From abaef736671cbb154ea024f70d188b1c7d0427c2 Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Tue, 24 Jun 2025 15:06:25 +0530 Subject: [PATCH] refactor(esp_system): Place all memory protection options under one option --- components/esp_system/Kconfig | 92 ++++++++++--------- components/esp_system/sdkconfig.rename | 6 ++ .../esp_system/sdkconfig.rename.esp32c3 | 4 +- .../esp_system/sdkconfig.rename.esp32s2 | 4 +- components/esp_tee/Kconfig.projbuild | 1 - 5 files changed, 59 insertions(+), 48 deletions(-) diff --git a/components/esp_system/Kconfig b/components/esp_system/Kconfig index c25ca1b9ad..b6c868f13b 100644 --- a/components/esp_system/Kconfig +++ b/components/esp_system/Kconfig @@ -157,59 +157,65 @@ menu "ESP System Settings" endchoice - menu "Memory protection" + config ESP_SYSTEM_MEMPROT + bool "Enable memory protection" + default y + depends on SOC_CPU_IDRAM_SPLIT_USING_PMP || SECURE_ENABLE_TEE || SOC_MEMPROT_SUPPORTED + help + This option enables memory protection for the valid memory regions. + This feature also automatically splits the ROM, RAM and flash memory into data and + instruction segments and sets Read/Execute permissions for the instruction part + (below given splitting address) and Read/Write permissions for the data part + (above the splitting address). The memory protection is effective on all access + through the IRAM0 and DRAM0 buses. - config ESP_SYSTEM_PMP_IDRAM_SPLIT - bool "Enable IRAM/DRAM split protection" + choice ESP_SYSTEM_MEMPROT_MODE + prompt "Memory Protection configurations" + depends on ESP_SYSTEM_MEMPROT + default ESP_SYSTEM_MEMPROT_TEE if SECURE_ENABLE_TEE + default ESP_SYSTEM_MEMPROT_PMP if SOC_CPU_IDRAM_SPLIT_USING_PMP && !SECURE_ENABLE_TEE + default ESP_SYSTEM_MEMPROT_PMS if SOC_MEMPROT_SUPPORTED + + config ESP_SYSTEM_MEMPROT_PMS + bool "Enable Permission Control Module (PMS) configurations" + depends on SOC_MEMPROT_SUPPORTED + help + This option enables memory protection using the Permission Control Module (PMS). + + config ESP_SYSTEM_MEMPROT_PMP + bool "Enable CPU's Physical Memory Protection (PMP) configurations" depends on SOC_CPU_IDRAM_SPLIT_USING_PMP && !SECURE_ENABLE_TEE - default "y" help - If enabled, the CPU watches all the memory access and raises an exception in case - of any memory violation. This feature automatically splits - the SRAM memory, using PMP, into data and instruction segments and sets Read/Execute permissions - for the instruction part (below given splitting address) and Read/Write permissions - for the data part (above the splitting address). The memory protection is effective - on all access through the IRAM0 and DRAM0 buses. + This option enables memory protection using CPU PMP. - config ESP_SYSTEM_PMP_LP_CORE_RESERVE_MEM_EXECUTABLE - bool "Make LP core reserved memory executable from HP core" - depends on IDF_TARGET_ARCH_RISCV && SOC_LP_CORE_SUPPORTED && ESP_SYSTEM_PMP_IDRAM_SPLIT - default "n" + config ESP_SYSTEM_MEMPROT_TEE + bool "Enable Trusted Execution Environment (TEE) configurations" + depends on SECURE_ENABLE_TEE help + This option enables the default memory protection provided by TEE. + + endchoice + + + config ESP_SYSTEM_MEMPROT_PMS_LOCK + bool "Lock memory protection settings" + depends on ESP_SYSTEM_MEMPROT && ESP_SYSTEM_MEMPROT_PMS + default y + help + Once locked, memory protection settings cannot be changed anymore. + The lock is reset only on the chip startup. + + + config ESP_SYSTEM_MEMPROT_PMP_LP_CORE_RESERVE_MEM_EXEC + bool "Make LP core reserved memory executable from HP core" + depends on ESP_SYSTEM_MEMPROT&& IDF_TARGET_ARCH_RISCV && SOC_LP_CORE_SUPPORTED && ESP_SYSTEM_MEMPROT_PMP + default n + help If enabled, user can run code available in LP Core image. Warning: on ESP32-P4 this will also mark the memory area used for BOOTLOADER_RESERVE_RTC_MEM as executable. If you consider this a security risk then do not activate this option. - config ESP_SYSTEM_MEMPROT_FEATURE_VIA_TEE - bool "Enable memory protection (via TEE)" - depends on SECURE_ENABLE_TEE - default "y" - help - This option enables the default memory protection provided by TEE. - - config ESP_SYSTEM_MEMPROT_FEATURE - bool "Enable memory protection" - depends on SOC_MEMPROT_SUPPORTED - default "y" - help - If enabled, the permission control module watches all the memory access and fires the panic handler - if a permission violation is detected. This feature automatically splits - the SRAM memory into data and instruction segments and sets Read/Execute permissions - for the instruction part (below given splitting address) and Read/Write permissions - for the data part (above the splitting address). The memory protection is effective - on all access through the IRAM0 and DRAM0 buses. - - config ESP_SYSTEM_MEMPROT_FEATURE_LOCK - depends on ESP_SYSTEM_MEMPROT_FEATURE - bool "Lock memory protection settings" - default "y" - help - Once locked, memory protection settings cannot be changed anymore. - The lock is reset only on the chip startup. - - endmenu # Memory protection - config ESP_SYSTEM_EVENT_QUEUE_SIZE int "System event queue size" default 32 diff --git a/components/esp_system/sdkconfig.rename b/components/esp_system/sdkconfig.rename index 69d982545c..6f335c313e 100644 --- a/components/esp_system/sdkconfig.rename +++ b/components/esp_system/sdkconfig.rename @@ -40,3 +40,9 @@ CONFIG_BROWNOUT_DET_LVL_SEL_5 CONFIG_ESP_BROWNOUT_DET_ CONFIG_BROWNOUT_DET_LVL_SEL_6 CONFIG_ESP_BROWNOUT_DET_LVL_SEL_6 CONFIG_BROWNOUT_DET_LVL_SEL_7 CONFIG_ESP_BROWNOUT_DET_LVL_SEL_7 CONFIG_BROWNOUT_DET_LVL CONFIG_ESP_BROWNOUT_DET_LVL + +CONFIG_ESP_SYSTEM_PMP_IDRAM_SPLIT CONFIG_ESP_SYSTEM_MEMPROT +CONFIG_ESP_SYSTEM_PMP_LP_CORE_RESERVE_MEM_EXECUTABLE CONFIG_ESP_SYSTEM_MEMPROT_PMP_LP_CORE_RESERVE_MEM_EXEC +CONFIG_ESP_SYSTEM_MEMPROT_FEATURE_VIA_TEE CONFIG_ESP_SYSTEM_MEMPROT +CONFIG_ESP_SYSTEM_MEMPROT_FEATURE CONFIG_ESP_SYSTEM_MEMPROT +CONFIG_ESP_SYSTEM_MEMPROT_FEATURE_LOCK CONFIG_ESP_SYSTEM_MEMPROT_PMS_LOCK diff --git a/components/esp_system/sdkconfig.rename.esp32c3 b/components/esp_system/sdkconfig.rename.esp32c3 index b4c6e0e2af..6b8aeca5e4 100644 --- a/components/esp_system/sdkconfig.rename.esp32c3 +++ b/components/esp_system/sdkconfig.rename.esp32c3 @@ -1,8 +1,8 @@ # sdkconfig replacement configurations for deprecated options formatted as # CONFIG_DEPRECATED_OPTION CONFIG_NEW_OPTION -CONFIG_ESP32C3_MEMPROT_FEATURE CONFIG_ESP_SYSTEM_MEMPROT_FEATURE -CONFIG_ESP32C3_MEMPROT_FEATURE_LOCK CONFIG_ESP_SYSTEM_MEMPROT_FEATURE_LOCK +CONFIG_ESP32C3_MEMPROT_FEATURE CONFIG_ESP_SYSTEM_MEMPROT +CONFIG_ESP32C3_MEMPROT_FEATURE_LOCK CONFIG_ESP_SYSTEM_MEMPROT_PMS_LOCK CONFIG_ESP32C3_DEBUG_OCDAWARE CONFIG_ESP_DEBUG_OCDAWARE CONFIG_ESP32C3_BROWNOUT_DET CONFIG_ESP_BROWNOUT_DET diff --git a/components/esp_system/sdkconfig.rename.esp32s2 b/components/esp_system/sdkconfig.rename.esp32s2 index 35354a350a..54f595e07f 100644 --- a/components/esp_system/sdkconfig.rename.esp32s2 +++ b/components/esp_system/sdkconfig.rename.esp32s2 @@ -6,8 +6,8 @@ CONFIG_ESP32S2_PANIC_PRINT_HALT CONFIG_ESP_SYSTEM_PANIC_ CONFIG_ESP32S2_PANIC_PRINT_REBOOT CONFIG_ESP_SYSTEM_PANIC_PRINT_REBOOT CONFIG_ESP32S2_PANIC_SILENT_REBOOT CONFIG_ESP_SYSTEM_PANIC_SILENT_REBOOT CONFIG_ESP32S2_PANIC_GDBSTUB CONFIG_ESP_SYSTEM_PANIC_GDBSTUB -CONFIG_ESP32S2_MEMPROT_FEATURE CONFIG_ESP_SYSTEM_MEMPROT_FEATURE -CONFIG_ESP32S2_MEMPROT_FEATURE_LOCK CONFIG_ESP_SYSTEM_MEMPROT_FEATURE_LOCK +CONFIG_ESP32S2_MEMPROT_FEATURE CONFIG_ESP_SYSTEM_MEMPROT +CONFIG_ESP32S2_MEMPROT_FEATURE_LOCK CONFIG_ESP_SYSTEM_MEMPROT_PMS_LOCK CONFIG_ESP32S2_ALLOW_RTC_FAST_MEM_AS_HEAP CONFIG_ESP_SYSTEM_ALLOW_RTC_FAST_MEM_AS_HEAP CONFIG_ESP32S2_DEBUG_OCDAWARE CONFIG_ESP_DEBUG_OCDAWARE CONFIG_ESP32S2_NO_BLOBS CONFIG_APP_NO_BLOBS diff --git a/components/esp_tee/Kconfig.projbuild b/components/esp_tee/Kconfig.projbuild index d443156412..897491fc8c 100644 --- a/components/esp_tee/Kconfig.projbuild +++ b/components/esp_tee/Kconfig.projbuild @@ -3,7 +3,6 @@ menu "ESP-TEE (Trusted Execution Environment)" config SECURE_ENABLE_TEE bool "Enable the ESP-TEE framework" - select ESP_SYSTEM_MEMPROT_FEATURE_VIA_TEE help This configuration enables the Trusted Execution Environment (TEE) feature.