pytest_gcov hardcoded `__idf_<component>.dir/` as the per-component CMake
intermediate directory where each .gcda is expected to land. The directory
name is build-system specific (Build system v1 uses `__idf_<component>.dir`,
Build system v2 uses `_idf_<component>.dir`). Asserting on a single literal
made every test_gcov_uart run fail under Build system v2 even though the
chip was streaming valid coverage data and the host-side UartGcovCapture
was writing the files to the build's actual layout.
Probe `CMakeFiles/*_<component>.dir/` and prefer the candidate whose .gcno
files were emitted by the active build, so the assertion follows the build
output rather than dictating it.
ESP32-C2 and ESP32-C61 have no RSA based Secure Boot V2 support, so the
CI configs that pin the RSA signing scheme and key fail the app signing
scheme/key check on these targets.
- flash_enc_wifi_2.data_partition_verification: add C2/C61 sdkconfig
overlays that switch to the ECDSA P-256 signing scheme and key (no
force-enable needed as Secure Boot V2 itself is not enabled here).
- on_update_no_sb_rsa: disable the build on targets without
SOC_SECURE_BOOT_V2_RSA, mirroring simple_ota_example, since this
config specifically exercises the RSA scheme.
fix(mmap): fixed mmap read data wrong when flash being erased/written and cache not disabled
Closes IDFGH-14084
See merge request espressif/esp-idf!29804
Address these:
lock_example.c:162:60: error: cast to pointer from integer of different size
[-Werror=int-to-pointer-cast]
162 | xTaskCreatePinnedToCore(inc_num_mutex, NULL, 4096, (void *)thread_id, TASK_PRIO_3, NULL, tskNO_AFFINITY);
| ^
create_task_example.c:30:19: error: cast from pointer to integer of different size
[-Werror=pointer-to-int-cast]
30 | int task_id = (int)arg;
ESP_FAULT_ASSERT(C) was silently deleted by the optimizer when C is a cached
flag/status already proven by a preceding `if (!C) return/goto`: the compiler
folds C to a constant and drops all three checks, removing the fault-injection
protection with no warning.
Before:
The cache won't be disabled when XIP on psram. But during flash
erasing/programming, read data will be courrupt.
When XIP in psram is enabled, the image is not mapped to the cache so
usually there will be no flash access. The only way to read from flash
is via the driver or use mmap. The driver has protection during erasing,
while th mmap region not.
Now:
Mmap APIs provide a flag to make mmap->unmap region mutually exclusive
to flash erase/programming when XIP from psram. SPI Flash write APIs
will benefit from this. When the flag is used, no concurrent access to
mapped region will happen while writing; otherwise the cache will be
disable to avoid data corruption.
Most ESP-IDF APIs calls mmap with this flag. As for users calling
mmap-like APIs directly, they can choose whether to enable this by a
flag.
Closes https://github.com/espressif/esp-idf/issues/14897
ESP32-C2 and ESP32-C61 have no RSA based Secure Boot V2 support
so the virt_sb_v2_and_fe configs cannot use the default RSA signing key.
Add target-specific sdkconfig overlays that switch to the ECDSA P-256 key;
on ESP32-C61 the ECDSA scheme must additionally be force-enabled
SECURE_BOOT_V2_ECDSA_INSECURE).
ECDSA based Secure Boot V2 is not functional for certain input vectors on
ESP32-C5/C61/H2/P4 and on the preview targets ESP32-H4/H21. RSA based Secure
Boot V2 is the recommended scheme where the SoC supports it. This issue will be
fixed in a future hardware ECO revision; more details will be shared through the
hardware errata document.
A new hidden Kconfig option SECURE_BOOT_V2_ECDSA_INSECURE marks the affected
mass-production SoCs (ESP32-C5/C61/H2/P4). On these SoCs, when hardware Secure
Boot V2 is enabled, the ECDSA (V2) signing scheme is no longer offered by
default; it must be turned on explicitly via SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
under "Allow potentially insecure options" (CONFIG_SECURE_BOOT_INSECURE). App
signing without hardware Secure Boot is not affected. Note that ESP32-C61 has no
RSA based Secure Boot V2, so it has no Secure Boot scheme enabled by default.
The preview targets ESP32-H4 and ESP32-H21 mark ECDSA Secure Boot V2 as not
supported in their SoC capabilities instead of using the option above. As
ESP32-H4 has no other Secure Boot V2 scheme, Secure Boot is disabled entirely on
it; ESP32-H21 retains RSA based Secure Boot V2.
The security documentation keeps the ECDSA Secure Boot V2 content visible and
adds a warning describing the limitation (including that ECDSA Secure Boot V2 on
ESP32-C61 is not recommended for production). CI apps that exercise ECDSA Secure
Boot V2 on the affected SoCs set CONFIG_SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
accordingly.
Recovery bootloader support increased the ESP32-P4 bootloader image enough
that it no longer fits before 0xe000. Moving the partition table to 0x10000
restores slack for CI builds using secure boot and flash encryption together.
Co-authored-by: Cursor <cursoragent@cursor.com>
test(ci): re-enable ESP32-H4 in core system test apps
Closes IDF-15602, IDF-15604, IDF-15605, IDF-15606, and IDF-15612
See merge request espressif/esp-idf!48454