diff --git a/components/esp_hal_mspi/CMakeLists.txt b/components/esp_hal_mspi/CMakeLists.txt index 65489e0191..21f4593172 100644 --- a/components/esp_hal_mspi/CMakeLists.txt +++ b/components/esp_hal_mspi/CMakeLists.txt @@ -6,7 +6,7 @@ set(includes "include" "${target}/include") if(esp_tee_build) if(CONFIG_SECURE_TEE_EXT_FLASH_MEMPROT_SPI1) - list(APPEND srcs "spi_flash_hal.c") + list(APPEND srcs "spi_flash_hal.c" "spi_flash_hal_iram.c") endif() elseif(NOT BOOTLOADER_BUILD) if(NOT CONFIG_APP_BUILD_TYPE_PURE_RAM_APP) diff --git a/components/esp_hal_mspi/spi_flash_hal_common.inc b/components/esp_hal_mspi/spi_flash_hal_common.inc index 564e5794a6..81f2c22919 100644 --- a/components/esp_hal_mspi/spi_flash_hal_common.inc +++ b/components/esp_hal_mspi/spi_flash_hal_common.inc @@ -131,15 +131,7 @@ esp_err_t spi_flash_hal_configure_host_io_mode( addr_bitlen += SPI_FLASH_LL_CONTINUOUS_MODE_BIT_NUMS; #endif spi_flash_ll_set_extra_address(dev, 0); - // TODO: [IDF-13582] - // Currently, REE and TEE use different sets of APIs for flash operations - - // REE uses the IDF SPI flash driver while TEE call the ROM APIs. This inconsistency - // leads to compatibility issues on ESP32-C5. - // One specific issue arises when esp_flash_read() is used in REE, which internally - // calls spi_flash_ll_wb_mode_enable(). This function enables the WB mode bit in - // the flash write operation. However, the ROM API does not support this - // feature, resulting in failures when TEE attempts to access flash after this call. -#if SOC_SPI_MEM_SUPPORT_WB_MODE_INDEPENDENT_CONTROL && !CONFIG_SECURE_ENABLE_TEE +#if SOC_SPI_MEM_SUPPORT_WB_MODE_INDEPENDENT_CONTROL spi_flash_ll_wb_mode_enable(dev, true); #endif } @@ -218,8 +210,7 @@ esp_err_t spi_flash_hal_common_command(spi_flash_host_inst_t *host, spi_flash_tr if (trans->miso_len > 0) { spi_flash_ll_get_buffer_data(dev, trans->miso_data, trans->miso_len); } - // TODO: [IDF-13582] -#if SOC_SPI_MEM_SUPPORT_WB_MODE_INDEPENDENT_CONTROL && !CONFIG_SECURE_ENABLE_TEE +#if SOC_SPI_MEM_SUPPORT_WB_MODE_INDEPENDENT_CONTROL spi_flash_ll_wb_mode_enable(dev, false); #endif return ESP_OK; diff --git a/components/esp_rom/CMakeLists.txt b/components/esp_rom/CMakeLists.txt index c8540aa486..6049ad7c95 100644 --- a/components/esp_rom/CMakeLists.txt +++ b/components/esp_rom/CMakeLists.txt @@ -152,21 +152,12 @@ if(CONFIG_ESP_ROM_HAS_VERSION) endif() if(ESP_TEE_BUILD) - if(CONFIG_IDF_TARGET_ESP32H4 AND NOT CONFIG_ESP32H4_SELECTS_REV_MP) # TODO: ESP32H4 IDF-13835 - rom_linker_script("beta5.heap") - rom_linker_script("beta5.spiflash") - if(CONFIG_ESP_ROM_HAS_NEWLIB_NANO_FORMAT) - rom_linker_script("beta5.newlib-nano") - endif() - else() - rom_linker_script("heap") - rom_linker_script("spiflash") - if(CONFIG_ESP_ROM_HAS_NEWLIB_NANO_FORMAT) - rom_linker_script("newlib-nano") - endif() + rom_linker_script("heap") + if(CONFIG_ESP_ROM_HAS_NEWLIB_NANO_FORMAT) + rom_linker_script("newlib-nano") endif() rom_linker_script("libc") - if(CONFIG_ESP_ROM_HAS_SUBOPTIMAL_NEWLIB_ON_MISALIGNED_MEMORY) # TODO IDF-13852: use optimized memcpy for TEE ? + if(CONFIG_ESP_ROM_HAS_SUBOPTIMAL_NEWLIB_ON_MISALIGNED_MEMORY) rom_linker_script("libc-suboptimal_for_misaligned_mem") endif() endif() diff --git a/components/esp_tee/subproject/CMakeLists.txt b/components/esp_tee/subproject/CMakeLists.txt index 78f009d861..91370fa077 100644 --- a/components/esp_tee/subproject/CMakeLists.txt +++ b/components/esp_tee/subproject/CMakeLists.txt @@ -25,7 +25,7 @@ set(ESP_TEE_BUILD 1) set(NON_OS_BUILD 1) # Additional components -list(APPEND COMPONENTS bootloader_support efuse esp_security mbedtls esp_stdio) +list(APPEND COMPONENTS bootloader_support efuse esp_hal_mspi esp_security mbedtls esp_stdio) # TEE-specific components list(APPEND COMPONENTS tee_flash_mgr tee_ota_ops tee_sec_storage tee_attestation) diff --git a/components/esp_tee/subproject/main/ld/esp32c5/esp_tee.ld.in b/components/esp_tee/subproject/main/ld/esp32c5/esp_tee.ld.in index 73cc9a4599..3fa95a92f9 100644 --- a/components/esp_tee/subproject/main/ld/esp32c5/esp_tee.ld.in +++ b/components/esp_tee/subproject/main/ld/esp32c5/esp_tee.ld.in @@ -40,6 +40,11 @@ PROVIDE ( esp_tee_app_config = SRAM_REE_SEG_START + 0x2b0 ); PROVIDE ( GDMA = 0x60080000 ); +/* SPI Flash functions required from the ROM (refer esp32c5.rom.spiflash.ld) */ +PROVIDE ( spi_flash_check_and_flush_cache = 0x40000230 ); +PROVIDE ( spi_flash_chip_generic_config_host_io_mode = 0x400002d4 ); +PROVIDE ( memspi_host_flush_cache = 0x40000318 ); + /* Default entry point: */ ENTRY(esp_tee_init); @@ -98,6 +103,7 @@ SECTIONS *libhal.a:cache_hal.c*(.literal .text .literal.* .text.*) *libhal.a:wdt_hal_iram.c*(.literal .text .literal.* .text.*) *libhal.a:apm_hal.c*(.literal .text .literal.* .text.*) + *libesp_hal_mspi.a:*(.literal .text .literal.* .text.*) /* IDF components */ *libbootloader_support.a:*(.literal .text .literal.* .text.*) *libesp_hw_support.a:*(.literal .text .literal.* .text.*) @@ -146,6 +152,7 @@ SECTIONS /* HAL (noflash) */ *libhal.a:mmu_hal.c*(.rodata .srodata .rodata.* .srodata.*) *libhal.a:cache_hal.c*(.rodata .srodata .rodata.* .srodata.*) + *libesp_hal_mspi.a:*(.rodata .srodata .rodata.* .srodata.*) _tee_rodata_end = ABSOLUTE(.); _tee_dram_end = ABSOLUTE(.); } > sram_tee_seg diff --git a/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in b/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in index 121f4f4b65..98e4d6a561 100644 --- a/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in +++ b/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in @@ -40,6 +40,11 @@ PROVIDE ( esp_tee_app_config = SRAM_REE_SEG_START + 0x2e0 ); PROVIDE ( GDMA = 0x60080000 ); +/* SPI Flash functions required from the ROM (refer esp32c6.rom.spiflash.ld) */ +PROVIDE ( spi_flash_check_and_flush_cache = 0x4000021c ); +PROVIDE ( spi_flash_chip_generic_config_host_io_mode = 0x400002c4 ); +PROVIDE ( memspi_host_flush_cache = 0x40000308 ); + /* Default entry point: */ ENTRY(esp_tee_init); @@ -98,6 +103,7 @@ SECTIONS *libhal.a:cache_hal.c*(.literal .text .literal.* .text.*) *libhal.a:wdt_hal_iram.c*(.literal .text .literal.* .text.*) *libhal.a:apm_hal.c*(.literal .text .literal.* .text.*) + *libesp_hal_mspi.a:*(.literal .text .literal.* .text.*) /* IDF components */ *libbootloader_support.a:*(.literal .text .literal.* .text.*) *libesp_hw_support.a:*(.literal .text .literal.* .text.*) @@ -146,6 +152,7 @@ SECTIONS /* HAL (noflash) */ *libhal.a:mmu_hal.c*(.rodata .srodata .rodata.* .srodata.*) *libhal.a:cache_hal.c*(.rodata .srodata .rodata.* .srodata.*) + *libesp_hal_mspi.a:*(.rodata .srodata .rodata.* .srodata.*) _tee_rodata_end = ABSOLUTE(.); _tee_dram_end = ABSOLUTE(.); } > sram_tee_seg diff --git a/components/esp_tee/subproject/main/ld/esp32h2/esp_tee.ld.in b/components/esp_tee/subproject/main/ld/esp32h2/esp_tee.ld.in index 121f4f4b65..0f38b3c64d 100644 --- a/components/esp_tee/subproject/main/ld/esp32h2/esp_tee.ld.in +++ b/components/esp_tee/subproject/main/ld/esp32h2/esp_tee.ld.in @@ -40,6 +40,11 @@ PROVIDE ( esp_tee_app_config = SRAM_REE_SEG_START + 0x2e0 ); PROVIDE ( GDMA = 0x60080000 ); +/* SPI Flash functions required from the ROM (refer esp32h2.rom.spiflash.ld) */ +PROVIDE ( spi_flash_check_and_flush_cache = 0x40000214 ); +PROVIDE ( spi_flash_chip_generic_config_host_io_mode = 0x400002bc ); +PROVIDE ( memspi_host_flush_cache = 0x40000300 ); + /* Default entry point: */ ENTRY(esp_tee_init); @@ -98,6 +103,7 @@ SECTIONS *libhal.a:cache_hal.c*(.literal .text .literal.* .text.*) *libhal.a:wdt_hal_iram.c*(.literal .text .literal.* .text.*) *libhal.a:apm_hal.c*(.literal .text .literal.* .text.*) + *libesp_hal_mspi.a:*(.literal .text .literal.* .text.*) /* IDF components */ *libbootloader_support.a:*(.literal .text .literal.* .text.*) *libesp_hw_support.a:*(.literal .text .literal.* .text.*) @@ -146,6 +152,7 @@ SECTIONS /* HAL (noflash) */ *libhal.a:mmu_hal.c*(.rodata .srodata .rodata.* .srodata.*) *libhal.a:cache_hal.c*(.rodata .srodata .rodata.* .srodata.*) + *libesp_hal_mspi.a:*(.rodata .srodata .rodata.* .srodata.*) _tee_rodata_end = ABSOLUTE(.); _tee_dram_end = ABSOLUTE(.); } > sram_tee_seg diff --git a/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.release b/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.release index 52e758739c..e96f96e949 100644 --- a/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.release +++ b/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.release @@ -1,8 +1,6 @@ # Reducing TEE I/DRAM sizes # 28KB CONFIG_SECURE_TEE_IRAM_SIZE=0x7000 -# 16KB -CONFIG_SECURE_TEE_DRAM_SIZE=0x4000 # TEE Secure Storage: Release mode CONFIG_SECURE_TEE_SEC_STG_MODE_RELEASE=y diff --git a/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.sb_fe b/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.sb_fe index bdec94c11b..54cfec34a0 100644 --- a/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.sb_fe +++ b/components/esp_tee/test_apps/tee_cli_app/sdkconfig.ci.sb_fe @@ -15,3 +15,7 @@ CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y # TEE Secure Storage: Release mode CONFIG_SECURE_TEE_SEC_STG_MODE_RELEASE=y CONFIG_SECURE_TEE_SEC_STG_EFUSE_HMAC_KEY_ID=5 + +# Increasing TEE DRAM size +# 18KB +CONFIG_SECURE_TEE_DRAM_SIZE=0x4800 diff --git a/components/esp_tee/test_apps/tee_test_fw/sdkconfig.ci.tee_ota b/components/esp_tee/test_apps/tee_test_fw/sdkconfig.ci.tee_ota index 09d30653ea..7cbca44849 100644 --- a/components/esp_tee/test_apps/tee_test_fw/sdkconfig.ci.tee_ota +++ b/components/esp_tee/test_apps/tee_test_fw/sdkconfig.ci.tee_ota @@ -15,3 +15,7 @@ CONFIG_SECURE_TEE_ATT_KEY_STR_ID="tee_att_keyN" # Enabling flash protection over SPI1 CONFIG_SECURE_TEE_EXT_FLASH_MEMPROT_SPI1=y + +# Increasing TEE DRAM size +# 19KB +CONFIG_SECURE_TEE_DRAM_SIZE=0x4c00 diff --git a/components/esp_tee/test_apps/tee_test_fw/sdkconfig.defaults b/components/esp_tee/test_apps/tee_test_fw/sdkconfig.defaults index c7570128d8..161c206fc4 100644 --- a/components/esp_tee/test_apps/tee_test_fw/sdkconfig.defaults +++ b/components/esp_tee/test_apps/tee_test_fw/sdkconfig.defaults @@ -11,6 +11,3 @@ CONFIG_SECURE_TEE_TEST_MODE=y # Setting partition table CONFIG_PARTITION_TABLE_SINGLE_APP_TEE=y CONFIG_PARTITION_TABLE_OFFSET=0xF000 - -# TEE IRAM size -CONFIG_SECURE_TEE_IRAM_SIZE=0x8400