feat(esp32p4): introduced new target esp32p4, supported hello_world

components/bootloader_support/src/esp32p4/bootloader_esp32p4.c

@@ -0,0 +1,171 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <stdint.h>
+#include "sdkconfig.h"
+#include "esp_attr.h"
+#include "esp_log.h"
+#include "esp_image_format.h"
+#include "flash_qio_mode.h"
+#include "esp_rom_gpio.h"
+#include "esp_rom_efuse.h"
+#include "esp_rom_uart.h"
+#include "esp_rom_sys.h"
+#include "esp_rom_spiflash.h"
+#include "soc/gpio_sig_map.h"
+#include "soc/io_mux_reg.h"
+#include "soc/assist_debug_reg.h"
+#include "esp_cpu.h"
+#include "soc/rtc.h"
+#include "soc/spi_periph.h"
+#include "soc/cache_reg.h"
+#include "soc/io_mux_reg.h"
+#include "esp32p4/rom/efuse.h"
+#include "esp32p4/rom/ets_sys.h"
+#include "esp32p4/rom/spi_flash.h"
+#include "bootloader_common.h"
+#include "bootloader_init.h"
+#include "bootloader_clock.h"
+#include "bootloader_flash_config.h"
+#include "bootloader_mem.h"
+#include "esp_private/regi2c_ctrl.h"
+#include "soc/regi2c_lp_bias.h"
+#include "soc/regi2c_bias.h"
+#include "bootloader_console.h"
+#include "bootloader_flash_priv.h"
+#include "bootloader_soc.h"
+#include "esp_private/bootloader_flash_internal.h"
+#include "esp_efuse.h"
+#include "hal/mmu_hal.h"
+#include "hal/cache_hal.h"
+#include "hal/clk_tree_ll.h"
+#include "soc/lp_wdt_reg.h"
+#include "hal/efuse_hal.h"
+
+static const char *TAG = "boot.esp32p4";
+
+static void wdt_reset_cpu0_info_enable(void)
+{
+    //TODO: IDF-7688
+    REG_WRITE(ASSIST_DEBUG_CORE_0_RCD_EN_REG, ASSIST_DEBUG_CORE_0_RCD_PDEBUGEN | ASSIST_DEBUG_CORE_0_RCD_RECORDEN);
+}
+
+static void wdt_reset_info_dump(int cpu)
+{
+    (void) cpu;
+    // saved PC was already printed by the ROM bootloader.
+    // nothing to do here.
+}
+
+static void bootloader_check_wdt_reset(void)
+{
+    int wdt_rst = 0;
+    soc_reset_reason_t rst_reason = esp_rom_get_reset_reason(0);
+    if (rst_reason == RESET_REASON_CORE_RTC_WDT || rst_reason == RESET_REASON_CORE_MWDT0 || rst_reason == RESET_REASON_CORE_MWDT1 ||
+        rst_reason == RESET_REASON_CPU0_MWDT0 || rst_reason == RESET_REASON_CPU0_MWDT1 || rst_reason == RESET_REASON_CPU0_RTC_WDT) {
+        ESP_LOGW(TAG, "PRO CPU has been reset by WDT.");
+        wdt_rst = 1;
+    }
+    if (wdt_rst) {
+        // if reset by WDT dump info from trace port
+        wdt_reset_info_dump(0);
+    }
+    wdt_reset_cpu0_info_enable();
+}
+
+static void bootloader_super_wdt_auto_feed(void)
+{
+    REG_WRITE(LP_WDT_SWD_WPROTECT_REG, LP_WDT_SWD_WKEY_VALUE);
+    REG_SET_BIT(LP_WDT_SWD_CONFIG_REG, LP_WDT_SWD_AUTO_FEED_EN);
+    REG_WRITE(LP_WDT_SWD_WPROTECT_REG, 0);
+}
+
+static inline void bootloader_hardware_init(void)
+{
+    //TODO: IDF-7528
+    // /* Enable analog i2c master clock */
+    // SET_PERI_REG_MASK(MODEM_LPCON_CLK_CONF_REG, MODEM_LPCON_CLK_I2C_MST_EN);
+    // SET_PERI_REG_MASK(MODEM_LPCON_I2C_MST_CLK_CONF_REG, MODEM_LPCON_CLK_I2C_MST_SEL_160M);
+}
+
+static inline void bootloader_ana_reset_config(void)
+{
+    //Enable super WDT reset.
+    bootloader_ana_super_wdt_reset_config(true);
+    //Enable BOD reset
+    bootloader_ana_bod_reset_config(true);
+}
+
+esp_err_t bootloader_init(void)
+{
+    esp_err_t ret = ESP_OK;
+
+    bootloader_hardware_init();
+    bootloader_ana_reset_config();
+    bootloader_super_wdt_auto_feed();
+
+// In RAM_APP, memory will be initialized in `call_start_cpu0`
+#if !CONFIG_APP_BUILD_TYPE_RAM
+    // protect memory region
+    bootloader_init_mem();
+    /* check that static RAM is after the stack */
+    assert(&_bss_start <= &_bss_end);
+    assert(&_data_start <= &_data_end);
+    // clear bss section
+    bootloader_clear_bss_section();
+#endif // !CONFIG_APP_BUILD_TYPE_RAM
+
+    // init eFuse virtual mode (read eFuses to RAM)
+#ifdef CONFIG_EFUSE_VIRTUAL
+    ESP_LOGW(TAG, "eFuse virtual mode is enabled. If Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY!");
+#ifndef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
+    esp_efuse_init_virtual_mode_in_ram();
+#endif
+#endif
+
+    // config clock
+    bootloader_clock_configure();
+    // initialize console, from now on, we can use esp_log
+    bootloader_console_init();
+    /* print 2nd bootloader banner */
+    bootloader_print_banner();
+
+#if !CONFIG_APP_BUILD_TYPE_PURE_RAM_APP
+    //init cache hal
+    cache_hal_init();
+    //reset mmu
+    mmu_hal_init();
+    // update flash ID
+    bootloader_flash_update_id();
+    // Check and run XMC startup flow
+    if ((ret = bootloader_flash_xmc_startup()) != ESP_OK) {
+        ESP_LOGE(TAG, "failed when running XMC startup flow, reboot!");
+        return ret;
+    }
+#if !CONFIG_APP_BUILD_TYPE_RAM
+    // read bootloader header
+    if ((ret = bootloader_read_bootloader_header()) != ESP_OK) {
+        return ret;
+    }
+    // read chip revision and check if it's compatible to bootloader
+    if ((ret = bootloader_check_bootloader_validity()) != ESP_OK) {
+        return ret;
+    }
+#endif // !CONFIG_APP_BUILD_TYPE_RAM
+    // initialize spi flash
+    if ((ret = bootloader_init_spi_flash()) != ESP_OK) {
+        return ret;
+    }
+#endif // #if !CONFIG_APP_BUILD_TYPE_PURE_RAM_APP
+
+    // check whether a WDT reset happend
+    bootloader_check_wdt_reset();
+    // config WDT
+    bootloader_config_wdt();
+    // enable RNG early entropy source
+    bootloader_enable_random();
+
+    return ret;
+}

components/bootloader_support/src/esp32p4/bootloader_sha.c

@@ -0,0 +1,44 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include "bootloader_sha.h"
+#include <stdbool.h>
+#include <string.h>
+#include <assert.h>
+#include <sys/param.h>
+
+#include "esp32p4/rom/sha.h"
+
+static SHA_CTX ctx;
+
+bootloader_sha256_handle_t bootloader_sha256_start()
+{
+    // Enable SHA hardware
+    ets_sha_enable();
+    ets_sha_init(&ctx, SHA2_256);
+    return &ctx; // Meaningless non-NULL value
+}
+
+void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data, size_t data_len)
+{
+    assert(handle != NULL);
+    /* P4 secure boot key field consists of 1 byte of curve identifier and 64 bytes of ECDSA public key.
+     * While verifying the signature block, we need to calculate the SHA of this key field which is of 65 bytes.
+     * ets_sha_update handles it cleanly so we can safely remove the check:
+     * assert(data_len % 4) == 0
+     */
+    ets_sha_update(&ctx, data, data_len, false);
+}
+
+void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest)
+{
+    assert(handle != NULL);
+
+    if (digest == NULL) {
+        bzero(&ctx, sizeof(ctx));
+        return;
+    }
+    ets_sha_finish(&ctx, digest);
+}

components/bootloader_support/src/esp32p4/bootloader_soc.c

@@ -0,0 +1,21 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <stdbool.h>
+
+void bootloader_ana_super_wdt_reset_config(bool enable)
+{
+    //TODO: IDF-7514
+}
+
+void bootloader_ana_bod_reset_config(bool enable)
+{
+    //TODO: IDF-7514
+}
+
+void bootloader_ana_clock_glitch_reset_config(bool enable)
+{
+    //TODO: IDF-7514
+}

components/bootloader_support/src/esp32p4/flash_encryption_secure_features.c

@@ -0,0 +1,50 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <strings.h>
+#include "esp_flash_encrypt.h"
+#include "esp_secure_boot.h"
+#include "esp_efuse.h"
+#include "esp_efuse_table.h"
+#include "esp_log.h"
+#include "sdkconfig.h"
+
+static __attribute__((unused)) const char *TAG = "flash_encrypt";
+
+esp_err_t esp_flash_encryption_enable_secure_features(void)
+{
+#ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
+    ESP_LOGI(TAG, "Disable UART bootloader encryption...");
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
+#else
+    ESP_LOGW(TAG, "Not disabling UART bootloader encryption");
+#endif
+
+#ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE
+    ESP_LOGI(TAG, "Disable UART bootloader cache...");
+    esp_efuse_write_field_bit(ESP_EFUSE_SPI_DOWNLOAD_MSPI_DIS);
+#else
+    ESP_LOGW(TAG, "Not disabling UART bootloader cache - SECURITY COMPROMISED");
+#endif
+
+#ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
+    ESP_LOGI(TAG, "Disable JTAG...");
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_PAD_JTAG);
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_USB_JTAG);
+#else
+    ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
+#endif
+
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_DIRECT_BOOT);
+
+#if defined(CONFIG_SECURE_BOOT_V2_ENABLED) && !defined(CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS)
+    // This bit is set when enabling Secure Boot V2, but we can't enable it until this later point in the first boot
+    // otherwise the Flash Encryption key cannot be read protected
+    esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_RD_DIS);
+#endif
+
+    return ESP_OK;
+}

components/bootloader_support/src/esp32p4/secure_boot_secure_features.c

@@ -0,0 +1,70 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <strings.h>
+#include "esp_flash_encrypt.h"
+#include "esp_secure_boot.h"
+#include "esp_efuse.h"
+#include "esp_efuse_table.h"
+#include "esp_log.h"
+#include "sdkconfig.h"
+
+static __attribute__((unused)) const char *TAG = "secure_boot";
+
+esp_err_t esp_secure_boot_enable_secure_features(void)
+{
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_DIRECT_BOOT);
+
+#ifdef CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE
+    ESP_LOGI(TAG, "Enabling Security download mode...");
+    esp_err_t err = esp_efuse_enable_rom_secure_download_mode();
+    if (err != ESP_OK) {
+        ESP_LOGE(TAG, "Could not enable Security download mode...");
+        return err;
+    }
+#elif CONFIG_SECURE_DISABLE_ROM_DL_MODE
+    ESP_LOGI(TAG, "Disable ROM Download mode...");
+    esp_err_t err = esp_efuse_disable_rom_download_mode();
+    if (err != ESP_OK) {
+        ESP_LOGE(TAG, "Could not disable ROM Download mode...");
+        return err;
+    }
+#else
+    ESP_LOGW(TAG, "UART ROM Download mode kept enabled - SECURITY COMPROMISED");
+#endif
+
+#ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
+    ESP_LOGI(TAG, "Disable hardware & software JTAG...");
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_PAD_JTAG);
+    esp_efuse_write_field_bit(ESP_EFUSE_DIS_USB_JTAG);
+    esp_efuse_write_field_cnt(ESP_EFUSE_SOFT_DIS_JTAG, ESP_EFUSE_SOFT_DIS_JTAG[0]->bit_count);
+#else
+    ESP_LOGW(TAG, "Not disabling JTAG - SECURITY COMPROMISED");
+#endif
+
+#ifdef CONFIG_SECURE_BOOT_ENABLE_AGGRESSIVE_KEY_REVOKE
+    esp_efuse_write_field_bit(ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE);
+#endif
+
+    esp_efuse_write_field_bit(ESP_EFUSE_SECURE_BOOT_EN);
+
+#ifndef CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS
+    bool rd_dis_now = true;
+#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
+    /* If flash encryption is not enabled yet then don't read-disable efuses yet, do it later in the boot
+       when Flash Encryption is being enabled */
+    rd_dis_now = esp_flash_encryption_enabled();
+#endif
+    if (rd_dis_now) {
+        ESP_LOGI(TAG, "Prevent read disabling of additional efuses...");
+        esp_efuse_write_field_bit(ESP_EFUSE_WR_DIS_RD_DIS);
+    }
+#else
+    ESP_LOGW(TAG, "Allowing read disabling of additional efuses - SECURITY COMPROMISED");
+#endif
+
+    return ESP_OK;
+}