espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-29 03:44:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
49,603 Commits 24 Branches 183 Tags
70da170f248ae617297b4e2835254f33bb0238ed
Commit Graph

34 Commits

Author SHA1 Message Date
Ashish Sharma e7e31d5d39 feat: migrates esp_tee to PSA APIs 2025-12-30 09:31:49 +05:30
Laukik Hase 7c24682643 feat(esp_tee): Add support for the RISC-V H/W stack guard mechanism 2025-11-24 18:49:06 +05:30
Laukik Hase bbdd1499f1 feat(esp_tee): Support for ESP32-C61 - the esp_tee component 2025-11-07 14:54:11 +05:30
Laukik Hase eb74a5f9dd feat(esp_tee): Enable MSPI tuning for Flash and PSRAM 2025-10-22 11:44:34 +05:30
Laukik Hase 466c1d66b6 refactor(esp_tee): Remove the spi_flash_erase_chip service call 
- Also fix coverity bug from TEE HMAC-PBKDF2 routine
 2025-09-30 12:22:26 +05:30
Laukik Hase 8b92f3603f fix(esp_tee): Correct flash operation bound checks to handle all overlap cases 
- Ensure bound checks correctly handle all scenarios, including
  when a requested operation's (SPI0/1) range fully contains the
  TEE-protected region.
- Disable delegation of INTWDT timeout and Cache error interrupts as they reset
  the device after the panic handler
 2025-09-30 12:22:25 +05:30
Laukik Hase c152663408 feat(esp_tee): Added support for PBKDF2-based (HMAC) ECDSA signing 2025-09-19 12:06:02 +05:30
Laukik Hase d8edbc8acf feat(esp_tee): ASM routine fixes and improvements 
- Fix incorrect setting in the edge interrupt acknowledgement API
- Avoid executing the service call dispatcher in the U-mode ecall,
  rather execute `mret` to jump it
- Avoid `t1` register corruption when processing `ecall`
- Switch back to the bootloader stack from TEE stack after the
  execution of the entire TEE initialization routine
 2025-09-16 14:57:10 +05:30
Laukik Hase 11d3a2480f feat(esp_tee): Support for ESP32-C5 - the esp_tee component 2025-08-13 14:08:58 +05:30
harshal.patil fe78370ec9 feat(mbedtls/sha): New API for setting SHA mode 2025-06-06 14:51:44 +05:30
Laukik Hase a1c6d2a458 fix(esp_tee): Fix failing SPI1 flash protection test-cases 2025-05-22 17:35:09 +08:00
Laukik Hase 958f4b8900 feat(esp_tee): Support for ESP32-H2 - the esp_tee component 2025-05-20 16:31:22 +05:30
Laukik Hase 033397b877 fix(esp_tee): Add standard newlib function stubs to resolve build warnings 
- Disable C++ exceptions for TEE build to reduce flash footprint
 2025-05-04 18:03:30 +05:30
Laukik Hase d116567a66 refactor(esp_tee): Update TEE secure storage interface APIs 2025-05-04 18:03:29 +05:30
Laukik Hase a0031cff9f refactor(esp_tee): Remove the redudant eFuse-related service calls 2025-04-17 11:04:29 +05:30
Laukik Hase 8e27be344b refactor(esp_tee): Place the secure services _ss_ layer in the flash by default 2025-04-17 11:03:16 +05:30
Laukik Hase 4a4d63d36e feat(esp_tee): Protect the ECC peripheral from REE access 2025-04-16 19:19:04 +05:30
Laukik Hase fc4802c0d6 feat(esp_tee): Protect the HMAC and DS peripherals from REE access 2025-04-16 19:19:04 +05:30
Laukik Hase d7d78f6238 fix(esp_tee): Correct the input validation checks for secure services 2025-04-16 19:19:04 +05:30
Laukik Hase 13aff0b216 fix(security): Fixed coverity warnings related to the esp_tee component 
- Also, disable the SECP192R1 curve (Mbed TLS config) when TEE Secure Storage
  does not require it
 2025-04-14 10:12:51 +05:30
Laukik Hase d442886918 refactor(esp_tee): Refactor the TEE heap-related APIs 2025-04-08 19:50:26 +05:30
Laukik Hase bd314c2460 refactor(esp_tee): Update the SHA clock configuration service call 2025-04-04 10:31:28 +05:30
Laukik Hase 1e8933d296 feat(esp_tee): Add support for SECP192R1 curve in TEE secure storage 2025-04-03 15:35:14 +05:30
Laukik Hase 873409da6b refactor(esp_tee): Simplify service call ASM routine 
- Remove `mret` for jumping to the service call dispatcher; instead, enable
  interrupts and execute directly
- Fix potential corruption of the `t3` register when returning from a service
  call
- Simplify the secure service dispatcher function
 2025-02-25 17:18:08 +05:30
Laukik Hase 26fa7109f3 fix(esp_tee): Protect the AES/SHA clock registers from REE access 2025-02-25 16:49:08 +05:30
Laukik Hase c23714f775 feat(esp_tee): Add support for flash memory isolation and protection (SPI1) 2025-02-11 12:30:05 +05:30
harshal.patil 7d8211bf87 feat(mbedtls): Support both SHA block and DMA modes during runtime 
Dynamically switch the SHA operation modes based on the buffer operating length
 2025-02-04 16:49:30 +05:30
Laukik Hase c4eec756f3 refactor(esp_tee): Revised the secure service ID numbering scheme 
Also:
- Split the secure service table into two parts: one DRAM-resident and the
  other DROM-resident. The former holds the services invoked when the cache is
  disabled or suspended while the latter holds rest of the services.
 2025-01-23 12:39:19 +05:30
Laukik Hase a745100bef refactor(esp_tee): Add argument count checks for secure services in the dispatcher 
Also:
- Unified the TEE build system-related scripts into a single script
 2025-01-23 12:39:18 +05:30
Laukik Hase a91f89026c feat(esp_tee): Make the attestation service configurable 2025-01-23 12:39:17 +05:30
Laukik Hase 4d9358703a refactor(esp_tee): Move the REE address validation check to a separate header 2025-01-23 12:39:16 +05:30
Sachin Billore 9ea01eb7c4 fix(esp_tee): Input validation for secure services 2025-01-15 16:29:38 +05:30
Laukik Hase 1499c65754 feat(esp_tee): Add support for flash memory isolation and protection (SPI0) 2025-01-03 11:44:01 +05:30
Laukik Hase 373930655a feat(esp_tee): Support for ESP-TEE - the main component 2024-12-02 12:20:05 +05:30