espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-28 19:34:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
49,603 Commits 24 Branches 183 Tags
70da170f248ae617297b4e2835254f33bb0238ed
Commit Graph

70 Commits

Author SHA1 Message Date
Laukik Hase 66ed9d2b4b ci(esp_tee): Optimize the TEE pytest script 2026-01-12 18:29:44 +05:30
Michael (XIAO Xufeng) c299c0b749 Merge branch 'refactor/remove_idf_test_component' into 'master' 
refactor: Remove idf_test component

Closes IDF-12578

See merge request espressif/esp-idf!43733
 2026-01-06 16:20:20 +08:00
Laukik Hase b15334600d Merge branch 'refactor/esp_tee_picolibc' into 'master' 
refactor(esp_tee): Adopt `Picolibc` as the default LibC for ESP-TEE build

See merge request espressif/esp-idf!44050
 2026-01-02 10:38:47 +05:30
Xiao Xufeng 73735f3e87 test: merge chip-specific performance data headers 2026-01-01 02:35:58 +08:00
Li Shuai 6e9885f7e6 Merge branch 'bugfix/idfgh-16634' into 'master' 
remove the configurable constraint for sleep memory usage optimization option

Closes IDFGH-16634 and IDF-13780

See merge request espressif/esp-idf!42882
 2025-12-31 12:57:50 +08:00
Laukik Hase 406ca9aa92 ci(esp_tee): Enable the tee_cli_app test-app for ESP32-H2 
- Also set the RX burst size correctly for AES/SHA DMA operations
  with ESP-TEE
- Fix the compile-time minimum chip revision check for patching
  the `ets_delay_us` API
 2025-12-30 16:03:43 +05:30
Laukik Hase 0964024484 refactor(esp_tee): Adopt Picolibc as the default LibC for ESP-TEE build 
- Also fixed an issue where NewLib ROM APIs, when called from TEE, were
  using the syscall table located in the REE SRAM. This could be abused
  as an attack vector to invoke illegal functions from the TEE.
  To prevent this, the syscall table is now switched to the TEE-specific
  copy during every M-U mode transition.
 2025-12-30 16:03:41 +05:30
Ashish Sharma a9927b82b7 fix: fixes coverity reported warnings 2025-12-30 09:31:49 +05:30
Ashish Sharma e7e31d5d39 feat: migrates esp_tee to PSA APIs 2025-12-30 09:31:49 +05:30
Li Shuai 053e62dde9 fix(esp_tee): fix cpu lockup reset issue caused by REE stack underflow test case 2025-12-30 11:47:49 +08:00
armando 513f424769 ci(tee): c5 c61 mspi mmu can tell addr error 2025-12-26 01:04:45 +00:00
Laukik Hase f6b8795435 ci(esp_tee): Sync the build manifest file and test scripts for ESP-TEE examples 2025-12-08 18:26:03 +05:30
Mahavir Jain 81c961a656 Merge branch 'refactor/esp_tee_soc_cap' into 'master' 
feat(esp_tee): Mark ESP32-H2 as a supported target for ESP-TEE

See merge request espressif/esp-idf!43434
 2025-12-08 14:11:15 +05:30
Laukik Hase 90d6394911 feat(esp_tee): Support ECDSA secp384r1 keys in TEE secure storage 2025-12-04 11:16:29 +05:30
Laukik Hase c88f9c3be1 feat(esp_tee): Mark ESP32-H2 as a supported target for ESP-TEE 2025-11-25 10:13:31 +05:30
Laukik Hase 7c24682643 feat(esp_tee): Add support for the RISC-V H/W stack guard mechanism 2025-11-24 18:49:06 +05:30
harshal.patil dac0bbfcc2 change(mbedtls): Generalize key source union for the hardware ECDSA context 2025-11-17 12:34:09 +05:30
Laukik Hase b6a51f0ff6 ci(esp_tee): Enable the TEE examples for ESP32-C61 2025-11-12 12:48:26 +05:30
Laukik Hase 5b80a58953 ci(esp_tee): Enable the TEE test-apps for ESP32-C61 2025-11-07 14:54:16 +05:30
Laukik Hase bbdd1499f1 feat(esp_tee): Support for ESP32-C61 - the esp_tee component 2025-11-07 14:54:11 +05:30
Laukik Hase e27e0eb6a7 ci(esp_tee): Remove incorrect error checks for TEE flash protection tests 
- Also fixed coverity issue from TEE secure storage
 2025-11-06 12:22:36 +05:30
Laukik Hase 052f380262 ci(esp_tee): Re-enable the TEE test-apps for ESP32-C5 2025-11-04 11:33:51 +05:30
Fu Hanxi 1e79c69fc4 tests: change wifi tests expect timeout to 60 
- wifi_router
- wifi_ap
- wifi_high_traffic
 2025-11-03 09:19:02 +08:00
Laukik Hase 71aff04c0d fix(esp_tee): Use HAL APIs instead of ROM APIs for SPI flash service calls 
Currently, REE SPI flash HAL operations are routed as service calls to TEE,
but the TEE implementation incorrectly uses ROM APIs instead of HAL APIs.
This leads to issues and is not the recommended approach.
 2025-10-22 11:44:33 +05:30
Laukik Hase 9de1d631b4 feat(esp_tee): Reclaim unused TEE IRAM memory as heap 
- Changed the default TEE code placement to use the flash
  text section instead of IRAM text, making it consistent
  with the default data placement.
 2025-10-15 18:22:44 +05:30
Laukik Hase 20344640e3 fix(esp_tee): Split TEE SRAM as I/DRAM for ESP32-C5 with PMA 2025-10-15 18:22:43 +05:30
Laukik Hase 6e51fac96e Merge branch 'fix/esp_tee_flash_op_bound_checks' into 'master' 
fix(esp_tee): Correct flash operation bound checks to handle all overlap cases

Closes IDF-14129

See merge request espressif/esp-idf!41946
 2025-10-13 13:31:03 +05:30
Mahavir Jain 439b1d6d08 cleanup: move cJSON to component manager 2025-10-06 14:08:06 +05:30
Peter Dragun e3198fff3c feat: Update esptool to v5 2025-09-30 15:28:55 +02:00
Laukik Hase 8b92f3603f fix(esp_tee): Correct flash operation bound checks to handle all overlap cases 
- Ensure bound checks correctly handle all scenarios, including
  when a requested operation's (SPI0/1) range fully contains the
  TEE-protected region.
- Disable delegation of INTWDT timeout and Cache error interrupts as they reset
  the device after the panic handler
 2025-09-30 12:22:25 +05:30
morris 71cb24caab feat(timg): graduate the hal driver into a single component 2025-09-27 17:33:10 +08:00
Laukik Hase 649741fa9d Merge branch 'feat/nvs_flash_deregister_sec_scheme' into 'master' 
feat(nvs_flash): Added an API to deregister the NVS security scheme context

Closes IDF-12456 and IDFGH-16210

See merge request espressif/esp-idf!41073
 2025-09-22 11:11:34 +05:30
Laukik Hase c152663408 feat(esp_tee): Added support for PBKDF2-based (HMAC) ECDSA signing 2025-09-19 12:06:02 +05:30
Laukik Hase 1ea0fc261d change(nvs_sec_provider): Make the HMAC-based NVS security scheme default for supported SoCs 
- When NVS encryption is enabled on SoCs with the HMAC peripheral that have flash encryption
  enabled, the HMAC-based NVS encryption scheme is now selected as default instead of the
  flash encryption-based scheme.
- If your application previously used the flash encryption-based scheme, you need to manually
  configure the NVS encryption scheme to flash encryption from HMAC through ``menuconfig``
  or your project's ``sdkconfig`` (i.e., setting ``CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y``).
 2025-09-19 10:38:38 +05:30
Laukik Hase 57432bb336 fix(esp_tee): Skip taking the service call mutex when in critical sections 
- Fixes INT_WDT timeouts with mmap operations
- Add test-case for verifying parallel service calls
 2025-09-16 14:57:27 +05:30
Laukik Hase 8b812d4192 feat(esp_tee): Miscellaneous fixes and updates 
- Rename `tee_test_fw` app configs for better CI tracking
- Decrease the lower bound of TEE I/DRAM config options
- Trim the TEE test-apps build
- Improve the TEE/REE OTA pytest script with additional checks
- Fix build issues when `tee_sec_storage`/`tee_ota_ops` are a
  a part of the project build but ESP-TEE is disabled
 2025-09-16 14:54:06 +05:30
Marek Fiala 9d35d63651 feat(cmake): Update minimum cmake version to 3.22 (whole repository) 2025-08-19 14:44:32 +02:00
Laukik Hase 9b807a253d ci(esp_tee): Disable the TEE test-apps for ESP32-C5 temporarily 2025-08-18 18:42:02 +05:30
Laukik Hase bb55b0cefc ci(esp_tee): Enable the TEE test-apps for ESP32-C5 2025-08-13 14:09:00 +05:30
Laukik Hase ab8400df4a ci(esp_tee): Refactor the ESP-TEE test-cases 
- Improve the interrupt-related test cases
- Fix potential issues in the task-switching test
  during secure service calls
 2025-08-13 14:09:00 +05:30
Marius Vikhammer bf84ab652a change(test_utils): moved test_utils component to tools/test_apps/components/ 2025-07-21 14:05:50 +08:00
Fu Hanxi f33469dd63 ci: apply idf-ci build run 
removed script:

- tools/ci/dynamic_pipelines/scripts/child_pipeline_build_apps.py -> idf-ci build run
- tools/ci/ci_build_apps.py -> idf-build-apps build

moved from remove from idf_pytest/constants.py to .idf_build_apps.toml

- DEFAULT_FULL_BUILD_TEST_COMPONENTS
- DEFAULT_FULL_BUILD_TEST_FILEPATTERNS
- DEFAULT_IGNORE_WARNING_FILEPATH
- DEFAULT_BUILD_LOG_FILENAME
- DEFAULT_SIZE_JSON_FILENAME
 2025-07-09 10:33:28 +02:00
Fu Hanxi 0d5b3e60ac ci: remove --enable-pytest from install.sh 2025-07-09 10:33:26 +02:00
Laukik Hase 9b1aaa2778 fix(esp_tee): Fix coverity issues from the attestation component 
- Also fix the incorrect marker set for TEE OTA tests
 2025-06-23 11:45:12 +05:30
Laukik Hase a1c6d2a458 fix(esp_tee): Fix failing SPI1 flash protection test-cases 2025-05-22 17:35:09 +08:00
Laukik Hase b8e48fbfc0 ci(esp_tee): Enable the tee_test_fw test app for ESP32-H2 2025-05-20 16:31:23 +05:30
Laukik Hase c16fc04c2d docs(esp_tee): Revise TEE secure storage and related documentation 2025-05-04 18:22:22 +05:30
Laukik Hase 3bb3f9362e refactor(esp_tee): Update TEE secure storage examples and test-apps 2025-05-04 18:03:30 +05:30
Laukik Hase d116567a66 refactor(esp_tee): Update TEE secure storage interface APIs 2025-05-04 18:03:29 +05:30
Laukik Hase 832124f198 fix(esp_tee): Place APM HAL in TEE IRAM when SPI1 protection is enabled 
- Place the APM HAL into TEE IRAM when `CONFIG_SECURE_TEE_EXT_FLASH_MEMPROT_SPI1`
  is enabled, as APM violations related to SPI1 can occur with the flash cache disabled.
- Also fix an issue where flash protection tests were passing due to incorrect checks
 2025-04-17 11:03:50 +05:30