struct
3. query country code wrong when policy change from manual to auto
4. fix the crash issue when fetch peer after delete the cur_peer
5. fix the timeout issue of EAPOL four-way handshake
Old version of BLE Mesh has no device role storage, because
previously we only support storing mesh node info.
If the binary of the node is upgraded from old version to a
new version (support storing provisioner info), the mesh info
of the node will not be restored because mesh role does not
exist in the flash.
- Remove the extra #include "bt_common.h" in mesh_timer.c
- Compared with the latest idf, idf3.3 defines BIT(nr) in
the "soc/soc.h" without the pre-condition "#ifndef BIT",
which will cause compile warning when using mesh. So we
include the header file "soc/soc.h" in "mesh_util.h",
which can bypass the definition of "BIT" in "mesh_util.h"
when compiling.
When using fast provisioning, the Provisioner functionality
will be enabled. Unicast addresses within the pre-allocated
range will be used for provisioning nodes. And during the
address assignment, the allocated unicast address will be
checked that if it's duplicated with other nodes addresses
and the Provisioner's own addresses.
So before starting using fast provisioning, we need to update
the Provisioner address.
Since the behavior of sending segmented messages has been
changed properly, the calculation of timeout value which
will be used when sending an acknowledged message by a
client model also needs to be updated.
Add mutex to protect some variables of the mesh segmented
messages.
Currently the timeout handler of mesh will be executed in
the btc task, while the received mesh messages will be
handled in the btu task. In case some variables are set to
NULL when handled in the btu task, meanwhile these variables
are also accessed in the timeout handler, so we add mutex to
protect these variables and related operations.
The publication context is checked for NULL in bt_mesh_model_publish()
however it was dereferenced before that. Move the assignment to
ctx.send_rel to the same place where other ctx members are set.
Split mesh_util.h into mesh_byteorder.h, mesh_compiler.h,
mesh_ffs.h and mesh_util.h based on the classification of
Zephyr, which will make further porting more clear.
The Friend queue uses the message SeqAuth to determine whether the
message is already in the queue. To facilitate this, the SeqAuth is
passed around as a pointer throughout the transport modules. In the
bt_mesh_ctl_send functions, this parameter is also exposed in the API,
but the internal usage is inconsistent and buggy. Also, no one actually
uses this parameter.
- Removes seq_auth param from bt_mesh_ctl_send, instead passing NULL
directly to the friend module, to enforce its addition to the queue.
- Makes the seq_auth pointer const throughout the friend module.
Changes the behavior of the message cache to optimize for cache
capacity. Previously, the message cache's primary function was to avoid
decrypting messages multiple times, although the cache's main function
in the spec is to avoid message rebroadcasting. Optimizing for minimal
decryption causes us to fill the network cache faster, which in turn
causes more cache misses, potentially outweighing the advantage.
Now stores src + seq in message cache instead of field hash value. This
cuts cache size in two, while including more of the sequence number than
before.
Adds messages to the cache only after the packet is successfully
decrypted. This reduces noise in the cache, and ensures that no
invalid deobfuscations are added.
Additionally, this fixes a bug where multiple calls to net_decrypt with
the same packet failed, as the message cache found its own entry from
the previous call.
Implements several changes to the transport layer segmented tx to
improve group message performance:
- Moves retransmit counter to tx context instead of per packet. As every
unacked packet is sent every retransmit, the retransmit counters would
be the same in each segment. This makes it easier to control progress.
- Delays the scheduling of the retransmit until the completion of the
last segment by adding a seg_pending counter. This is essentially the
same as the old behavior, except that the old behavior might retrigger
the sending before all segments are finished if the advertising is
slow.
- Allows the group transmits to stop as soon as all retransmits have
been exhausted, instead of timing out waiting for acks that won't
come. This allows group tx to finish without error.
- Fixes a bug where a failed TX would block IV update.
- Cancels any pending transmissions of acked segments.
- Reduces log level for several common group tx scenarios that aren't
erronous.
Backport of https://github.com/apache/mynewt-nimble/pull/724
Mesh spec 1.0.1 changes proxy disabling behavior to only affect the
relaying from proxy nodes. Previously, disabling proxy would shut down
all proxy and node activity.
Tweaks from the original commit:
- Removed redundant call to bt_mesh_adv_update() in gatt_proxy_set()
- Removed invalid ref to 4.2.11.1 in node_identity_set()
---
According to Mesh Profile Spec 1.0.1, Section 4.2.11:
"If the Proxy feature is disabled, a GATT client device can connect
over GATT to that node for configuration and control. Messages from
the GATT bearer are not relayed to the advertising bearer."
Moreover some notes have been removed from the spec compared to
version 1.0:
Mesh Profile Spec 1.0, Section 4.2.11:
"Upon transition from GATT Proxy state 0x01 to GATT Proxy state 0x00
the GATT Bearer Server shall disconnect all GATT Bearer Clients."
"The Configuration Client should turn off the Proxy state as the last
step in the configuration process."
Mesh Profile Spec 1.0, Section 4.2.11.1:
"When the GATT Proxy state is set to 0x00, the Node Identity state
for all subnets shall be set to 0x00 and shall not be changed."
Until now the choice of reliable sending (segmented messages with
acks) was implicitly dependent on the size of the payload. Add a new
member to the bt_mesh_model_pub to force using segment acks even when
the payload would fit a single unsegmented message.
When PB-GATT support has been enabled the provisioning code "borrows"
the buffer from the proxy code. However, the way that initialization
was happening the proxy buffers were initialized only after
provisioning initialization, resulting in a corrupted buffer with
buf->data pointing to NULL. Reorder the initialization calls so that
proxy is done first and provisioning only after it.
Allow models to skip a periodic publish interval by returning an error
from the publish update callback.
Previously, an error return from publish update would cancel periodic
publishing. This can't be recovered from, and as such, no valid model
implementation could return an error from this callback, and there was
no way to skip a periodic publish.
The function bt_mesh_ctl_send() used to support maximum length of
11 bytes. The segmentation complies with the BLE Mesh Standard.
The ack is disabled in case of non unicast address.
When fast provisioning is enabled, Provisioner shall not
ignore messages from the nodes whose addresses are not in
the provisioning database. Because other nodes which are
not provisioned by the Primary Provisioner will send node
address messages to the Primary Provisioner.
This MR imposes some determinism in the mapping rule order in the output
file. For each section, the archives are arranged alphabetically
(ascending), and the mapping rules in each archive are arranged by
increasing specificity then alphabetically (ascending). The default
rules remain the very first rule for each section.
Previously only mesh node info is supported to be stored
in flash. So when trying to reset the node, we only need
to judge if the BLE_MESH_VALID flag is set.
Currently we support storing both node & Provisioner info
in flash, when trying to erase the node info from flash,
the BLE_MESH_NODE flag will be checked. So we need to set
bt_mesh.flags to 0 when all the erase operations are done.
It was observed that after sending credentials, if the first
Wi-Fi conection attempt fails, the Wi-Fi provisioning managager
ignores subsequent Wi-Fi events. So, even if the device eventually
connects to the AP, the provisioning stays on indefinitely.
Changing a check so that subsequent events are also captured and
provisioning finishes successfully.
esp_mqtt_abort_connection: Fixed an issue which could result in a race condition and subsequent crash
esp_mqtt: Change an error print to use ESP_LOGE instead of ESP_LOGI
Move Sending MQTT connect message log from Info to Debug level
docs: Makes clear that publish API could block
Change the message printed after MQTT connection failure
During BLE Mesh Provisioner initialization, the stack will restore
the nodes information if settings storage is enabled.
Previously when a failure happens (e.g. found the same uuid) during
the restore procedure, the information of the following nodes will
not be restored and error will be directly returned.
But this will introduce some problem with user experience, because
some newly provisioned nodes information will not be restored and
Provisioner will not be able to control those nodes.
So we change the operation here, when a failure happens during the
restore procedure, Provisioner will only ignore the information of
the current node and continue restoring other nodes information.
With this change, if a Provisioner has provisioned the maximum
number of nodes, it can still report the unprovisioned device
beacon from other nodes to the application layer. And this will
be more reasonable compared with the previous implementation.
Previously when the node array of Provisioner is full, no beacon
from unprovisioned devices will be reported, only some warning
logs will be given.
Previously only check the node address when it is assigned by the
application layer. Here we also check the address when the address
is allocated internally. And this will be useful when some mesh
internal tests are performed.
Previously the BLE_MESH_MAX_STORED_NODES option is added for
internal mesh test, which will be a little confusing for the
users to understand.
Here we remove this option, instead the BLE_MESH_MAX_PROV_NODES
will be used for all the cases. For mesh internal test, when
the test function is called to add some nodes info, the info
will be stored in the array of provisioned nodes directly.
The replay protection list of Provisioner should be at least equal
to the number of nodes with the precondition that each node contains
only one element.
The help information of replay protection list is updated, and the
maximum number of nodes for Provisioner is adjusted based on the
replay protection list size.
Fixes an issue with Python 3 in MSYS where it fails while trying to join
paths where one part is Unicode (default string on Python3) and the
second part are bytes (returned by the subprocess call).
Closes https://github.com/espressif/esp-idf/issues/5189
Using the ble mesh white list test functions, a node can choose to
only receive mesh messages from a specific node and relay the
messages for it. Messages from other nodes will be ignored.
Commit fc03161f updated esp_ota_get_app_elf_sha256 to store and return
X number of bytes of the hash, but the test case still expected 64 bytes.
Updated test case to use CONFIG value for expected length.
1. add enable PSRAM 2T mode function
2. abort when himem and 2T mode are enabled meanwhile
3. set SPIRAM_2T_MODE as "n" by default, enable it when needed
transport_ws can now be read multiple times in a row to read frames larger than the buffer.
Added reporting of total payload length and offset to the user in websocket_client.
Added local example test for long messages.
Closes IDF-1083
Backport following Wifi fixes:
1. Optimize WiFi sleep in WiFi/BT coexist mode
I> If any data TX/RX in WiFi slice, force wakeup next TBTT
II> Increase active timeout to coex TBTT to avoid sleep in WiFi slice
2. Fix esp_wifi_stop() crash
esp_wifi_stop() crashes if it's called when WiFi is not initialized.
3. Fix WiFi log print level
4. Return fails if AP's configuring AP channel is out of range
5. esp_wifi_sta_get_ap_info() returns actual values of group ciphers
Problem:
mbedtls_ctr_drbg_context was initialized in crypto_ec_point_mul. This
was okay in releases before 2.16.4 as entropy_len used to get set to
MBEDTLS_CTR_DRBG_ENTROPY_LEN in function mbedtls_ctr_drbg_seed. The
function is now changed to set the length to
MBEDTLS_CTR_DRBG_ENTROPY_LEN if previous length is 0 and hence the bug.
Solution:
Initialize mbedtls_ctr_drbg_context in crypto_ec_point_mul.
Wifi_provisioning: Change service_uuid to non standard 128 bit UUID and add retries in test script (backport v3.3)
See merge request espressif/esp-idf!8164
Fixes an issue where build fails if the build directory is a symlink.
The issue is caused by the rule target and the final executable dependency
not matching.
Closes https://github.com/espressif/esp-idf/issues/3626
When a handler instance is the last one in the list und unregisters
itself, the handler iterator will be invalidated by entering free'd
memory. Same applies for event base and id, if they become empty.
Merges https://github.com/espressif/esp-idf/pull/4139
getc, getchar, putc, putchar were defined both as functions and as
macros. The macro versions are not thread safe, and should not be used
in multithreaded applications.
Upstream fix: b0f271d1db
The NimBLE host buffers that consume a significant amount of memory are
now allocated dynamically.
The advantage is that, the memory can be reclaimed in cases where BLE
is turned off and not required for the current boot cycle
- Add menuconfig option for NimBLE host flow control
- Include changes in `blecent` example from upstream PR!702
- add ble_hs_lock in ble_gap_unpair Upstream PR!584
- ble_hs_hci_rx_evt, upstream PR!738
1. Add wifi stop check at wifi deinit entry.
2. Add TX packets size check.
3. Reduce wifi bin size.
4. Fix the bug for setting channel when wifi in NULL mode.
5. Place the Vendor Specific element at the end according to the protocol.
6. Coex adjust scheme when bt is in connnected status.
The global interrupts will be disabled before taking current
time for scheduling further bluetooth events. Earlier disabling
interrupts was taking some time because of which WiFi events were
interrupting in current bluetooth scheduling.
Also fixes ble crash issue triggered by ble event irq miss (0x20000).
1. The fault signal 3 for unit 2 is corrected to the right value
2. Now `mcpwm_fault_set_oneshot_mode` will clear the status before, no
need to reset the peripheral.
3. The capture feature relies on the prescaler, but it's only
initialized in the mcpwm_init funciton, which is used to initialize a
PWM channel. This means, the capture may not work correctly if no PWM
channel is enabled.
Now the prescaler is also updated when `mcpwm_capture_enable` is
called.
Fix an error of mesh deinit lock.
Fix mesh send returns TIMEOUT.
Increase root window close time to 120s.
Clear ie.child when the child connected or fully associated.
Update rc_rssi when roots direct/forward.
ix assoc in mesh ie wrong.
Mesh packets use AC_VI instead of AC_BE.
this issue is mainly exposed when using larger (4096) client key in TLS mutual auth,
since it uses multiplications > 2048 when mbedtls_mpi_mul_mpi is used in recursion,
which works only if both operands point to different location than result since
mpi_mult_mpi_overlong() called mbedtls_mpi_grow() to reallocate buffers used in previous
pointer arithmetics and thus corrupting it. Fixed by growing the mpi buffer before
calling mpi_mult_mpi_overlong()
components/esp_wifi: improve coexistence performance according to specific WiFi/BT/BLE scienario (Backport v3.3)
See merge request espressif/esp-idf!7410
1. Improve WiFi throughput in some Classic BT scienarios(idle, inquire scan,
connected, sniff, a2dp pause, etc).
2. Support WiFi + Classic BT + BLE mesh coexistence scienario.
3. Improve WiFi scan and connect succeed ratio in coexistence scienario.
4. Do not support to choose software coexistence preference anymore for it is
determined according to coexistence scienario automatically.
components/lwip: increase TCP send buffer and receive window limitation when TCP window scale is enabled
components/ble_mesh: Fix some bugs about ble mesh
1. fix send acl pkt after ble have sent terminate ind modify min adv interval to 10ms.
1. BLE Mesh Core
* Provisioning: Node Role
* PB-ADV and PB-GATT
* Authentication OOB
* Provisioning: Provisioner Role
* PB-ADV and PB-GATT
* Authentication OOB
* Networking
* Relay
* Segmentation and Reassembly
* Key Refresh
* IV Update
* Proxy Support
* Multiple Client Models Run Simultaneously
* Support multiple client models send packets to different nodes simultaneously
* No blocking between client model and server
* NVS Storage
* Store BLE Mesh node related information in flash
* Store BLE Mesh Provisioner related information in flash
2. BLE Mesh Models
* Foundation Models
* Configuration Server Model
* Configuration Client Model
* Health Server Model
* Health Client Model
* Generic
* Generic OnOff Server
* Generic OnOff Client
* Generic Level Server
* Generic Level Client
* Generic Default Transition Time Server
* Generic Default Transition Time Client
* Generic Power OnOff Server
* Generic Power OnOff Setup Server
* Generic Power OnOff Client
* Generic Power Level Server
* Generic Power Level Setup Server
* Generic Power Level Client
* Generic Battery Server
* Generic Battery Client
* Generic Location Server
* Generic Location Setup Server
* Generic Location Client
* Generic Admin Property Server
* Generic Manufacturer Property Server
* Generic User Property Server
* Generic Client Property Server
* Generic Property Client
* Sensor Server Model
* Sensor Server
* Sensor Setup Server
* Sensor Client
* Time and Scenes
* Time Server
* Time Setup Server
* Time Client
* Scene Server
* Scene Setup Server
* Scene Client
* Scheduler Server
* Scheduler Setup Server
* Scheduler Client
* Lighting
* Light Lightness Server
* Light Lightness Setup Server
* Light Lightness Client
* Light CTL Server
* Light CTL Setup Server
* Light CTL Client
* Light CTL Temperature Server
* Light HSL Server
* Light HSL Setup Server
* Light HSL Client
* Light HSL Hue Server
* Light HSL Saturation Server
* Light xyL Server
* Light xyL Setup Server
* Light xyL Client
* Light LC Server
* Light LC Setup Server
* Light LC Client
3. BLE Mesh Applications
* BLE Mesh Node
* OnOff Client Example
* OnOff Server Example
* BLE Mesh Provisioner
* Example
* Fast Provisioning
* Vendor Fast Prov Server Model
* Vendor Fast Prov Client Model
* Examples
* Wi-Fi & BLE Mesh Coexistence
* Example
* BLE Mesh Console Commands
* Examples
Even if frame->exccause != PANIC_RSN_CACHEERR, it is possible that
the cache error interrupt status is set. For example, this may happen
due to an invalid cache access in the panic handler itself.
Check cache error interrupt status instead of frame->exccause to
decide whether to do CPU reset or digital reset.
Also remove unnecessary esp_dport_access_int_pause from
esp_cache_err_get_cpuid, since the panic handler already calls
esp_dport_access_int_abort on entry.
implemented workaround in idf_monitor for known usbser.sys bug which
causes changes in RTS signal to only be sent if DTR signal also changes.
Works by forcing a dummy change in DTR signal (re-assigning its current
value, as it has previously been done in the flashing tool)
Closes https://github.com/espressif/esp-idf/pull/4676
Fix A2DP stuck when BLE's interval is too small
Bugfix that bluetooth controller may not be able to enter sleep after end of wake up request
Fix LMP sniff req timeout
components/esp_https_ota: Changes in public requirement list for CMake and esp_ota_ops.h is included in esp_https_ota.c
bootloader_support is added in public requirements of CMake
bootloader_common.h is included in esp_https_ota.h
Closes https://github.com/espressif/esp-idf/issues/4198
Closes IDFGH-2066
Current implimentation of esp_http_ota does not perform any error-checking in the data writing phase calls `esp_ota_get_next_update_partition()` irrespetive of the received state of the image. A few additional error checking mechanism have now been added inside the esp_https_ota which returns the control in case an invalid header is received and a wrapper to the function `esp_http_client_is_complete_data_received()` of `esp_http_client` has been added.
While downloading OTA firmware, if their is a Origin Respnse Timeout or the binary is only partially downloaded, OTA failure is observed. Checking binary size can also be helpful for simple http client applications.
Closes https://github.com/espressif/esp-idf/issues/3004
If an application wants to use webserver, instead of creating another
webserver instance, the wifi provisioning manager can re-use the same.
The webserver handle can be passed using this new API.
Signed-off-by: Piyush Shah <piyush@espressif.com>
Regression introduced in commit 79e74e5d5f
It is possible that some FreeRTOS APIs are invoked prior to
scheduler start condition (e.g. flash initialization in unicore mode).
In that condition these asserts should not trigger (scheduler state being yet to be started),
hence changes per this fix.
This commit fixes thread safety issues with configASSERT() calls
regarding the value of uxSchedulerSuspended. A false negative
occurs if a context switch to the opposite core occurs in between
the getting the core ID and the assesment.
Closes https://github.com/espressif/esp-idf/issues/4230
Latest versions of apt-get don't install as much packages by default
as older ones. This fix adds some missing packages discovered for an OS
derived from the latest stable Debian. These packages exist for older
Debian derivatives as well (tested with Ubuntu 16.04 LTS).
Closes https://github.com/espressif/esp-idf/issues/4480
Fixes an issue where if idf_build_process is called in a CMake
subdirectory, menuconfig looks for the mconf-idf binary in the wrong
place (in the subdirectory build dir instead of root binary dir).
arg1 = MAX(int64_t arg1, uint64_t arg2) gave the wrong result, if arg1 < 0, it was presented as a larger value.
And ALARM_REG = (uin32_t)arg1. This leads to an infinite loop.
Fixed: both args are int64_t.
Closes: WIFI-1511
1. Fix WiFi scan leads to poor performance of Bluetooth.
2. Improve WiFi connect success ratio when coexist with Bluetooth.
3. Check if WiFi is still connected when CSA or beacon timeout happen.
4. add coex pre init
These features are not supported in the CMake build system preview, but previously
had to read the notice in the CMake Getting Started guide to know this.
Related to https://github.com/espressif/esp-idf/issues/4419
Sometimes, libphy.a call phy_enter_critical() to protect accessing critical sections, such like
operating on I2C, but it may not effect when both the CPU core call it. It may cause accessing
I2C blocking and cannot recover by esp_restart(), until do HW reboot.
1. revision defined in bot message
2. branch name (or tag name) of current IDF
3. CI_MERGE_REQUEST_TARGET_BRANCH_NAME
4. branch name parsed from `git describe`
5. default branch
The workaround for PSRAM that will occupy an SPI bus is enabled only when:
1. used on 32MBit ver 0 PSRAM.
2. work at 80MHz.
The test used to only check 32MBit by the config option, but for PSRAM
on Wrover-B module seems to use a newer version of 32MBit PSRAM. So it
expects the workaround to be enabled, but actually not.
This commit split the unit test into two parts:
1. check all SPI buses are available, for all configs except psram_hspi
and psram_vspi, run on regular runners (including Wrover and Wrover-B).
a hidden option is enabled so that the compiler knows it's not building
psram_hspi or psram_vspi.
2. check the specified bus are acquired, for config psram_hspi and
psram_vspi. This only run on special runner (legacy Wrover module).
Some APs incorrectly advertize newer WPS2.0 config method bits
without setting bits for the corresponding older methods. This
results in failures during 8-way handshake. Add a workaround to
relax this check so that WPS handshake can proceed.
The MQTT broker URL used as default in the examples has ceased operation. All examples and documention have been updated to point to the new domain mqtt.eclipse.org.
This also required an update of the python example test scripts to use TLS 1.2
1. Fix high beacon and broadcast packets loss ratio of WiFi to make
MDNS test pass.
2. Improve stability of WiFi performance with a little
sacrifice of throughput.
3. Improve BLE advertising and connection performance with dynamic
priority. It sacrifices a little WiFi throughput, but achieves balance
between WiFi and Bluetooth.
4. fix bug bb reset lock flag to avoid bb reset lock unhandle
5. fix bug wifi reset mac cause task watch dog timeout
6. fix bug wifi reset mac position
1. Since BLE full-scan feature for BLE mesh change the controller code cause this problem,
it cause coex semaphore take in "interrupt disable", then it may cause task schedule
and cause crash in freertos
2. Fix newlib lock ISR context and critical section check
3. Fix bt controller ISR context and critical section check
This commit fixes multiple bugs caused by incorrect calls to
can_enter_reset_mode() and can_exit_reset_mode. Example test
scripts also updated to match new runners.
Basically, in the portability layer, it is checked if the socket is
NON-block, and if not, then even the EAGAIN and EWOULDBLOCK errors are
diverted to a RECV error. This causes a problem for sockets with
receive timeouts set. When such a timeout is set, the condition for
NON_BLOCK isn't met and hence a hard error is returned.
Searching for EAGAIN and EWOULDBLOCK in lwip returns only 3 results
(accept, recvfrom, close) and all of them look to be genuine cases for
EWOULDBLOCK. So removing this check to make receive timeout with TLS
work.
Includes all the latest NimBLE stack changes from idf-v4.0 with few idf-v3.3
specific modifications.
- Addition of nimble component as submodule (`nimble-1.1.0-idf-v3.3`), contains
IDF v3.3 specific minor changes.
- Example applications are identical to idf-v4.0
- Modification in `bt/Kconfig` to accommodate NimBLE as a BT host.
Fix following WiFi bugs:
1. Fix the bug that wpa2 enterprise sta can connect open AP
2. Fix TKIP/CCMP PN replay attack detection bug
3. Increase buffer number type from uint8_t to uint16_t to support more than 255 buffers
4. Avoid recalculating PMK if esp_wifi_set_config() is not called
5. Fix the bug that scan done leads to crash because of uint8 overflow
6. Fix 5.5M signal test bug
ICY URIs e.g `http://uk1.internet-radio.com/proxy/vombat?mp=/;` need to
be handled differently.
For basic use case, these URIs are similar to HTTP with exception that they reply with `ICY 200` etc in place of `HTTP/1.1 200`.
In http_parser, we now also parse ICY URIs to be able to handle these similar to HTTP.
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
incorrect set of the MB_EVENT_COILS_WR event is changed while read coils in mbcontroller.c file
added read/write handling for appropriate registers in freemodbus.c example file
Closes https://github.com/espressif/esp-idf/issues/3289
Bugfixes:
- Fix http url redirection issue
- Fix basic/digest auth issue with http url
Features:
- Add support for adding custom http header
- Add support for reading firmware image header
- Add support for monitoring upgrade status
- This requires breaking down esp_https_ota API such that it allows finer application level control
- For simpler use-cases previous API is still supported
Closes https://github.com/espressif/esp-idf/issues/3218
Closes https://github.com/espressif/esp-idf/issues/2921
There was existing support for adding authorization info in esp_http_client
but it was functional only while using `esp_http_client_perform` API. This commit just moves
existing authorization addition logic into publicly exposed API.
Acquires PM_APB_FREQ_MAX lock when carrying any transaction on I2S if
Power Management Framework is enabled.
Signed-off-by: Sachin Parekh <sachin.parekh@espressif.com>
Acquires PM_APB_FREQ_MAX lock when carrying any transaction on I2C if
Power Management Framework is enabled.
Signed-off-by: Sachin Parekh <sachin.parekh@espressif.com>
Currently, the only way of exiting the idf_monitor program is to hit the CTRL+] button, if your keyboard doesn't have that key unless you hit another modifier key, it's not super trivial to exit.
This change adds the option to exit with CTRL+T (for menu) then hitting X (or CTRL+X) for exiting.
Closes https://github.com/espressif/esp-idf/pull/4167
Closes https://github.com/espressif/esp-idf/issues/4129
1. add kconfig help for GPIO0 output mode
2. fix a bug when select gpio0 output mode and initialize psram
3. make default config to official development board
4. fix wrong LAN8720 register index
Previous version read all data to the buffer including header which reduced maximum payload read. This version uses a local array to receive header and reads payload bytes to the buffer
cherry-picked from db121a56e1
1.Fix the bug that WiFi stop leads to task watchdog(526c6956)
2.Fix the WiFi init sequence bug
3.Fix smartconfig ipc crash
4.Put g_promis_buf to IRAM
5.esp_wifi_set_channel should return error when sniffer is not enabled
6.fix the bug when set WEP authmode or wrong authmode, there is no error return
7.fix the bug that STA parse authmode wrong when AP sets WPA_WPA2_PSK mode
8.fix the bug that wrong error code and wrong event when there is an auto AP in multi-ssid case
- Backport(v3.3) of IDF MR!6122
- Modifies `smp_utils.c` to add check on encryption key size received from
peer.
- Modifies `esp_ble_gap_set_security_param` API to add minimum encryption key
size requirement.
Remove xtensa/xruntime.h
Fix sending Lmp_feature_req_ext in a loop
Fix 2 bugs in r_ld_fm_sket_isr
fix data loss and send same pkt twice sometimes
fix adv data error in air sometimes
fix adv start/stop crash sometimes
Fix connect fail with some speakers
clear BT/BLE interruots after controller disable
add sco_data_path to be set in sdkconfig and do not reset the value upon HCI reset command
1. modify the limit of frames to send to avoid dropping packet on A2DP source due to TX data queue overflow
2. reduce the A2DP source data queue size in order to achieve faster control respnonse
l: Try to allocate some L memories in SPIRAM first. If failed, try to allocate in internal RAM then.(Backport v3.3)
See merge request espressif/esp-idf!5671
Reported in https://github.com/espressif/esp-idf/issues/3299
If a config item contains a reserved filename in Windows like _CON_ then an invalid
directory is created.
We don't rely on this feature all, so disable it.
This MR is intended to fix incorrect parsing of HTTP requests when empty header values are present.
The issue is was due to asymmetric behavior of `http_parser` library, which in case of:
non-empty header values : invokes callbacks with the pointer to the start of a value
empty header values : invokes callbacks with pointer to the start of next header or section
Since HTTP server relies on this pointer (along with length of the value) to locate the end of a value, and replace the line terminators (CRLFs) with null characters, the second case needed to be handled correctly.
Closes IDFGH-1539
Closes https://github.com/espressif/esp-idf/issues/3803
If httpd_sess_trigger_close() gets called twice for the same socket,
the first httpd_sess_close() cb closes the correct socket, but the second
invocation closes the wrong socket which was just accepted and added to
the socket db. Checking for the lru counter will help identify this as the
counter is set only for requests actually served.
We fixed some flash bugs in bootloader, but for the users used the old
vrsion bootloader, they can not fix these bugs via OTA, the solution is
add these updates in app startup.
These updates include:
1. SPI flash gpio matrix and drive strength configuration
2. SPI flash clock configuration
3. SPI flash read dummy configuration
4. SPI flash cs timing configuration
5. Update flash id of g_rom_flashchip
Hardware AES-CBC performance changes:
Release config 11.0MB/sec -> 10.8MB/sec
Debug config 9.4MB/sec -> 9.8MB/sec
(Unrolling the loop to optimize the check improves
performance at -Og, even with the fault check.)
Made MMU pages available check in `esp_image_format.c`
This now makes it possible to map and process bootoader image as well in chunks when image doesn't fit completely into available free pages.
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
There are lot of prints of `Allocate TX buffer for DMA`
Changed these from `ESP_LOGI` to `ESP_LOGD`
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
This problem may cause HCI send command timeout.
When host call VHCI api to do btdm_wakeup_request, then controller
wakeup process will be handled in ISR and controller task context.
As host task priority is lower than controller task and ISR,
it will cause an incorrect behavior that before VHCI take the
rx_flow_on_semaphore, controller sleep again, then VHCI cannot take
the semaphore and has to wait the automatic wakeup.
On flash program operation (either erase or write), if corresponding address has
cache mapping present then cache is explicitly flushed (for both pro and app cpu)
Closes https://github.com/espressif/esp-idf/issues/2146
Other changes:
* Command line argument name and descriptions updated and formatted
* Some exception messages updated for clarity
* READMEs updated for tool and all provisioning examples
* Minor update in example test scripts due to change in esp_prov.get_transport() API
* Transport_Softap renamed to Transport_HTTP
* Transport_HTTP now forces connect on initialization
These changes guarantee that the SSID and Passphrase received via protocomm are NULL terminated and size limited to their standard lengths.
List of changes:
* Corrected length of passphrase field in wifi_prov_config_set_data_t structure
* Performing length checks on SSID, passphrase and bssid, when populating wifi_prov_config_set_data_t structure with received credentials
1. resend eb which are pending in g_ic.tx_buf due to channel switch.
2. add lock for mgmg/xon/bcast to protect send from user flush.
3. softap: add check if secondary offset is correct when start softap.
4. softap: in inactive timer handler, add check if child bss is removed to avoid removing it again.
5. disable A-MPDU for non-root.
6. fix reusing a freed eb.
7. fix when node becomes root, it does not record assoc value to nvs.
8. discard unnecessary forwarded group packets.
9. fix toDS state is not updated in time.
10. fix s_sta_cnx_times is not cleared when deinit causes root sends ADD annoucement.
11. root: increase beacon timeout time from 6 seconds to 15 seconds to delay initiation of reconnection.
12. add esp_mesh_get_tsf_time to return TSF time.
13. send the whole routing table multi-times.
14. clear candidate settings if not receive candidate beacon within 8 seconds.
When flash work in DIO Mode, in order to ensure the fast read mode of flash
is a fixed value, we merged the mode bits into address part, and the fast
read mode value is 0 (the default value).
open_fn() was introduced in the context of HTTPS server, as a configurable callback function that is called by the HTTP server, on every newly created socket. It is responsible of allocating resources for per session transport security.
Earlier, if open_fn were to fail, the newly created socket would be closed by the server but the corresponding entry, for the now invalid socket, will remain in the internal socket database until that invalid socket is detected due to error when calling select(). Because of this delayed closing of sockets, the HTTPS server would quickly face shortage of available sessions when a lot of SSL handshake errors are happening (this typically occurs when a browser finds that the server certificate is self signed). This changes in this MR fix this issue by clearing up the socket from internal database, right after open_fn fails.
Closes https://github.com/espressif/esp-idf/issues/3479
List of changes in components/wifi_provisioning:
* Manager version is now v1.1
* .proto files and protocomm handler added for sending Wi-Fi scan command and receiving scan results
* Implemented handlers for wifi_scan protocomm endpoint
* Update manager context data structure to hold scan state and results
* scheme_softap now runs Wi-Fi in APSTA mode
* Wi-Fi is started in AP mode when provisioning is started. This is necessary for scan list to work
* Docs updates with information about new wifi_scan endpoint
List of changes in tools/esp_prov:
* Added functions for sending and receiving protobuf messages compatible with wifi_scan protocomm endpoint
* Added feature to display/refresh scan results and accept user selection at runtime
* New functions:
* get_version() : only returns the protocol version string
* has_capability() : check is a capability is present according to proto-ver response
* wifi_scan feature is provided only if the `wifi_scan` capability is present
Other changes:
* Replace recursive mutex with plain mutex
* assert on return value of mutex give / take calls
* replace all calls with macros ACQUIRE_LOCK and RELEASE_LOCK
* some checks added in scanning related private APIs
* free and nullify scanning context and state if service is stopped while ongoing scan
port*_CRITICAL_SAFE API calls port*_CRITICAL or port*_CRITICAL_ISR
depending on the context (Non-ISR or ISR respectively).
FREERTOS_CHECK_PORT_CRITICAL_COMPLIANCE Kconfig option added
Signed-off-by: Sachin Parekh <sachin.parekh@espressif.com>
xTaskIncrementTick have to unwind uxPendedTicks on CPU1 and CPU0.
Use case: If an erase operation was run on the CPU1 then it leads
to starving other tasks which waiting time. Waited tasks just skipped.
Closes: https://github.com/espressif/esp-idf/issues/1952
Closes: IDF-183
Fixed the case when the first part of log was missed
this was happened when:
* CONFIG_CONSOLE_UART_CUSTOM option is selected (UART1)
* The selected CONSOLE_UART port is used also for the console component
* in code esp_restart() or abort() functions were called.
List of changes:
* Retrieve UUID property from Bluez device object before connecting to retrieve UUID contained in advertisement
* Read Characteristic User Descriptions attribute of each UUID for mapping endpoint names
* To support older implementations with hardcoded Name-UUID map, revert to fallback mode in order if advertisement data has no UUID field
List of changes:
* Use 128 bit characteristic UUIDs when creating GATT table entries
* Change primary service attribute value to 128 bit custom service UUID
* Use raw advertisement data to convey flags and 128 bit primary service UUID
* Use raw scan response to send device name as complete local name
* Increase maximum device name length in relation to maximum scan response length
* Set Characteristic User Description attributes for each characteristic to convey protocomm endpoint names
List of changes:
* Kconfig option HTTPD_LOG_PURGE_DATA enables logging of purged data
* Kconfig option HTTPD_PURGE_BUF_LEN sets purge buffer length
* Purged data is logged in hex
Closes https://github.com/espressif/esp-idf/issues/3359
Fix following wpa2 enterprise vulnerability issues:
1. The station can complete 4-way handshake after EAP-FAIL is received
2. The station crashes if EAP-SUCCESS is received before PMK is setup
Issue is that when users creates a custom bootloader from
$IDF_PATH/components/bootloader. Parent project build uses the copy but
bootloader subproject build uses the original still. The issue is solved
by passing the custom bootloader as extra component directory so
bootloader build knows to use the new copy (itself) in the build.
This prevents a device from being bricked in case when both secure boot & flash encryption are enabled and encryption gets interrupted during first boot. After interruption, all partitions on the device need to be reflashed (including the bootloader).
List of changes:
* Secure boot key generation and bootloader digest generation logic, implemented inside function esp_secure_boot_permanently_enable(), has been pulled out into new API esp_secure_boot_generate_digest(). The enabling of R/W protection of secure boot key on EFUSE still happens inside esp_secure_boot_permanently_enable()
* Now esp_secure_boot_permanently_enable() is called only after flash encryption process completes
* esp_secure_boot_generate_digest() is called before flash encryption process starts
Issue : Restarting the server without 30sec delay between httpd_stop() and httpd_start() causes EADDRINUSE error
Resolution : Use setsockopt() to enable SO_REUSEADDR on listener socket
Closes https://github.com/espressif/esp-idf/issues/3381
This change prevents buffer overflows in case of really long file paths.
Other changes:
* Remove query (?) and fragment (#) component from URI when converting to file path
* /index.html and favicon.ico can be overridden by files with same name and path in SPIFFS
* README.md updated
Fixed adjtime function: While using the adjtime() function,
the time correction accumulated an error
when reading the time frequently (using gettimeofday).
Operation:
In `esp_http_client_set_url`, we check for if old_host is same as new_host.
Delete and open new connection if host is different.
Issue:
We just pointed `client->connection_info.host` to `old_host` and reassigned it.
This made old_host and new_host always point to same location and hence, using old_host with new request.
Fix:
Made a separate copy for old_host using strdup.
Closes https://github.com/espressif/esp-idf/issues/2631
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
1. Softap support multicast and broadcast saving and flushing when the associated stations enable IEEE80211 legacy power save(which is called modem sleep in ESP32).
2. Improve the frame saving and flushing mechanism of softap power save.
Earlier eraseItem function in Storage class would do lazy cleanup of
multi-page blobs if called using type "ANY" instead of "BLOB". It used to
just delete BLOB data and index would remain as is. Any subsequent read
would delete index entry as well. This however would return a valid
length without error if nvs_get_blob API was just used for finding
length and not reading the complete blob. This change fixes this issue.
Closes https://github.com/espressif/esp-idf/issues/3255
1. remove redundant SPI clock settings, use rom functions to set clock.
2. remove redundant SPI cs setup and hold settings.
3. for old 32Mbit psram, cs hold time must only be 0.5T due to the special driving mode.(cs_setup = 0; cs_hold = 0)
4. for new 64Mbit psram, cs hold time is recommended to be 2.5T. (cs_setup = 1, cs_setup_time = 0;cs_hold = 1, cs_hold_time = 1)
1. Pass the correct conn_id to protocomm_req_handle
In transport_simple_ble_write(), passing param->exec_write.conn_id would
be invalid. Instead param->write.conn_id should be passed
Similar change in transport_simple_ble_exec_write() to use
param->exec_write.conn_id
2. simple_ble_start() assumes that the mode is BLE only and enables
Bluetooth controller accordingly. For, cases having BT + BLE like Alexa
(Provisioning over BLE + Audio over classic BT), this assumption should
be removed.
Linker script generator produces build/esp32/esp32.common.ld from
components/esp32/ld/esp32.common.ld.in
This works fine until IDF is downgraded to V3.1 which uses components/esp32/ld/esp32.common.ld and
doesn't track build/esp32/esp32.common.ld at all.
At this point, the linker runs in the build/esp32 directory and "-T esp32.common.ld" picks up the
linker script generated .ld file, which causes mis-builds.
As reported on forums: https://esp32.com/viewtopic.php?f=13&t=9684&p=40105
This fix prevents HTTP server from accepting new connections when the total count of connected
sockets has reached the max_open_sockets limit set during configuration. The pending connections
are kept in backlog until atleast one of the connected sockets is closed. The maximum number of
connection requests that can kept in backlog is specified as backlog_conn configuration option.
Note that this modification has no effect when LRU purge is enabled.
Also added sanity check on setting for max_open_sockets during configuration.
Solution suggested by jimparis https://github.com/espressif/esp-idf/issues/3183#issue-421234265
Closes https://github.com/espressif/esp-idf/issues/3183
Fix following STA WFA certification issues:
1. STA HT2040 coexist
2. Disallow WEP/TKIP with HT rates
3. WPA2 improvement
4. Minor refactor for WiFi internal global variable auth_type
List of changes:
* When parsing requests, count termination from LF characters only
* Correct memcpy() length parameter in httpd_unrecv() (pointed out by jimparis in GitHub issue thread)
* Use ssize_t to store results of length subtractions during parsing
* Modify some comments to reduce ambiguity
Closes https://github.com/espressif/esp-idf/issues/3182
Works around bug where components/soc/CMakeLists.txt was testing "EXISTS
${COMPONENT_PATH}/${SOC_NAME}" and this test could pass during early
expansion if COMPONENT_PATH was empty and a directory /esp32 exists
on Windows.
Closes https://github.com/espressif/esp-idf/issues/3195
V2 adds:
* Independent result for visibility (showing/hiding menus)
* Includes adding IDs for all items (menus & symbols) in kconfig_menus.json
Still backwards compatible with V1, with some small changes (menu items now listed in results).
Also added some protocol docs, changed the "listening on stdin" message to come after any kconfiglib warnings
newlib uses significantly more stack space when printing to an
unbuffered stream. To reduce the amount of stack space required to
use the console, don’t disable buffering. linenoise should support
unbuffered stdout instead.
Issue: MDNS server initially sends probing packets to resolve naming confilicts with already registered service instances. In case of a conflict, instance name is altered and probing restarts. Original instance however wasnnot removed from the structure and upon service removal only one entry was removed and a dangling service might have been kept in the structure to bring about a crash.
Resolution: Keep only one instance of a service in the probing structure.
Closes IDF-498
possible race condition: user task runs mdns_init, which enables pcbs while mdns-task already created could execute enable/disable of the same pcbs if an appropriate system event received
mnds_free() initiates stop and delete timer tasks, which after locking the mutex could lead to a dead lock in case timer task executed before deleting the task, as it would wait indefinitelly for unlocking the mutex. This condition is fixed by calling _mdns_stop_timer without locking the mutex, because there's no need to protect any data when stopping and deleting the timer task
Closes https://github.com/espressif/esp-idf/issues/1696
Issue: mdns_service_add API allocates and queues an action to be processed in mdns task context; when allocation or queueing fails, allocated structure needs to be freed. Function _mdns_free_service did not only fee all the structures, but also updates packet data.
Resolution: Moved removal of packet data outside of _mdns_free_service function.
packets scheduled to transmit are pushed to action queue and removed from tx_queue_head structure, which is searched for all remaining services and while service is removed, then service questions/asnwers are also removed from this structure. This update fixes possible crash when packet is pushed to action queue, and when service is removed, its answers are removed from tx_queue_head, but not from action queue. this could lead to a crash when the packet is poped from action queue containing questions/answers to already removed (freed) service
Closes IDF-504
When generating JSON metadata for ranges where there are conditional ranges (ie different allowed range
depending on another config setting), the JSON metadata would always have the last named range as
the expression was not evaluated properly.
Thanks to ulfalizer on GitHub for pointing this out.
Closes https://github.com/espressif/esp-idf/issues/2195
mdns_search_once_t::lock is used to synchronize tasks (taken by one
task and given by the other) so it should not be a mutex.
Convert to semaphore, and rename to indicate its purpose.
A problem if the Python interpreter used for idf.py (or set via PYTHON
variable) didn't match
"/usr/bin/env python" (or the associated executable for .py files, on
Windows).
Closes https://github.com/espressif/esp-idf/issues/3160
Possibly also fix for https://github.com/espressif/esp-idf/issues/2936
Adds build system test to catch any future direct execution of Python in
the standard build process.
remove duplicated include from components/esp32/incliude/esp_core_dump.h
espcoredump/incliude/esp_core_dump.h:
fix signature of the functions esp_core_dump_to_uart() and esp_core_dump_to_uart();
add espcoredump into COMPONENT_PRIV_REQUIRES list
fix linker.lf file
1. Fix wrong timeout setting in join command, also alter the default timeout value to 10 seconds
2. Don't clear the CONNECTED_BIT when connected to AP.
1. Add Kconfig options to control task listing support.
2. Convert magic values (-1, -2) to named constants.
3. Convert spaces to tabs to match the rest of the file.
4. Rename getAllTasksHandle to getTaskInfo to reflect its purpose.
5. Add some curly braces for single line statements.
docs: Preparation for upgrade of Sphinx and Breathe packages to versions 1.8.4 and 4.11.1. Updated check of Sphinx warnings to account for the filename instead of the whole path, that for the same errors may be different between English and Chinese docs.
See merge request idf/esp-idf!4282
By default, if a URI handler changes the http session context,
the webserver internally clears the older context after the handler
returns. However, if applications want to change this behavior and
manage the allocation/de-allocation/freeing themselves and let the
server handle only the "socket close" case, this commit provides such
an option.
Fix following WiFi bugs:
1. Fix the bug that STA incorrectly deletes BA when receiving DelBA request
2. Add out of memory check
3. Fix the bug that STA incorrectly receives packets when scanning in connected status
When xPortGetCoreID() is called twice within a function,
it might only be called once after compilation. This
commit makes the inline assembly of the function volatile.
Closes#3093
In the situation when bootloader was compiled for 240MHz, and app was
compiled for 160MHz, and the chip is a revision 0 chip, the
bootloader will assume that the application has also been running at
240MHz. This will cause the chip to lock up later. Modify this to use
a run time check of DPORT_CPUPERIOD_SEL, which indicates which of the
PLL frequencies was used.
Closes https://github.com/espressif/esp-idf/issues/2731.
The following commit adds a real time stats example demonstrating how to
obtain task CPU usage statistics over a period of time, as opposed to the current
run time stats in FreeRTOS which measures task CPU usage as a percentage of
total system run time.
Previously, this compiler flag was not being applied
regardless of CONFIG_SPIRAM_CACHE_WORKAROUND setting.
Explanation: add_compile_options() only applies to
source files added after the function is run, or in
subdirectories added after the function is run. In
this case, no new source files were being added after
this function was run.
1. ref_clock used in unit tests occasionally produces time off by ~100
microseconds shortly after being started. Add a delay to let
ref_clock stabilise, until the cause is found.
2. Reduce roundoff error accumulation which would occasionally cause
the test to fail, by choosing an overflow value which can be divided
by APB frequency.
3. Move time sampling part of the test into an IRAM function to
reduce variations due to cache behavior.
4. Remove calculation of "standard deviation" in the test, as what was
calculated was not actually standard deviation, and it did not add any
useful information.
Previously when HashList was removing items, HashListBlocks were
removed lazily. This resulted in empty HashListBlocks dangling around
in full pages, even when all items have been erased. These blocks
would only be deleted when NVS was re-initialized
(nvs_flash_deinit/nvs_flash_init).
This change does eager cleanup instead, based on the code from
@negativekelvin offered in
https://github.com/espressif/esp-idf/issues/1642#issuecomment-367227994.
Closes https://github.com/espressif/esp-idf/issues/1642.
Added APIs :
* httpd_resp_send_err() : for sending HTTP error responses for error codes given by httpd_err_code_t. It uses TCP_NODELAY option to ensure that HTTP error responses reach the client before socket is closed.
* httpd_register_err_handler() : for registering HTTP error handler functions of type httpd_err_handler_func_t.
The default behavior, on encountering errors during processing of HTTP requests, is now to send HTTP error response (if possible) and close the underlying socket. User configurable handlers can be used to override this behavior for each error individually (except for 500 Internal Server Error).
Also fixed some typos.
Closes https://github.com/espressif/esp-idf/issues/3005
fix 3 bugs:
1. do BLE connect (both of slave and master), it mgiht cause crash due to there's much interrupts happens effect ble code running, for example, wifi run on the same core as bluetooth controller and wifi run throughtput test.
2. do BLE scan stop or adv stop or connection stop, it might cause ASSERT or crash due to memory corrupted in controller memory poll.
3. minor bug fix, not really effect bluetooth.
The bug will cause memory corrupted (the largest range is from 0x3ffc0000 ~ 0x3ffc8000),
some strange error will happen, like IllegalInstruction, LoadProhibited and .etc.
docs: This is a quick reference of more than a dozen and-ons and extensions prepared over the last two years to add contents, improve look & feel and cut on maintenance of the ESP-IDF documentation.
See merge request idf/esp-idf!4244
This commits adds the functions can_clear_transmit_queue() and
can_clear_receive_queue(). Closes#2906
The following bug are fixed:
- CAN_IO_UNUSED is now explicitly cast to enum type. Closes#2825
- Fix multiple documentation errors. Closes#2898, Closes#2794
- can_reconfigure_alerts() returns incorrect current_alerts. Closes#3028
- Add missing header file. Closes#3065
The requirements of pin capabilites is different for spi master and
slave. The master needs CS, SCLK, MOSI to be output-able, while slave
needs MISO to be output-able.
Previous code is for master only.
This commit allows to place other 3 pins than MISO on input-only pins
for slaves. Refactoring for spi_common is also included.
Resolves https://github.com/espressif/esp-idf/issues/2455
when running a query for a single txt, result entries were not created and attached to result structure. this issue was introduced when fixing memory leak in txt structure, which worked correctly for PTR queries, but caused trouble for TXT query.
Note : Examples have been updated to prevent invocation of bluedroid/wifi APIs from inside timer callback when stopping provisioning. Workaround is to spawn new task from inside the timer callback.
List of changes:
* Corner case exceptions are properly handled to ensure release of memory occupied by security infrastructure
* fixed erroneous cleanup of security instance by protocomm_console
List of changes:
* Version endpoint now sends the set version string instead of verifying the incoming version string. This simplifies fetching version info from the provisioning application.
* esp_prov script updated to expect version string as response.
Added:
* set a secure version in app/bootloader.
* description anti-rollback to ota part
* emulate the secure_version write and read operations
* efuse_em partition.
* a description about a rollback for native_ota_example.
Closes: TW26335
1. When one of the COMPONENT_DIRS points to a component directory
(i.e. a directory containing component.mk, not a directory of multiple
components), and there is a subdirectory in it which also contains
a component, the subdirectory was mistakenly added to the list of
components and compiled.
For example:
main/
component.mk
main.c
test/
component.mk
test_main.c
Would compile test_main.c and link libtest.a.
2. When one of the COMPONENT_DIRS points to a component directory, and
the parent directory contained a directory with the same name as
another component, that directory would be mistakenly added to the
COMPONENT_PATHS.
For example:
esp/
esp-idf/
esp32/
(random stuff)
mycomponent/
component.mk
mycomponent.c
myproject/
main/
Makefile
and Makefile sets EXTRA_COMPONENT_DIRS=$(realpath ../mycomponent),
then "esp32" directory which is at the same level as mycomponent
was added to COMPONENT_PATHS.
3. If EXTRA_COMPONENT_DIRS pointed to a directory with a list of
components, and one of the subdirectories was not a component, but
had the same name as another component, than that directory would be
mistakenly added to COMPONENT_PATHS instead of the real esp32
component directory.
For example:
my_components/
my_component/
component.mk
my_component.c
esp32/
(some random stuff)
and EXTRA_COMPONENT_DIRS would point to my_components/, then "esp32"
directory would be added to COMPONENT_PATHS instead of the real esp32
component directory.
Move existing core dump files into espcoredump component folder
Add KConfig, linker.lf, make and CMakeList.txt for new component
Existing functionality separated into core_dump_common, core_dump_flash, core_dump_uart
Update test_core_dump.c and make files to link it as unit test
Update according to review:
Move target and RTOS related functionality into separated file (core_dump_port.c).
Fix test logs and test elf files
Move existing core dump files into espcoredump component folder
Add KConfig, linker.lf, make and CMakeList.txt for new component
Existing functionality separated into core_dump_common, core_dump_flash, core_dump_uart
Update test_core_dump.c and make files to link it as unit test
Update according to review:
Move target and RTOS related functionality into separated file (core_dump_port.c).
This will be useful if a webserver is already running and the application
does not want protocomm to start a new instance.
Signed-off-by: Piyush Shah <piyush@espressif.com>
Currently, only erase operation performed by the application leads
to detection of NVS key partition as uninitialised. This change
adds additional checks for detecting partition as uninitialised,
when device boots first time right after encryption by bootloader.
Fix following WiFi bugs:
1. Fix a crash bug which is caused by WiFi static TX buffer alloc/free.
2. Fix the bug that iphone fails to connect to ESP32 AP by enabling AP BAR receiving.
3. Fix the bug that ESP32 station fails to connect some APs, such as Xiaomi hotspot etc,
after reset.
1. Cleanup the README of app_trace_to_host example based on the template.
2. Remove unused header files in the example.
3. Fix typos in public header file.
Test services may cause confussion (and did cause some GitHub/forum issues). This update runs test services only when example executed in ci. Also host name is a simple config entry if executed outside of ci.
Files where stack protector is initialized should not be compiled with
stack protector enabled. This was done for Make but missing for CMake.
Fixes https://github.com/espressif/esp-idf/issues/2990.
Shortcircuit evaluation may cause skip of _mdns_strdup_check of any further question field, which after clear_rx_packet freed undefined memory.
Fixes https://ezredmine.espressif.cn:8765/issues/28465
This commit adds the ability for backtracing to trace from the itnerrupt to the
task stack, and across nested interrupts. Test cases have also been added.
New unit tests added
------------------------
**Local:** Local test uses the GPIO matrix to connect the master and the
slave on the same board. When the master needs the iomux, the master
uses the GPIOs of its own, the slave connect to the pins by GPIO matrix;
When the slave needs the iomux, the slave uses the GPIOs of its own, the
master connects to the pins by GPIO matrix.
- Provide a new unit test which performs freq scanning in mode 0. It
scans frequency of 1M, 8M, 9M and all frequency steps up to the maximum
frequency allowed.
**M & S**: Master & slave tests performs the test with two boards. The
master and slave use iomux or gpio matrix according to the config.
- Provide a new unit test which performs freq scanning in mode 0. It
scans frequency of 1M, 8M, 9M and all frequency steps up to the maximum
frequency allowed.
- Provide a new unit test which performs mode test with significant
frequencies. It tests mode 0,1,2,3 with low frequency, and the maximum
frequency allowed.
Paremeterized Test Framework
-----------------------------
The SPI has a lot of parameters, which works in the same process.
This framework provides a way to easily test different parameter sets.
The framework can work in two different ways:
- local test: which requires only one board to perform the test - master
& slave test: which generates two sub test items which uses the same
config set to cooperate to perform the test.
The user defines a (pair if master/slave) set of init/deinit/loop
functions. Then the test framework will call init once, then call loop
several times with different configurations, then call deinit.
Then a unit test can be appended by add a parameter group, and pass it into
a macro.
1. during parent selection, when scanning a MAP without ext-assoc IE, it will be handled as it has the same router BSSID as itself.
2. for MAP, when its client leaves, always post SYSTEM_EVENT_AP_STADISCONNECTED to mesh layer regardless of whether the client has passed the encrypted authentication or not.
Originally, when doing BLE active scan, Bluedroid will not report adv to
application layer until receive scan response. This option is used to
disable the behavior. When enable this option, Bluedroid will report
adv data or scan response to application layer immediately.
The following 2 compiler warnings are only reproducible when setting:
OPTIMIZATION_FLAGS = -Ofast
esp-idf/components/soc/esp32/rtc_clk.c:
In function 'rtc_clk_cpu_freq_get':
esp-idf/components/soc/esp32/rtc_clk.c:506:12:
error: 'freq' may be used uninitialized in this function
[-Werror=maybe-uninitialized]
return freq;
esp-idf/components/esp_ringbuf/ringbuf.c:
In function 'xRingbufferReceiveSplitFromISR':
esp-idf/components/esp_ringbuf/ringbuf.c:934:26:
error: 'pvTempTailItem' may be used uninitialized in this function
[-Werror=maybe-uninitialized]
*ppvTailItem = pvTempTailItem;
Closes https://github.com/espressif/esp-idf/pull/2878
1. add support for ESP32 DTE
2. add support for SIM800/BG96 DCE
3. add PPPoS setup procedure
4. add support for SMS
5. add mqtt example after PPP connection established
Previously, hardware SHA engine "locks" were mutex semaphores. This meant that the task which
started a particular SHA session (in hardware) needed to finalise that session, or an invalid
FreeRTOS state was created.
Replace with binary semaphore which can be shared between tasks.
Includes a unit test, but unit test doesn't crash even without this fix
(some other unknown condition is required).
Due to a hardware limitation in ESP32, the first four bytes of some
CSI data is invalid, not the last four bytes.
Correct a mistake of CSI sub-carrier index in documentation.
When IDF_PATH is not set by the user, cmake infers the same through
other means and sets it as an environment variable. However, some
sub-invocation of cmake may not see this variable as it is not set
in the parent. This change adds a custom command for exporting IDF_PATH
just before invoking ldgen so that IDF_PATH can be used in Kconfig
without any errors.
Bootloader used to calculate the number of cache pages assuming that
load address was aligned, while in reality load address for DROM and
IROM was offset by 0x20 bytes from the start of 64kB page. This
caused the bootloader to map one less page if the size of the image
was 0x4..0x1c less than a multiple of 64kB.
Reported in https://esp32.com/viewtopic.php?f=13&t=6952.
1. detect and fix root conflicts when router BSSID is not set.
2. when root can not connect to the router due to NO_MORE_STAS(reason code:5), root will stop re-connection and perform MESH_NWK_LOOK_FOR_NETWORK.
3. wifi: fix the disconnection caused by receiving a deauth frame from non-parent node during scanning.
4. fix routing table redundant issue.
5. modify the max routes limitation from 300 to 1000.
6. wifi: fix ap does not deauth sta which has not completed the 4-way handshake.
Note : In future consider deprecating usage of -1 for setting
buffer length equal to string length in APIs httpd_resp_send()
and httpd_resp_send_chunk()
1. fix error when fading is too fast
2. fix error when setting duty and update immediately
3. update register header file to be in accord with TRM
closes https://github.com/espressif/esp-idf/issues/2903
esp-idf/components/freemodbus/modbus_controller/modbus_controller.c: The MB_INST_MAX_SIZE is changed to max value=(65535*2);
Update support for coils read into freemodbus.c;
TW#28143
Closes https://github.com/espressif/esp-idf/issues/2884
1. Gitlab will only regard failure (not error) as failed case. Use log
failure instead of log error, to display all error msg in test result
2. fix failed case not recognized by test script when failed during
reset DUT
1. esp32-pico use standard spi driver to access psram
2. for esp32-pico, flash and psram share the clock
3. for esp32-pico, psram cs io can be overwrite via menuconfig
timer_process_alarm function of esp_timer holds a spinlock for the
entire duration of its operation, except for the time when timer
callback function is called. It is possible that when
timer_process_alarm releases the spinlock, a higher priority task may
run and delete the timer. Then the execution will return to
timer_process_alarm, and this will either cause a crash, or undesired
execution of callback after the timer has been stopped or deleted.
To solve this problem, add a mutex which will prevent deletion of timers
while callbacks are being dispatched.
1. example test uses auto detect flash size. we need to call
`detect_flash_size` before write flash
2. fix incorrect baudrate used: when using WROVER-Kits, it's likely that download with baudrate 921600
will fail. If we don't reset serial setting in decorator, 921600 will
become the default baudrate. This causes all the subsequent
communication fails
3. do hw reset after used esptool function
esp32: unforce wifi if receiving beacon with no data buffered in dream state and reduce force receiving broadcast data time
See merge request idf/esp-idf!3963
state and reduce force receiving broadcast data time
1. If receiving beacon which indicates that there is no data buffered,
do not force to receive WiFi data.
2. If receiving beacon which indicates that there is broadcast data
buffered, reduce the time to force receiving broadcast data.
1. when no parent is found, send probe request via broadcast.
2. fix memory leak caused by the remove announcement being sent is not released when esp_mesh_stop() is called.
3. fix modify IE encrypt after mesh is started.
4. ignore esp_mesh_connect() if mesh automatic reconnection is enabled.
5. fix reason is cleared before vote is done.
1. fix STAs can not detect disconnection from AP when encrypt transmission is used.
2. fix can not find hidden APs.
3. for root, modify the active scan time to 120ms.
4. remove all rc when clear parent Wi-Fi configuration.
5. fix error in checking Wi-Fi commit ID.
Update freemodbus component file esp-idf/components/freemodbus/port/portserial.c to remove UART mode settings;
Move UART mode settings into esp-idf/examples/protocols/modbus_slave/main/freemodbus.c
Move UART pin settings from Component config into example Kconfig.projbuild file
Move setup of UART port pins from freemodbus component into example file
TW#27721
Closes https://github.com/espressif/esp-idf/issues/2784#issuecomment-443600157
* Prevents section type conflict errors if (say) const & non-const data
is put into the same section (ie with DRAM_ATTR)
* Allows linker --gc-sections to remove unused custom sections
1. Add missing get function to RMT API: rmt_get_idle_level().
2. Suppress error message from rmt_wait_tx_done() if wait_time==0 (allows for polling).
3. Remove the blank lines between parameter lists.
Merges https://github.com/espressif/esp-idf/pull/2666
* Call esptool directly not via subprocess
* Use the same serial port instance for listener thread and esptool
* Includes some refactoring for encapsulation of App vs DUT members
This fix includes following changes:
1. Fix the bug that esp_restart()/esp_wifi_stop() sometimes fails in WiFi/BT coexist mode.
2. Add a timer for WiFi stop and stop WiFi forcibly once the timer expires.
Hostname option has been removed from dhcp discover since IDFv3.2.
But it remains in dhcp request due to which ESP32 can not get IPv4 address
from some APs. Re-add hostname option to dhcp discover to solve this issue.
1. start an esp_timer on entering sleep to acquire pm_lock before wake up from modem sleep
2. decrease the clock division of XTAL fed to bluetooth low power clock from 32us to 2us period to allow to work under 240MHz Max CPU frequency
3. decrease the minimum sleep duration threshold to allow shorter bluetooth modem sleep period, especially for BLE with short connection interval
4. reconfigure bluetooth baseband(BT-BB) settings after PHY/RF init upon waking up from modem sleep to avoid packet RX/TX performance degradation
On enabling flash encryption, OTA fails with magic byte error in the second chunk
if the http data is split into two or more chunks and first chunk is less than 16.
When std::bind is used, it requires inclusion of <functional> header.
This was not mandatory with earlier versions of g++ (4.x), may be because they
had experimental support for c++11.
A workaround to reset BBPLL configuration after light sleep. Fixes the
issue that Wi-Fi can not receive packets after waking up from light
sleep.
Ref. https://github.com/espressif/esp-idf/issues/2711
When ethernet enable again after disable it before, phy init will report timeout.
The cause of this problem is that the enabling of emac clock is too late, and should be placed before phy init.
1. Fix interrupt watchdog timeout in bluetooth "btdm_bb_isr"
2. Fix BLE assert(512) or assert(1536) in rwble.c at line 222
3. Update librtc.a to fix BLE assert(512) in rwble.c at line 222
The #1 and #2 occurs random.
The #3 bug occurs in certain scenario:
1. If Wifi start softap and BLE is working
2. If wifi start station, but do not use normal station operation, such
as just use espnow, while BLE is working
3. Any other scenario, that wifi works without use software coexist
operation, while BLE is working(such as do advertising and ...)
4. update libcoexist.a version to v1.1.2
Added a new structure esp_app_desc_t. It has info about firmware:
version, secure_version, project_name, time/date build and IDF version.
Added the ability to add a custom structure with a description of the firmware.
The esp_app_desc_t is located in fixed place in start of ROM secotor. It is located after structures esp_image_header_t and esp_image_segment_header_t.
app_version is filed from PROJECT_VER variable (if set in custom make file) or PROJECT_PATH/version.txt or git repo (git describe).
Add API to get app_desc from partition.
closes https://github.com/espressif/esp-idf/issues/2494
closes https://github.com/espressif/esp-idf/pull/2493
closes https://github.com/espressif/esp-idf/pull/2496
1. Change bus reset to handle interrupted READ sequences.
2. Slow down I2C to 100khz during reset
3. If a SLAVE device was in a read operation when the bus was interrupted, the SLAVE device is controlling SDA.The only bit during the 9 clock cycles of a byte READ the MASTER(ESP32) is guaranteed control over, is during the ACK bit period.
If the SLAVE is sending a stream of ZERO bytes, it will only release SDA during the ACK bit period. The master(ESP32) cannot generate a STOP unless SDA is HIGH. So, this reset code synchronizes the bit stream with, Either, the ACK bit, Or a 1 bit.
I am stealing this delay coding from @jeremyherbert #2493 pr.
2. Change Bus Reset to handle interrupted READ sequences.
The current code does not handle interrupted READ cycles.
If a SLAVE device was in a read operation when the bus was interrupted, the SLAVE device is controlling SDA.
The only bit during the 9 clock cycles of a byte READ the MASTER(ESP32) is guaranteed control over, is during the ACK bit period.
If the SLAVE is sending a stream of ZERO bytes, it will only release SDA during the ACK bit period. The master(ESP32) cannot generate a STOP unless SDA is HIGH.
So, this reset code synchronizes the bit stream with, Either, the ACK bit, Or a 1 bit.
3. fix typo
correct `sda_id` to `sda_io` in `i2c_master_clear_bus()` @ryan-ma found it. This typo was generated when I manually edited this patch on GitHub, I should have done a Copy/Paste operation!
1. Use BIT[7:5] of EID to determine psram size
2. Add ID support for 16Mbit psram
3. Remove module reset on SPI1
4. Confirmed with the vendor that only the old 32Mbit psram need special clock timing. For other psram chips, we should use standard QPI mode.
1. add network channel switch function.
- users can obtain the new channel through the event MESH_EVENT_CHANNEL_SWITCH.
- the entire network will be moved to the same channel as the router without user intervention.
- if no router is in the network, users can call esp_mesh_switch_channel() on the root side to
move the entire network to their desired channel.
2. support not configuring the network channel.
3. support not configuring the router BSSID even if the router is hidden.
4. add allow_channel_switch to mesh configuration.
- if the channel is not specified, this value will be ignored.
- if the channel is specified and this value is set, when "fail" (mesh_attempts_t) times of parent selection
or look for networks are reached, device will change to perform a full channel scan for networks that could join.
- if the channel is specified and this value is set to 0, when a root is not elected, channel switch is not allowed.
but when a root appears, the root performs a full channel scan during the process of connecting to the router,
so even allow_channel_switch is set to 0, the root may still switch channel and eventually the entire network
changes channel.
5. add allow_router_switch to mesh router configuration.
- if the BSSID of router is not specified, this value will be ignored.
- if the BSSID of router is specified and this value is set, when the router of this specified BSSID fails to be found
after "fail" (mesh_attempts_t) times, the entire network is allowed to switch to another router with the same SSID.
6. modify the root to perform a full channel scan when esp_wifi_connect().
7. support handling beacon without DS Paramter Set.
The number of runners of integration test is not bottleneck to CI
pipeline performance now. Combine these 2 stages will make integration
test executed even unit test fails. This could help us to collect more
info about test history.
The DMA cannot receive data correctly when the buffer address is not
WORD aligned. Currently we only check whether the buffer is in the DRAM
region.
The DMA always write in WORDs, so the length arguments should also be
multiples of 32 bits.
A check is added to see whether the buffer is WORD aligned and has valid
length.
The driver decide whether use MOSI/MISO phases according to the buffer
address together with the SPI_TRANS_USE_*DATA. However someone may assue
that these phases will be skipped when the ``length``/``rxlength`` is
set to 0. In fact it is a feature that ``rxlength`` is allowed to be
set to 0 when tx and rx have the same length, and the driver fill the
``rxlength`` to ``length``.
An error check is added when the rxlength is 0 but there is data to be
sent.
It has been observed that, in case of underflow (data unavailability) in
I2S transmission, previously filled up tx descriptors continue to get
transmitted on line, causing noise in case of audio use case.
This change adds optional `tx_desc_auto_clear` field during I2S driver intialization
than can zero initialize tx descriptor in case of underflow situation in
interrupt handler itself.
Closes: https://github.com/espressif/esp-idf/issues/1789
Fix some WiFi bugs:
1. Enable RX BAR
2. Fix the bug that ESP32 AP negotiates with iphone to 11g
3. Fix the bug that ESP32 STA has ap_loss because CMCC AP contains two SSID
1. replace xunitgen with junit_xml, which can log more info
2. allow test cases to handle junit test report by them own
3. allow test cases to log some info into report via `sysout` tag
Don’t allow the compiler to convert malloc + memset into calloc,
causing a recursive call in _calloc_r. Fixes crash when building with
-O2 optimization level.
1. fix failture of mesh stop caused by block-sending.
2. fix when FIXED_ROOT is set, 2nd layer devices can not receive mesh event ESP_ERR_MESH_NO_PARENT_FOUND.
3. fix when FIXED_ROOT is set and the root turns off mesh function, 2nd layer devices do not look for new parents.
4. add APIs esp_mesh_disconnect() and esp_mesh_connect().
5. disconnect from parent/router when the DSSS channel in received beacon is different from the home channel.
6. remove nvs task to release 3k bytes memory.
Introduced in 9c23b8e5 and 4f87a62f. To get higher speed, menuconfig
options are added to put ISR and other functions into the IRAM. The
interrupt flag ESP_INTR_FLAG_IRAM is also mistakenly set when the ISR is
put into the IRAM. However callbacks, which are wrote by the user, are
called in the master and slave ISR. The user may not be aware of that
these callbacks are not disabled during flash operations. Any cache miss
during flash operation will cause panic.
Essentially IRAM functions and intrrupt flag ESP_INTR_FLAG_IRAM are
different, the latter means not disabling the ISR during flash
operations. New bus_config flag intr_flags is offered to help set the
interrupt attribute, including priority level, SHARED, IRAM (not
disabled during flash operations). It introduced a small BREAK to
IDFv3.1 (but the same as IDFv3.0) that the user has to manually set IRAM
flag now (therefore he's aware of the IRAM thing) to void the ISR being
disabled during flash operations.
If zero-overhead loop buffer is enabled, under certain rare conditions
when executing a zero-overhead loop, the CPU may attempt to execute an invalid instruction. Work around by disabling the buffer.
New unity component can be used for testing other applications.
Upstream version of Unity is included as a submodule.
Utilities specific to ESP-IDF unit tests (partitions, leak checking
setup/teardown functions, etc) are kept only in unit-test-app.
Kconfig options are added to allow disabling certain Unity features.
transport_mode accepts enum httpd_ssl_transport_t instead of true/false.
This will allow for extension to dual mode (server running on both secure and insecure ports) in the future.
* http_sess_set_*_override APIs are now the only ones available to set custom recv/send/pending functions
* Fixed side effects to using http_sess_set/get_context inside URI handlers
Changes:
- renamed `httpd_free_sess_ctx_fn_t` to `httpd_free_ctx_fn_t`
- added a `httpd_handle_t` argument to `httpd_send_func_t` and `httpd_recv_func_t`
- internal function `httpd_sess_get()` is no longer static, as it's used in other
files besides httpd_sess.c
Bug fixes:
- removed a trailing semicolon from `HTTPD_DEFAULT_CONFIG()`
- fixed issue with failed `select()`, now it automatically closes invalid sockets
instead of shutting down the entire server
New features:
- `httpd_resp_send()` and `httpd_resp_send_chunk()` now accept -1 as length to use
`strlen()` internally
- added `httpd_sess_set_ctx()` to accompany `httpd_sess_get_ctx()`
- added a "transport context" to the session structure (next to user context)
- added `httpd_sess_{get,set}_transport_ctx()` to work with this transport context
- added "global user context" and "global transport context" stored in the server
config (and then the handle); supports a user-provided free_fn
- added a "pending func" to e.g. check for data in the transport layer receive
buffer
- added functions `httpd_set_sess_{send,recv,pending}_override()` that target
a session by ID (i.e. not using a request object)
- added `httpd_set_pending_override()`
- added a "open_fn" and "close_fn" - functions called when creating and closing
a session. These may be used to set up transport layer encryption or some other
session-wide feature
Background
Softap will send connected event after receive assoc request as before, however, STA didn't connect to softAP if need security. As our mesh design, it will send data packet after receive connected event, so change the current behavior, softAP will send connected event if have encryption
Support for HSPI to output clock for 4M SPIRAM introduced regression
in clock configuration affecting SPIRAM access with 80MHz clock. This
commit fixes the issue.
1. call esp_timer_get_time and ref_clock_get in the same order on
start and in the loop
2. disable interrupts when calculating delta between ref_clock
and esp_timer
3. ensure both functions are in cache before calculating the delta
mdns queries did not work properly when send imeadiately after set_hostname, which cuased reinit of pcb and therefore restarted probing, so search packets were blocked until probing finished
closes#2507, closes#2593
Added wireshark instruction to provide a common workflow for users submitting diagnostic data for Wi-Fi troubleshooting
See merge request idf/esp-idf!3497
1. Fix the bug that disable controller suddenly cause crash when ble is working. (585cfba1)
2. Fix the bug that when disable controller, it will cause wifi cannot RX, TX timeout, buffer lack and etc. (f8546145)
It is an ESP specific FreeRTOS feature that the ISR is always executed
on the core which calls the interrupt register function. In the SPI
driver, the function is always called in the bus initialization
function.
Hence, the ISR will be executed on the core which initialize the driver.
If the core is starved due to higher priority ISRs, or the interrupt is
disabled on the core (spinlock called, etc.), the ISR will not get
executed and SPI transactions will not be handled.
(MINOR CHANGE)
Resolves https://github.com/espressif/esp-idf/issues/2432.
The MISO signal will be delayed if the GPIO matrix is enabled.
However, delay also comes from the slave.
Previous code only considers the former case, and assume the frequency
limitations is only violated when GPIO matrix is used.
Now we are able to calculate the freq limit when extenal MISO delay is
given (feature introduced in 9c6c6ec34ab0641ace89aeb9b1a133eb6fae1a18).
The frequency limit is lower when the external MISO delay is large, and
the limit is likely to be violated even with IOMUX.
Resolves https://github.com/espressif/esp-idf/issues/2690.
1. If L2_TO_L3_RX_BUF_MODE is not selected, we must assign l2_owner explictly before we call pbuf_free.
2. free intr resource in esp_eth_deinit
Closes https://github.com/espressif/esp-idf/issues/2670
1. fix ap_loss that occurs when the parent turns off the mesh function and becomes a normal WiFi with a different SSID.
2. add an event MESH_EVENT_NETWORK_STATE that contains information about whether there is a root in the current network.
3. modify the mechanism of mesh IE update.
4. fix a problem in the process of re-voting to select the root, the device that does not meet the conditions of being a root votes for itself.
5. fix an issue that occurs in esp_mesh_recv_toDS() when stopping the mesh.
6. when the user specifies a parent for the device, the device will set the authmode and password of its AP mode to the same value as the specified parent.
7. add two disconnected reason codes MESH_REASON_EMPTY_PASSWORD and MESH_REASON_PARENT_UNENCRYPTED.
This commit resolves a blocking in esp_aes_block function.
Introduce:
The problem was in the fact that AES is switched off at the moment when he should give out the processed data. But because of the disabled, the operation can not be completed successfully, there is an infinite hang. The reason for this behavior is that the registers for controlling the inclusion of AES, SHA, MPI have shared registers and they were not protected from sharing.
Fix some related issue with shared using of AES SHA RSA accelerators.
Closes: https://github.com/espressif/esp-idf/issues/2295#issuecomment-432898137
When light sleep is finished on one CPU, it is possible that the other
CPU will enter light sleep again very soon, before interrupts on the
first CPU get a chance to run. To avoid such situation, set a flag
for the other CPU to skip light sleep attempt.
Tickless idle/light sleep procedure had a bug in single core mode.
Consider the flow of events:
1. Idle task runs and calls vApplicationIdleHook
2. This calls esp_vApplicationIdleHook, which calls esp_pm_impl_idle_hook, and pm lock for RTOS on the current core is released.
3. Then esp_vApplicationIdleHook calls esp_pm_impl_waiti, which checks that s_entered_light_sleep[core_id]==false and goes into waiti state.
4. Some interrupt happens, calls esp_pm_impl_isr_hook, which takes pm lock for RTOS. PM state goes back to CPU_FREQ_MAX.
5. Once the interrupt is over, vApplicationIdleHook returns, and Idle task continues to run, finally reaching the call to vApplicationSleep.
6. vApplicationSleep does not enter light sleep, because esp_pm_impl_isr_hook has already changed PM state from IDLE to CPU_FREQ_MAX.
This didn’t happen in dual core mode, because waiti state of one CPU was interrupted by CCOMPARE update interrupt from the other CPU, in which case PM lock for FreeRTOS was not taken.
Fix by inverting the meaning of the flag (for convenience) and only setting it to true when vApplicationSleep actually fails to enter light sleep.
Having two different spinlocks is problematic due to possibly
different order in which the locks will be taken. Changing the order
would require significant restructuring of kernel code which is
undesirable.
An additional place where taking xTickCountMutex was needed was in
vApplicationSleep function. Not taking xTickCountMutex resulted in
other CPU sometimes possibly advancing tick count while light sleep
entry/exit was happening. Taking xTickCountMutex in addition to
xTaskQueueMutex has shown a problem that in different code paths,
these two spinlocks could be taken in different order, leading to
(unlikely, but possible) deadlocks.
1. When WIFI task or other high priority task blocks the Bluetooth task, ACL RX buffer will use up, ACL RX buffer ptr will point to null and will never point to a valid adress. Causing errors in Bluetooth.
2. hcimsgs.h used whether flow control is on or off
There's still a small chance that can't process command issue still
happen on some runners. Now we change the way to detect if the runner
reset finished: input `-` to check test history for a few times until it
succeeded. If DUT can process check history command, then it should be
able to process other test commands.
The latest support policy for ESP-IDF can be found at [https://github.com/espressif/esp-idf/blob/master/SUPPORT_POLICY.md](https://github.com/espressif/esp-idf/blob/master/SUPPORT_POLICY.md)
Support Period Policy
=====================
Each ESP-IDF major and minor release (V4.0, V4.1, etc) is supported for
18 months after the initial stable release date.
Supported means that the ESP-IDF team will continue to apply bug fixes,
security fixes, etc to the release branch on GitHub, and periodically
make new bugfix releases as needed.
Users are encouraged to upgrade to a newer ESP-IDF release before the
support period finishes and the release becomes End of Life (EOL). It is
our policy to not continue fixing bugs in End of Life releases.
Pre-release versions (betas, previews, `-rc` and `-dev` versions, etc)
are not covered by any support period. Sometimes a particular feature is
marked as \"Preview\" in a release, which means it is also not covered
by the support period.
The ESP-IDF Programming Guide has information about the
[different versions of ESP-IDF](https://docs.espressif.com/projects/esp-idf/en/latest/versions.html)
(major, minor, bugfix, etc).
Long Term Support releases
--------------------------
Some releases (starting with ESP-IDF V3.3) are designated Long Term
Support (LTS). LTS releases are supported for 30 months (2.5 years)
after the initial stable release date.
A new LTS release will be made at least every 18 months. This means
there will always be a period of at least 12 months to upgrade from the
previous LTS release to the following LTS release.
Example
-------
ESP-IDF V3.3 was released in September 2019 and is a Long Term Support
(LTS) release, meaning it will be supported for 30 months until February
2022.
- The first V3.3 release was `v3.3` in September 2019.
- The ESP-IDF team continues to backport bug fixes, security fixes,
etc to the release branch `release/v3.3`.
- Periodically stable bugfix releases are created from the release
branch. For example `v3.3.1`, `v3.3.2`, etc. Users are encouraged to
always update to the latest bugfix release.
- V3.3 bugfix releases continue until February 2022, when all V3.3.x
releases become End of Life.
Existing Releases
-----------------
ESP-IDF release V3.3 and all newer releases will follow this support
period policy. The support period for each release will be announced
when the release is made.
For releases made before the support period policy was announced,
the following support periods apply:
- ESP-IDF V3.1.x and V3.2.x will both be supported until October 2020.
- ESP-IDF V3.0.9 (planned for October 2019) will be the last V3.0
bugfix release. ESP-IDF V3.0.x is End of Life from October 2019.
- ESP-IDF versions before V3.0 are already End of Life.
// In general tracing goes in the following way. User aplication requests tracing module to send some data by calling esp_apptrace_buffer_get(),
// In general tracing goes in the following way. User application requests tracing module to send some data by calling esp_apptrace_buffer_get(),
// module allocates necessary buffer in current input trace block. Then user fills received buffer with data and calls esp_apptrace_buffer_put().
// When current input trace block is filled with app data it is exposed to host and the second block becomes input one and buffer filling restarts.
// While target application fills one TRAX block host reads another one via JTAG.
@@ -62,7 +62,7 @@
// 21..15 bits - trace memory block transfer ID. Block counter. It can overflow. Updated by target, host should not modify it. Actually can be 2 bits;
// 22 bit - 'host data present' flag. If set to one there is data from host, otherwise - no host data;
// 23 bit - 'host connected' flag. If zero then host is not connected and tracing module works in post-mortem mode, otherwise in streaming mode;
// - Status register uses TRAX_TRIGGERPC as storage. If this register is not zero then currentlly CPU is changing TRAX registers and
// - Status register uses TRAX_TRIGGERPC as storage. If this register is not zero then current CPU is changing TRAX registers and
// this register holds address of the instruction which application will execute when it finishes with those registers modifications.
// See 'Targets Connection' setion for details.
@@ -87,7 +87,7 @@
// 4.1 Trace Memory Blocks
// -----------------------
// Communication is controlled via special register. Host periodically polls control register on each core to find out if there are any data avalable.
// Communication is controlled via special register. Host periodically polls control register on each core to find out if there are any data available.
// When current input memory block is filled it is exposed to host and 'block_len' and 'block_id' fields are updated in the control register.
// Host reads new register value and according to it's value starts reading data from exposed block. Meanwhile target starts filling another trace block.
// When host finishes reading the block it clears 'block_len' field in control register indicating to the target that it is ready to accept the next one.
@@ -102,9 +102,9 @@
// multithreading environment it can happen that task/ISR which copies data is preempted by another high prio task/ISR. So it is possible situation
// that task/ISR will fail to complete filling its data chunk before the whole trace block is exposed to the host. To handle such conditions tracing
// module prepends all user data chunks with header which contains allocated buffer size and actual data length within it. OpenOCD command
// which reads application traces reports error when it reads incompleted user data block.
// Data which are transfered from host to target are also prepended with a header. Down channel data header is simple and consists of one two bytes field
// containing length of host data following the heder.
// which reads application traces reports error when it reads incomplete user data block.
// Data which are transffered from host to target are also prepended with a header. Down channel data header is simple and consists of one two bytes field
// containing length of host data following the header.
// 4.3 Data Buffering
// ------------------
@@ -141,20 +141,18 @@
// So no local task switch occurs when mutex is locked. But this does not apply to tasks on another CPU.
// WARNING: Priority inversion can happen when low prio task works on one CPU and medium and high prio tasks work on another.
// WARNING: Care must be taken when selecting timeout values for trace calls from ISRs. Tracing module does not care about watchdogs when waiting
// on internal locks and for host to complete previous block reading, so if timeout value exceedes watchdog's one it can lead to the system reboot.
// on internal locks and for host to complete previous block reading, so if timeout value exceeds watchdog's one it can lead to the system reboot.
// 6. Timeouts
// ===========
// Timeout mechanism is based on xthal_get_ccount() routine and supports timeout values in micorseconds.
// Timeout mechanism is based on xthal_get_ccount() routine and supports timeout values in microseconds.
// There are two situations when task/ISR can be delayed by tracing API call. Timeout mechanism takes into account both conditions:
// - Trace data are locked by another task/ISR. When wating on trace data lock.
// - Current TRAX memory input block is full when working in streaming mode (host is connected). When waiting for host to complete previous block reading.
// When wating for any of above conditions xthal_get_ccount() is called periodically to calculate time elapsed from trace API routine entry. When elapsed
// time exceeds specified timeout value operation is canceled and ESP_ERR_TIMEOUT code is returned.
// ALSO SEE example usage of application tracing module in 'components/app_trace/README.rst'
#define ESP_ERR_OTA_PARTITION_CONFLICT (ESP_ERR_OTA_BASE + 0x01) /*!< Error if request was to write or erase the current running partition */
#define ESP_ERR_OTA_SELECT_INFO_INVALID (ESP_ERR_OTA_BASE + 0x02) /*!< Error if OTA data partition contains invalid content */
#define ESP_ERR_OTA_VALIDATE_FAILED (ESP_ERR_OTA_BASE + 0x03) /*!< Error if OTA app image is invalid */
#define ESP_ERR_OTA_SMALL_SEC_VER (ESP_ERR_OTA_BASE + 0x04) /*!< Error if the firmware has a secure version less than the running firmware. */
#define ESP_ERR_OTA_ROLLBACK_FAILED (ESP_ERR_OTA_BASE + 0x05) /*!< Error if flash does not have valid firmware in passive partition and hence rollback is not possible */
#define ESP_ERR_OTA_ROLLBACK_INVALID_STATE (ESP_ERR_OTA_BASE + 0x06) /*!< Error if current active firmware is still marked in pending validation state (ESP_OTA_IMG_PENDING_VERIFY), essentially first boot of firmware image post upgrade and hence firmware upgrade is not possible */
/**
* @brief Opaque handle for an application OTA update
@@ -41,6 +47,24 @@ extern "C"
*/
typedefuint32_tesp_ota_handle_t;
/**
* @brief Return esp_app_desc structure. This structure includes app version.
* On success, this function allocates memory that remains in use
* until esp_ota_end() is called with the returned handle.
*
* Note: If the rollback option is enabled and the running application has the ESP_OTA_IMG_PENDING_VERIFY state then
* it will lead to the ESP_ERR_OTA_ROLLBACK_INVALID_STATE error. Confirm the running app before to run download a new app,
* use esp_ota_mark_app_valid_cancel_rollback() function for it (this should be done as early as possible when you first download a new application).
*
* @param partition Pointer to info for partition which will receive the OTA update. Required.
* @param image_size Size of new OTA app image. Partition will be erased in order to receive this size of image. If 0 or OTA_SIZE_UNKNOWN, the entire partition is erased.
* @param out_handle On success, returns a handle which should be used for subsequent esp_ota_write() and esp_ota_end() calls.
int "Maximum topic length (not including Thing Name)"
depends on AWS_IOT_SDK
default 60
range 10 1000
help
All shadow actions have to be published or subscribed to a topic which is of the format $aws/things/{thingName}/shadow/update/accepted. This refers to the size of the topic without the Thing Name
Specify how much output to see in bootloader logs.
choice LOG_BOOTLOADER_LEVEL
bool "Bootloader log verbosity"
default LOG_BOOTLOADER_LEVEL_INFO
help
Specify how much output to see in bootloader logs.
config LOG_BOOTLOADER_LEVEL_NONE
bool "No output"
config LOG_BOOTLOADER_LEVEL_ERROR
bool "Error"
config LOG_BOOTLOADER_LEVEL_WARN
bool "Warning"
config LOG_BOOTLOADER_LEVEL_INFO
bool "Info"
config LOG_BOOTLOADER_LEVEL_DEBUG
bool "Debug"
config LOG_BOOTLOADER_LEVEL_VERBOSE
bool "Verbose"
endchoice
config LOG_BOOTLOADER_LEVEL_NONE
bool "No output"
config LOG_BOOTLOADER_LEVEL_ERROR
bool "Error"
config LOG_BOOTLOADER_LEVEL_WARN
bool "Warning"
config LOG_BOOTLOADER_LEVEL_INFO
bool "Info"
config LOG_BOOTLOADER_LEVEL_DEBUG
bool "Debug"
config LOG_BOOTLOADER_LEVEL_VERBOSE
bool "Verbose"
endchoice
config LOG_BOOTLOADER_LEVEL
int
default 0 if LOG_BOOTLOADER_LEVEL_NONE
default 1 if LOG_BOOTLOADER_LEVEL_ERROR
default 2 if LOG_BOOTLOADER_LEVEL_WARN
default 3 if LOG_BOOTLOADER_LEVEL_INFO
default 4 if LOG_BOOTLOADER_LEVEL_DEBUG
default 5 if LOG_BOOTLOADER_LEVEL_VERBOSE
config LOG_BOOTLOADER_LEVEL
int
default 0 if LOG_BOOTLOADER_LEVEL_NONE
default 1 if LOG_BOOTLOADER_LEVEL_ERROR
default 2 if LOG_BOOTLOADER_LEVEL_WARN
default 3 if LOG_BOOTLOADER_LEVEL_INFO
default 4 if LOG_BOOTLOADER_LEVEL_DEBUG
default 5 if LOG_BOOTLOADER_LEVEL_VERBOSE
config BOOTLOADER_SPI_WP_PIN
int "SPI Flash WP Pin when customising pins via efuse (read help)"
range 0 33
default 7
depends on FLASHMODE_QIO || FLASHMODE_QOUT
help
This value is ignored unless flash mode is set to QIO or QOUT *and* the SPI flash pins have been
overriden by setting the efuses SPI_PAD_CONFIG_xxx.
config BOOTLOADER_SPI_WP_PIN
int "SPI Flash WP Pin when customising pins via eFuse (read help)"
range 0 33
default 7
depends on FLASHMODE_QIO || FLASHMODE_QOUT
help
This value is ignored unless flash mode is set to QIO or QOUT *and* the SPI flash pins have been
overriden by setting the eFuses SPI_PAD_CONFIG_xxx.
When this is the case, the Efuse config only defines 3 of the 4 Quad I/O data pins. The WP pin (aka ESP32
pin "SD_DATA_3" or SPI flash pin "IO2") is not specified in Efuse. That pin number is compiled into the bootloader
instead.
When this is the case, the eFuse config only defines 3 of the 4 Quad I/O data pins. The WP pin (aka ESP32
pin "SD_DATA_3" or SPI flash pin "IO2") is not specified in eFuse. That pin number is compiled into the
bootloader instead.
The default value (GPIO 7) is correct for WP pin on ESP32-D2WD integrated flash.
The default value (GPIO 7) is correct for WP pin on ESP32-D2WD integrated flash.
choice BOOTLOADER_VDDSDIO_BOOST
bool "VDDSDIO LDO voltage"
default BOOTLOADER_VDDSDIO_BOOST_1_9V
help
If this option is enabled, and VDDSDIO LDO is set to 1.8V (using EFUSE
or MTDI bootstrapping pin), bootloader will change LDO settings to
output 1.9V instead. This helps prevent flash chip from browning out
during flash programming operations.
choice BOOTLOADER_VDDSDIO_BOOST
bool "VDDSDIO LDO voltage"
default BOOTLOADER_VDDSDIO_BOOST_1_9V
help
If this option is enabled, and VDDSDIO LDO is set to 1.8V (using eFuse
or MTDI bootstrapping pin), bootloader will change LDO settings to
output 1.9V instead. This helps prevent flash chip from browning out
during flash programming operations.
This option has no effect if VDDSDIO is set to 3.3V, or if the internal
VDDSDIO regulator is disabled via efuse.
This option has no effect if VDDSDIO is set to 3.3V, or if the internal
VDDSDIO regulator is disabled via eFuse.
config BOOTLOADER_VDDSDIO_BOOST_1_8V
bool "1.8V"
depends on !ESPTOOLPY_FLASHFREQ_80M
config BOOTLOADER_VDDSDIO_BOOST_1_9V
bool "1.9V"
endchoice
config BOOTLOADER_VDDSDIO_BOOST_1_8V
bool "1.8V"
depends on !ESPTOOLPY_FLASHFREQ_80M
config BOOTLOADER_VDDSDIO_BOOST_1_9V
bool "1.9V"
endchoice
config BOOTLOADER_FACTORY_RESET
bool "GPIO triggers factory reset"
default N
help
Allows to reset the device to factory settings:
- clear one or more data partitions;
- boot from "factory" partition.
The factory reset will occur if there is a GPIO input pulled low while device starts up.
See settings below.
config BOOTLOADER_FACTORY_RESET
bool "GPIO triggers factory reset"
default N
help
Allows to reset the device to factory settings:
- clear one or more data partitions;
- boot from "factory" partition.
The factory reset will occur if there is a GPIO input pulled low while device starts up.
See settings below.
config BOOTLOADER_NUM_PIN_FACTORY_RESET
int "Number of the GPIO input for factory reset"
depends on BOOTLOADER_FACTORY_RESET
range 0 39
default 4
help
The selected GPIO will be configured as an input with internal pull-up enabled.
To trigger a factory reset, this GPIO must be pulled low on reset.
Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
config BOOTLOADER_NUM_PIN_FACTORY_RESET
int "Number of the GPIO input for factory reset"
depends on BOOTLOADER_FACTORY_RESET
range 0 39
default 4
help
The selected GPIO will be configured as an input with internal pull-up enabled.
To trigger a factory reset, this GPIO must be pulled low on reset.
Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
config BOOTLOADER_OTA_DATA_ERASE
bool "Clear OTA data on factory reset (select factory partition)"
depends on BOOTLOADER_FACTORY_RESET
help
The device will boot from "factory" partition (or OTA slot 0 if no factory partition is present) after a factory reset.
config BOOTLOADER_OTA_DATA_ERASE
bool "Clear OTA data on factory reset (select factory partition)"
depends on BOOTLOADER_FACTORY_RESET
help
The device will boot from "factory" partition (or OTA slot 0 if no factory partition is present) after a
factory reset.
config BOOTLOADER_DATA_FACTORY_RESET
string "Comma-separated names of partitions to clear on factory reset"
depends on BOOTLOADER_FACTORY_RESET
default "nvs"
help
Allows customers to select which data partitions will be erased while factory reset.
Specify the names of partitions as a comma-delimited with optional spaces for readability. (Like this: "nvs, phy_init, ...")
Make sure that the name specified in the partition table and here are the same.
Partitions of type "app" cannot be specified here.
config BOOTLOADER_DATA_FACTORY_RESET
string "Comma-separated names of partitions to clear on factory reset"
depends on BOOTLOADER_FACTORY_RESET
default "nvs"
help
Allows customers to select which data partitions will be erased while factory reset.
config BOOTLOADER_APP_TEST
bool "GPIO triggers boot from test app partition"
default N
help
Allows to run the test app from "TEST" partition.
A boot from "test" partition will occur if there is a GPIO input pulled low while device starts up.
See settings below.
Specify the names of partitions as a comma-delimited with optional spaces for readability. (Like this:
"nvs, phy_init, ...")
Make sure that the name specified in the partition table and here are the same.
Partitions of type "app" cannot be specified here.
config BOOTLOADER_NUM_PIN_APP_TEST
int "Number of the GPIO input to boot TEST partition"
depends on BOOTLOADER_APP_TEST
range 0 39
default 18
help
The selected GPIO will be configured as an input with internal pull-up enabled.
To trigger a test app, this GPIO must be pulled low on reset.
After the GPIO input is deactivated and the device reboots, the old application will boot.
(factory or OTA[x]).
Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
config BOOTLOADER_APP_TEST
bool "GPIO triggers boot from test app partition"
default N
help
Allows to run the test app from "TEST" partition.
A boot from "test" partition will occur if there is a GPIO input pulled low while device starts up.
See settings below.
config BOOTLOADER_HOLD_TIME_GPIO
int "Hold time of GPIO for reset/test mode (seconds)"
depends on BOOTLOADER_FACTORY_RESET || BOOTLOADER_APP_TEST
default 5
help
The GPIO must be held low continuously for this period of time after reset
before a factory reset or test partition boot (as applicable) is performed.
config BOOTLOADER_NUM_PIN_APP_TEST
int "Number of the GPIO input to boot TEST partition"
depends on BOOTLOADER_APP_TEST
range 0 39
default 18
help
The selected GPIO will be configured as an input with internal pull-up enabled.
To trigger a test app, this GPIO must be pulled low on reset.
After the GPIO input is deactivated and the device reboots, the old application will boot.
(factory or OTA[x]).
Note that GPIO34-39 do not have an internal pullup and an external one must be provided.
config BOOTLOADER_WDT_ENABLE
bool "Use RTC watchdog in start code"
default y
help
Tracks the execution time of startup code.
If the execution time is exceeded, the RTC_WDT will restart system.
It is also useful to prevent a lock up in start code caused by an unstable power source.
NOTE: Tracks the execution time starts from the bootloader code - re-set timeout, while selecting the source for slow_clk - and ends calling app_main.
Re-set timeout is needed due to WDT uses a SLOW_CLK clock source. After changing a frequency slow_clk a time of WDT needs to re-set for new frequency.
slow_clk depends on ESP32_RTC_CLOCK_SOURCE (INTERNAL_RC or EXTERNAL_CRYSTAL).
config BOOTLOADER_HOLD_TIME_GPIO
int "Hold time of GPIO for reset/test mode (seconds)"
depends on BOOTLOADER_FACTORY_RESET || BOOTLOADER_APP_TEST
default 5
help
The GPIO must be held low continuously for this period of time after reset
before a factory reset or test partition boot (as applicable) is performed.
config BOOTLOADER_WDT_DISABLE_IN_USER_CODE
bool "Allows RTC watchdog disable in user code"
depends on BOOTLOADER_WDT_ENABLE
default n
help
If it is set, the client must itself reset or disable rtc_wdt in their code (app_main()).
Otherwise rtc_wdt will be disabled before calling app_main function.
Use function rtc_wdt_feed() for resetting counter of rtc_wdt.
Use function rtc_wdt_disable() for disabling rtc_wdt.
config BOOTLOADER_WDT_ENABLE
bool "Use RTC watchdog in start code"
default y
help
Tracks the execution time of startup code.
If the execution time is exceeded, the RTC_WDT will restart system.
It is also useful to prevent a lock up in start code caused by an unstable power source.
NOTE: Tracks the execution time starts from the bootloader code - re-settimeout, while selecting the
source for slow_clk - and ends calling app_main.
Re-set timeout is needed due to WDT uses a SLOW_CLK clock source. After changing a frequency slow_clk a
time of WDT needs to re-set for new frequency.
slow_clk depends on ESP32_RTC_CLOCK_SOURCE (INTERNAL_RC or EXTERNAL_CRYSTAL).
config BOOTLOADER_WDT_TIME_MS
int "Timeout for RTC watchdog (ms)"
depends on BOOTLOADER_WDT_ENABLE
default 9000
range 0 120000
help
Verify that this parameter is correct and more then the execution time.
Pay attention to options such as reset to factory, trigger test partition and encryption on boot
- these options can increase the execution time.
Note: RTC_WDT will reset while encryption operations will be performed.
config BOOTLOADER_WDT_DISABLE_IN_USER_CODE
bool "Allows RTC watchdog disable in user code"
depends on BOOTLOADER_WDT_ENABLE
default n
help
If it is set, the client must itself reset or disable rtc_wdt in their code (app_main()).
Otherwise rtc_wdt will be disabled before calling app_main function.
Use function rtc_wdt_feed() for resetting counter of rtc_wdt.
Use function rtc_wdt_disable() for disabling rtc_wdt.
config BOOTLOADER_WDT_TIME_MS
int "Timeout for RTC watchdog (ms)"
depends on BOOTLOADER_WDT_ENABLE
default 9000
range 0 120000
help
Verify that this parameter is correct and more then the execution time.
Pay attention to options such as reset to factory, trigger test partition and encryption on boot
- these options can increase the execution time.
Note: RTC_WDT will reset while encryption operations will be performed.
config APP_ROLLBACK_ENABLE
bool "Enable app rollback support"
default n
help
After updating the app, the bootloader runs a new app with the "ESP_OTA_IMG_PENDING_VERIFY" state set.
This state prevents the re-run of this app. After the first boot of the new app in the user code, the
function should be called to confirm the operability of the app or vice versa about its non-operability.
If the app is working, then it is marked as valid. Otherwise, it is marked as not valid and rolls back to
the previous working app. A reboot is performed, and the app is booted before the software update.
Note: If during the first boot a new app the power goes out or the WDT works, then roll back will happen.
Rollback is possible only between the apps with the same security versions.
config APP_ANTI_ROLLBACK
bool "Enable app anti-rollback support"
depends on APP_ROLLBACK_ENABLE
default n
help
This option prevents rollback to previous firmware/application image with lower security version.
config APP_SECURE_VERSION
int "eFuse secure version of app"
depends on APP_ANTI_ROLLBACK
default 0
help
The secure version is the sequence number stored in the header of each firmware.
The security version is set in the bootloader, version is recorded in the eFuse field
as the number of set ones. The allocated number of bits in the efuse field
for storing the security version is limited (see APP_SECURE_VERSION_SIZE_EFUSE_FIELD option).
Bootloader: When bootloader selects an app to boot, an app is selected that has
a security version greater or equal that recorded in eFuse field.
The app is booted with a higher (or equal) secure version.
The security version is worth increasing if in previous versions there is
a significant vulnerability and their use is not acceptable.
Your partition table should has a scheme with ota_0 + ota_1 (without factory).
config APP_SECURE_VERSION_SIZE_EFUSE_FIELD
int "Size of the efuse secure version field"
depends on APP_ANTI_ROLLBACK
range 1 32
default 32
help
The size of the efuse secure version field. Its length is limited to 32 bits.
This determines how many times the security version can be increased.
config EFUSE_SECURE_VERSION_EMULATE
bool "Emulate operations with efuse secure version(only test)"
default n
depends on APP_ANTI_ROLLBACK
help
This option allow emulate read/write operations with efuse secure version.
It allow to test anti-rollback implemention without permanent write eFuse bits.
In partition table should be exist this partition `emul_efuse, data, 5, , 0x2000`.
endmenu # Bootloader
menu "Security features"
visible if !IDF_CMAKE
# These three are the actual options to check in code,
# selected by the displayed options
config SECURE_SIGNED_ON_BOOT
bool
default y
depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
config SECURE_SIGNED_ON_UPDATE
bool
default y
depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
config SECURE_SIGNED_APPS
bool
default y
depends on SECURE_SIGNED_ON_BOOT || SECURE_SIGNED_ON_UPDATE
config SECURE_SIGNED_APPS_NO_SECURE_BOOT
bool "Require signed app images"
default n
depends on !SECURE_BOOT_ENABLED
help
Require apps to be signed to verify their integrity.
This option uses the same app signature scheme as hardware secure boot, but unlike hardware secure boot it
does not prevent the bootloader from being physically updated. This means that the device can be secured
against remote network access, but not physical access. Compared to using hardware Secure Boot this option
is much simpler to implement.
config SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
bool "Bootloader verifies app signatures"
default n
depends on SECURE_SIGNED_APPS_NO_SECURE_BOOT
help
If this option is set, the bootloader will be compiled with code to verify that an app is signed before
booting it.
If hardware secure boot is enabled, this option is always enabled and cannot be disabled.
If hardware secure boot is not enabled, this option doesn't add significant security by itself so most
users will want to leave it disabled.
config SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
bool "Verify app signature on update"
default y
depends on SECURE_SIGNED_APPS_NO_SECURE_BOOT
help
If this option is set, any OTA updated apps will have the signature verified before being considered valid.
When enabled, the signature is automatically checked whenever the esp_ota_ops.h APIs are used for OTA
updates, or esp_image_format.h APIs are used to verify apps.
If hardware secure boot is enabled, this option is always enabled and cannot be disabled.
If hardware secure boot is not enabled, this option still adds significant security against network-based
attackers by preventing spoofing of OTA updates.
config SECURE_BOOT_ENABLED
bool "Enable hardware secure boot in bootloader (READ DOCS FIRST)"
default n
help
Build a bootloader which enables secure boot on first boot.
Once enabled, secure boot will not boot a modified bootloader. The bootloader will only load a partition
table or boot an app if the data has a verified digital signature. There are implications for reflashing
updated apps once secure boot is enabled.
When enabling secure boot, JTAG and ROM BASIC Interpreter are permanently disabled by default.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
choice SECURE_BOOTLOADER_MODE
bool "Secure bootloader mode"
depends on SECURE_BOOT_ENABLED
default SECURE_BOOTLOADER_ONE_TIME_FLASH
# These three are the actual options to check in code,
# selected by the displayed options
config SECURE_SIGNED_ON_BOOT
bool
default y
depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
config SECURE_BOOTLOADER_ONE_TIME_FLASH
bool "One-time flash"
help
On first boot, the bootloader will generate a key which is not readable externally or by software. A
digest is generated from the bootloader image itself. This digest will be verified on each subsequent
boot.
Enabling this option means that the bootloader cannot be changed after the first time it is booted.
config SECURE_SIGNED_ON_UPDATE
bool
default y
depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
config SECURE_BOOTLOADER_REFLASHABLE
bool "Reflashable"
help
Generate a reusable secure bootloader key, derived (via SHA-256) from the secure boot signing key.
config SECURE_SIGNED_APPS
bool
default y
depends on SECURE_SIGNED_ON_BOOT || SECURE_SIGNED_ON_UPDATE
This allows the secure bootloader to be re-flashed by anyone with access to the secure boot signing
key.
This option is less secure than one-time flash, because a leak of the digest key from one device
allows reflashing of any device that uses it.
endchoice
config SECURE_BOOT_BUILD_SIGNED_BINARIES
bool "Sign binaries during build"
depends on SECURE_SIGNED_APPS
default y
help
Once secure boot or signed app requirement is enabled, app images are required to be signed.
config SECURE_SIGNED_APPS_NO_SECURE_BOOT
bool "Require signed app images"
default n
depends on !SECURE_BOOT_ENABLED
help
Require apps to be signed to verify their integrity.
If enabled (default), these binary files are signed as part of the build process. The file named in
"Secure boot private signing key" will be used to sign the image.
This option uses the same app signature scheme as hardware secure boot, but unlike hardware secure boot it does not prevent the bootloader from being physically updated. This means that the device can be secured against remote network access, but not physical access. Compared to using hardware Secure Boot this option is much simpler to implement.
If disabled, unsigned app/partition data will be built. They must be signed manually using espsecure.py
(for example, on a remote signing server.)
config SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
bool "Bootloader verifies app signatures"
default n
depends on SECURE_SIGNED_APPS_NO_SECURE_BOOT
help
If this option is set, the bootloader will be compiled with code to verify that an app is signed before booting it.
config SECURE_BOOT_SIGNING_KEY
string "Secure boot private signing key"
depends on SECURE_BOOT_BUILD_SIGNED_BINARIES
default secure_boot_signing_key.pem
help
Path to the key file used to sign app images.
If hardware secure boot is enabled, this option is always enabled and cannot be disabled.
If hardware secure boot is not enabled, this option doesn't add significant security by itself so most users will want to leave it disabled.
Key file is an ECDSA private key (NIST256p curve) in PEM format.
Path is evaluated relative to the project directory.
You can generate a new signing key by running the following command:
If this option is set, any OTA updated apps will have the signatureverified before being considered valid.
See https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html for details.
config SECURE_BOOT_VERIFICATION_KEY
string "Secure boot public signature verification key"
depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES
default signature_verification_key.bin
help
Path to a public key file used to verify signed images. This key is compiled into the bootloader and/or
app, to verify app images.
When enabled, the signature is automatically checked whenever the esp_ota_ops.h APIs are used for OTA updates,
or esp_image_format.h APIs are used to verify apps.
Key file is in raw binary format, and can be extracted from a
PEM formatted private key using the espsecure.py
extract_public_key command.
If hardware secure boot is enabled, this option is always enabled and cannot be disabled.
If hardware secure boot is not enabled, this option still adds significant security against network-based attackers by preventing spoofing of OTA updates.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
config SECURE_BOOT_ENABLED
bool "Enable hardware secure boot in bootloader (READ DOCS FIRST)"
default n
help
Build a bootloader which enables secure boot on first boot.
choice SECURE_BOOTLOADER_KEY_ENCODING
bool "Hardware Key Encoding"
depends on SECURE_BOOTLOADER_REFLASHABLE
default SECURE_BOOTLOADER_NO_ENCODING
help
Once enabled, secure boot will not boot a modified bootloader. The bootloader will only load a partition table or boot an app if the data has a verified digital signature. There are implications for reflashing updated apps once secure boot is enabled.
In reflashable secure bootloader mode, a hardware key is derived from the signing key (with SHA-256) and
can be written to eFuse with espefuse.py.
When enabling secure boot, JTAG and ROM BASIC Interpreter are permanently disabled by default.
Normally this is a 256-bit key, but if 3/4 Coding Scheme is used on the device then the eFuse key is
truncated to 192 bits.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
This configuration item doesn't change any firmware code, it only changes the size of key binary which is
generated at build time.
config SECURE_BOOTLOADER_KEY_ENCODING_256BIT
bool "No encoding (256 bit key)"
config SECURE_BOOTLOADER_KEY_ENCODING_192BIT
bool "3/4 encoding (192 bit key)"
choice SECURE_BOOTLOADER_MODE
bool "Secure bootloader mode"
depends on SECURE_BOOT_ENABLED
default SECURE_BOOTLOADER_ONE_TIME_FLASH
endchoice
config SECURE_BOOT_INSECURE
bool "Allow potentially insecure options"
depends on SECURE_BOOT_ENABLED
default N
help
You can disable some of the default protections offered by secure boot, in order to enable testing or a
custom combination of security features.
Only enable these options if you are very sure.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
config FLASH_ENCRYPTION_ENABLED
bool "Enable flash encryption on boot (READ DOCS FIRST)"
default N
help
If this option is set, flash contents will be encrypted by the bootloader on first boot.
Note: After first boot, the system will be permanently encrypted. Re-flashing an encrypted
system is complicated and not always possible.
Read https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html before enabling.
config FLASH_ENCRYPTION_INSECURE
bool "Allow potentially insecure options"
depends on FLASH_ENCRYPTION_ENABLED
default N
help
You can disable some of the default protections offered by flash encryption, in order to enable testing or
a custom combination of security features.
Only enable these options if you are very sure.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html and
https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html for details.
menu "Potentially insecure options"
visible if FLASH_ENCRYPTION_INSECURE || SECURE_BOOT_INSECURE
# NOTE: Options in this menu NEED to have SECURE_BOOT_INSECURE
# and/or FLASH_ENCRYPTION_INSECURE in "depends on", as the menu
# itself doesn't enable/disable its children (if it's not set,
# it's possible for the insecure menu to be disabled but the insecure option
# to remain on which is very bad.)
config SECURE_BOOT_ALLOW_ROM_BASIC
bool "Leave ROM BASIC Interpreter available on reset"
depends on SECURE_BOOT_INSECURE || FLASH_ENCRYPTION_INSECURE
default N
help
By default, the BASIC ROM Console starts on reset if no valid bootloader is
read from the flash.
When either flash encryption or secure boot are enabled, the default is to
disable this BASIC fallback mode permanently via eFuse.
If this option is set, this eFuse is not burned and the BASIC ROM Console may
remain accessible. Only set this option in testing environments.
config SECURE_BOOT_ALLOW_JTAG
bool "Allow JTAG Debugging"
depends on SECURE_BOOT_INSECURE || FLASH_ENCRYPTION_INSECURE
default N
help
If not set (default), the bootloader will permanently disable JTAG (across entire chip) on first boot
when either secure boot or flash encryption is enabled.
Setting this option leaves JTAG on for debugging, which negates all protections of flash encryption
and some of the protections of secure boot.
Only set this option in testing environments.
config SECURE_BOOT_ALLOW_SHORT_APP_PARTITION
bool "Allow app partition length not 64KB aligned"
depends on SECURE_BOOT_INSECURE
help
If not set (default), app partition size must be a multiple of 64KB. App images are padded to 64KB
length, and the bootloader checks any trailing bytes after the signature (before the next 64KB
boundary) have not been written. This is because flash cache maps entire 64KB pages into the address
space. This prevents an attacker from appending unverified data after the app image in the flash,
causing it to be mapped into the address space.
Setting this option allows the app partition length to be unaligned, and disables padding of the app
image to this length. It is generally not recommended to set this option, unless you have a legacy
partitioning scheme which doesn't support 64KB aligned partition lengths.
If not set (default), the bootloader will permanently disable UART bootloader flash cache access on
first boot. If set, the UART bootloader will still be able to access the flash cache.
Only set this option in testing environments.
endmenu # Potentially Insecure
config FLASH_ENCRYPTION_DISABLE_PLAINTEXT
bool "Disable serial reflashing of plaintext firmware"
depends on FLASH_ENCRYPTION_ENABLED
default y if SECURE_BOOT_ENABLED
default n if !SECURE_BOOT_ENABLED
help
If this option is enabled, flash encryption is permanently enabled after first boot by write-protecting
the FLASH_CRYPT_CNT efuse. This is the recommended configuration for a secure production system.
If this option is disabled, FLASH_CRYPT_CNT is left writeable and up to 4 plaintext re-flashes are allowed.
An attacker with physical access will be able to read out encrypted flash contents until all plaintext
re-flashes have been used up.
If this option is disabled and hardware Secure Boot is enabled, Secure Boot must be configured in
Reflashable mode so that a new Secure Boot digest can be flashed at the same time as plaintext firmware.
This combination is not secure and should not be used for a production system.
config SECURE_BOOTLOADER_ONE_TIME_FLASH
bool "One-time flash"
help
On first boot, the bootloader will generate a key which is not readable externally or by software. A digest is generated from the bootloader image itself. This digest will be verified on each subsequent boot.
Enabling this option means that the bootloader cannot be changed after the first time it is booted.
config SECURE_BOOTLOADER_REFLASHABLE
bool "Reflashable"
help
Generate a reusable secure bootloader key, derived (via SHA-256) from the secure boot signing key.
This allows the secure bootloader to be re-flashed by anyone with access to the secure boot signing key.
This option is less secure than one-time flash, because a leak of the digest key from one device allows reflashing of any device that uses it.
endchoice
config SECURE_BOOT_BUILD_SIGNED_BINARIES
bool "Sign binaries during build"
depends on SECURE_SIGNED_APPS
default y
help
Once secure boot or signed app requirement is enabled, app images are required to be signed.
If enabled (default), these binary files are signed as part of the build process. The file named in "Secure boot private signing key" will be used to sign the image.
If disabled, unsigned app/partition data will be built. They must be signed manually using espsecure.py (for example, on a remote signing server.)
config SECURE_BOOT_SIGNING_KEY
string "Secure boot private signing key"
depends on SECURE_BOOT_BUILD_SIGNED_BINARIES
default secure_boot_signing_key.pem
help
Path to the key file used to sign app images.
Key file is an ECDSA private key (NIST256p curve) in PEM format.
Path is evaluated relative to the project directory.
You can generate a new signing key by running the following command:
string "Secure boot public signature verification key"
depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES
default signature_verification_key.bin
help
Path to a public key file used to verify signed images. This key is compiled into the bootloader and/or app,
to verify app images.
Key file is in raw binary format, and can be extracted from a
PEM formatted private key using the espsecure.py
extract_public_key command.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
choice SECURE_BOOTLOADER_KEY_ENCODING
bool "Hardware Key Encoding"
depends on SECURE_BOOTLOADER_REFLASHABLE
default SECURE_BOOTLOADER_NO_ENCODING
help
In reflashable secure bootloader mode, a hardware key is derived from the signing key (with SHA-256) and can be written to efuse
with espefuse.py.
Normally this is a 256-bit key, but if 3/4 Coding Scheme is used on the device then the efuse key is truncated to 192 bits.
This configuration item doesn't change any firmware code, it only changes the size of key binary which is generated at build time.
config SECURE_BOOTLOADER_KEY_ENCODING_256BIT
bool "No encoding (256 bit key)"
config SECURE_BOOTLOADER_KEY_ENCODING_192BIT
bool "3/4 encoding (192 bit key)"
endchoice
config SECURE_BOOT_INSECURE
bool "Allow potentially insecure options"
depends on SECURE_BOOT_ENABLED
default N
help
You can disable some of the default protections offered by secure boot, in order to enable testing or a custom combination of security features.
Only enable these options if you are very sure.
Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
config FLASH_ENCRYPTION_ENABLED
bool "Enable flash encryption on boot (READ DOCS FIRST)"
default N
help
If this option is set, flash contents will be encrypted by the bootloader on first boot.
Note: After first boot, the system will be permanently encrypted. Re-flashing an encrypted
system is complicated and not always possible.
Read https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html before enabling.
config FLASH_ENCRYPTION_INSECURE
bool "Allow potentially insecure options"
depends on FLASH_ENCRYPTION_ENABLED
default N
help
You can disable some of the default protections offered by flash encryption, in order to enable testing or a custom combination of security features.
Only enable these options if you are very sure.
Refer to docs/security/secure-boot.rst and docs/security/flash-encryption.rst for details.
menu "Potentially insecure options"
visible if FLASH_ENCRYPTION_INSECURE || SECURE_BOOT_INSECURE
# NOTE: Options in this menu NEED to have SECURE_BOOT_INSECURE
# and/or FLASH_ENCRYPTION_INSECURE in "depends on", as the menu
# itself doesn't enable/disable its children (if it's not set,
# it's possible for the insecure menu to be disabled but the insecure option
# to remain on which is very bad.)
config SECURE_BOOT_ALLOW_ROM_BASIC
bool "Leave ROM BASIC Interpreter available on reset"
depends on SECURE_BOOT_INSECURE || FLASH_ENCRYPTION_INSECURE
default N
help
By default, the BASIC ROM Console starts on reset if no valid bootloader is
read from the flash.
When either flash encryption or secure boot are enabled, the default is to
disable this BASIC fallback mode permanently via efuse.
If this option is set, this efuse is not burned and the BASIC ROM Console may
remain accessible. Only set this option in testing environments.
config SECURE_BOOT_ALLOW_JTAG
bool "Allow JTAG Debugging"
depends on SECURE_BOOT_INSECURE || FLASH_ENCRYPTION_INSECURE
default N
help
If not set (default), the bootloader will permanently disable JTAG (across entire chip) on first boot when either secure boot or flash encryption is enabled.
Setting this option leaves JTAG on for debugging, which negates all protections of flash encryption and some of the protections of secure boot.
Only set this option in testing environments.
config SECURE_BOOT_ALLOW_SHORT_APP_PARTITION
bool "Allow app partition length not 64KB aligned"
depends on SECURE_BOOT_INSECURE
help
If not set (default), app partition size must be a multiple of 64KB. App images are padded to 64KB length, and the bootloader checks any trailing bytes after the signature (before the next 64KB boundary) have not been written. This is because flash cache maps entire 64KB pages into the address space. This prevents an attacker from appending unverified data after the app image in the flash, causing it to be mapped into the address space.
Setting this option allows the app partition length to be unaligned, and disables padding of the app image to this length. It is generally not recommended to set this option, unless you have a legacy partitioning scheme which doesn't support 64KB aligned partition lengths.
If not set (default), the bootloader will permanently disable UART bootloader encryption access on first boot. If set, the UART bootloader will still be able to access hardware encryption.
It is recommended to only set this option in testing environments.
If not set (default), the bootloader will permanently disable UART bootloader decryption access on first boot. If set, the UART bootloader will still be able to access hardware decryption.
Only set this option in testing environments. Setting this option allows complete bypass of flash encryption.
If not set (default), the bootloader will permanently disable UART bootloader flash cache access on first boot. If set, the UART bootloader will still be able to access the flash cache.
Only set this option in testing environments.
config SECURE_BOOT_TEST_MODE
bool "Secure boot test mode: don't permanently set any efuses"
depends on SECURE_BOOT_INSECURE
default N
help
If this option is set, all permanent secure boot changes (via Efuse) are disabled.
Log output will state changes which would be applied, but they will not be.
This option is for testing purposes only - it completely disables secure boot protection.
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _ESP_EFUSE_H
#define _ESP_EFUSE_H
#include"soc/efuse_reg.h"
#include"esp_err.h"
#ifdef __cplusplus
extern"C"{
#endif
/* @brief Permanently update values written to the efuse write registers
*
* After updating EFUSE_BLKx_WDATAx_REG registers with new values to
* write, call this function to permanently write them to efuse.
*
* @note Setting bits in efuse is permanent, they cannot be unset.
*
* @note Due to this restriction you don't need to copy values to
* Efuse write registers from the matching read registers, bits which
* are set in the read register but unset in the matching write
* register will be unchanged when new values are burned.
*
* @note This function is not threadsafe, if calling code updates
* efuse values from multiple tasks then this is caller's
* responsibility to serialise.
*
* After burning new efuses, the read registers are updated to match
* the new efuse values.
*/
voidesp_efuse_burn_new_values(void);
/* @brief Reset efuse write registers
*
* Efuse write registers are written to zero, to negate
* any changes that have been staged here.
*/
voidesp_efuse_reset(void);
/* @brief Disable BASIC ROM Console via efuse
*
* By default, if booting from flash fails the ESP32 will boot a
* BASIC console in ROM.
*
* Call this function (from bootloader or app) to permanently
* disable the console on this chip.
*/
voidesp_efuse_disable_basic_rom_console(void);
/* @brief Encode one or more sets of 6 byte sequences into
* 8 bytes suitable for 3/4 Coding Scheme.
*
* This function is only useful if the CODING_SCHEME efuse
* is set to value 1 for 3/4 Coding Scheme.
*
* @param[in] in_bytes Pointer to a sequence of bytes to encode for 3/4 Coding Scheme. Must have length in_bytes_len. After being written to hardware, these bytes will read back as little-endian words.
* @param[out] out_words Pointer to array of words suitable for writing to efuse write registers. Array must contain 2 words (8 bytes) for every 6 bytes in in_bytes_len. Can be a pointer to efuse write registers.
* @param in_bytes_len. Length of array pointed to by in_bytes, in bytes. Must be a multiple of 6.
*
* @return ESP_ERR_INVALID_ARG if either pointer is null or in_bytes_len is not a multiple of 6. ESP_OK otherwise.
ESP_GAP_SEARCH_INQ_DISCARD_NUM_EVT=7,/*!< The number of pkt discarded by flow control */
}esp_gap_search_evt_t;
/**
@@ -570,6 +588,34 @@ typedef enum{
ESP_BLE_WHITELIST_REMOVE=0X00,/*!< remove mac from whitelist */
ESP_BLE_WHITELIST_ADD=0X01,/*!< add address to whitelist */
}esp_ble_wl_opration_t;
typedefenum{
ESP_BLE_DUPLICATE_EXCEPTIONAL_LIST_ADD=0,/*!< Add device info into duplicate scan exceptional list */
ESP_BLE_DUPLICATE_EXCEPTIONAL_LIST_REMOVE,/*!< Remove device info from duplicate scan exceptional list */
ESP_BLE_DUPLICATE_EXCEPTIONAL_LIST_CLEAN,/*!< Clean duplicate scan exceptional list */
}esp_bt_duplicate_exceptional_subcode_type_t;
#define BLE_BIT(n) (1UL<<(n))
typedefenum{
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_INFO_ADV_ADDR=0,/*!< BLE advertising address , device info will be added into ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_ADDR_LIST */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_INFO_MESH_LINK_ID,/*!< BLE mesh link ID, it is for BLE mesh, device info will be added into ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_MESH_LINK_ID_LIST */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_INFO_MESH_BEACON_TYPE,/*!< BLE mesh beacon AD type, the format is | Len | 0x2B | Beacon Type | Beacon Data | */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_INFO_MESH_PROV_SRV_ADV,/*!< BLE mesh provisioning service uuid, the format is | 0x02 | 0x01 | flags | 0x03 | 0x03 | 0x1827 | .... |` */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_INFO_MESH_PROXY_SRV_ADV,/*!< BLE mesh adv with proxy service uuid, the format is | 0x02 | 0x01 | flags | 0x03 | 0x03 | 0x1828 | .... |` */
}esp_ble_duplicate_exceptional_info_type_t;
typedefenum{
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_ADDR_LIST=BLE_BIT(0),/*!< duplicate scan exceptional addr list */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_MESH_LINK_ID_LIST=BLE_BIT(1),/*!< duplicate scan exceptional mesh link ID list */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_MESH_BEACON_TYPE_LIST=BLE_BIT(2),/*!< duplicate scan exceptional mesh beacon type list */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_MESH_PROV_SRV_ADV_LIST=BLE_BIT(3),/*!< duplicate scan exceptional mesh adv with provisioning service uuid */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_MESH_PROXY_SRV_ADV_LIST=BLE_BIT(4),/*!< duplicate scan exceptional mesh adv with provisioning service uuid */
ESP_BLE_DUPLICATE_SCAN_EXCEPTIONAL_ALL_LIST=0xFFFF,/*!< duplicate scan exceptional all list */
esp_bt_status_tstatus;/*!< Indicate the add or remove whitelist operation success status */
esp_ble_wl_opration_twl_opration;/*!< The value is ESP_BLE_WHITELIST_ADD if add address to whitelist operation success, ESP_BLE_WHITELIST_REMOVE if remove address from the whitelist operation success */
}update_whitelist_cmpl;/*!< Event parameter of ESP_GAP_BLE_UPDATE_WHITELIST_COMPLETE_EVT */
* @brief Start device discovery. This function should be called after esp_bluedroid_enable() completes successfully.
* esp_bt_gap_cb_t will is called with ESP_BT_GAP_DISC_STATE_CHANGED_EVT if discovery is started or halted.
* esp_bt_gap_cb_t will is called with ESP_BT_GAP_DISC_RES_EVT if discovery result is got.
* @brief This function starts Inquiry and Name Discovery. It should be called after esp_bluedroid_enable() completes successfully.
* When Inquiry is halted and cached results do not contain device name, then Name Discovery will connect to the peer target to get the device name.
* esp_bt_gap_cb_t will be called with ESP_BT_GAP_DISC_STATE_CHANGED_EVT when Inquriry is started or Name Discovery is completed.
* esp_bt_gap_cb_t will be called with ESP_BT_GAP_DISC_RES_EVT each time the two types of discovery results are got.
*
* @param[in] mode - inquiry mode
* @param[in] inq_len - inquiry duration in 1.28 sec units, ranging from 0x01 to 0x30
* @param[in] num_rsps - number of inquiry responses that can be received, value 0 indicates an unlimited number of responses
* @param[in] mode - Inquiry mode
* @param[in] inq_len - Inquiry duration in 1.28 sec units, ranging from 0x01 to 0x30. This parameter only specifies the total duration of the Inquiry process,
* - when this time expires, Inquiry will be halted.
* @param[in] num_rsps - Number of responses that can be received before the Inquiry is halted, value 0 indicates an unlimited number of responses.
ESP_SPP_NO_RESOURCE/*!< No more set pm control block */
}esp_spp_status_t;
/* Security Setting Mask*/
/* Security Setting Mask, Suggest to use ESP_SPP_SEC_NONE, ESP_SPP_SEC_AUTHORIZE or ESP_SPP_SEC_AUTHENTICATE only.*/
#define ESP_SPP_SEC_NONE 0x0000 /*!< No security. relate to BTA_SEC_NONE in bta/bta_api.h */
#define ESP_SPP_SEC_AUTHORIZE 0x0001 /*!< Authorization required (only needed for out going connection ) relate to BTA_SEC_AUTHORIZE in bta/bta_api.h*/
#define ESP_SPP_SEC_AUTHENTICATE 0x0012 /*!< Authentication required. relate to BTA_SEC_AUTHENTICATE in bta/bta_api.h*/
APPL_TRACE_DEBUG("%s() wrote hash_key = %x%x%x%x, num_attr = %d, status = %d.",__func__,hash_key[0],hash_key[1],hash_key[2],hash_key[3],num_attr,status);
}
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
