Embed a 720p BGR raw asset and stream the encoded JPEG over UART so
this example no longer depends on SD card setup.
Add pytest coverage that reconstructs the JPEG from base64 output and
compares it against a checked-in golden image.
Previously the bootloader unconditionally revoked unused secure boot key
digest slots while permanently enabling secure boot on the first boot,
ignoring CONFIG_SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS. Now the config is
honored on this path too: when set, the unused digest slots are left
un-revoked. This is safe as long as the debug and download interfaces are
disabled.
Update the Kconfig help and the Secure Boot v2 guide (en and zh_CN)
accordingly.
- security.rst: remove duplicated word in OTA encryption note
- tee.rst: remove duplicated word in memory allocation note
- flash-encryption.rst: drop redundant phrase and fix subject-verb agreement
ECDSA based Secure Boot V2 is not functional for certain input vectors on
ESP32-C5/C61/H2/P4 and on the preview targets ESP32-H4/H21. RSA based Secure
Boot V2 is the recommended scheme where the SoC supports it. This issue will be
fixed in a future hardware ECO revision; more details will be shared through the
hardware errata document.
A new hidden Kconfig option SECURE_BOOT_V2_ECDSA_INSECURE marks the affected
mass-production SoCs (ESP32-C5/C61/H2/P4). On these SoCs, when hardware Secure
Boot V2 is enabled, the ECDSA (V2) signing scheme is no longer offered by
default; it must be turned on explicitly via SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
under "Allow potentially insecure options" (CONFIG_SECURE_BOOT_INSECURE). App
signing without hardware Secure Boot is not affected. Note that ESP32-C61 has no
RSA based Secure Boot V2, so it has no Secure Boot scheme enabled by default.
The preview targets ESP32-H4 and ESP32-H21 mark ECDSA Secure Boot V2 as not
supported in their SoC capabilities instead of using the option above. As
ESP32-H4 has no other Secure Boot V2 scheme, Secure Boot is disabled entirely on
it; ESP32-H21 retains RSA based Secure Boot V2.
The security documentation keeps the ECDSA Secure Boot V2 content visible and
adds a warning describing the limitation (including that ECDSA Secure Boot V2 on
ESP32-C61 is not recommended for production). CI apps that exercise ECDSA Secure
Boot V2 on the affected SoCs set CONFIG_SECURE_BOOT_V2_FORCE_ENABLE_ECDSA
accordingly.
Default timeout for interrupt WDT was increased by default
on ESP32, due to some heap integrity check APIs taking a long
time on large PSRAMs and causing timeouts.
But this adjustment was only done for ESP32, not later chips,
even though they may experience the same issue.
Adjusted to have the same behavior on all chips with PSRAM
enabled, making it consistant with the docs.
Closes https://github.com/espressif/esp-idf/issues/18360
Add a blocking wrapper for async memcpy so simple users can wait for one DMA copy without writing their own ISR callback and semaphore plumbing. Update functional tests and documentation to use the simpler API where async completion handling is not needed.
Co-authored-by: Cursor <cursoragent@cursor.com>
feat(freertos): added option for automatically placing task stacks in PSRAM
Closes IDF-15538, IDF-15539, and IDF-15540
See merge request espressif/esp-idf!48953
The Linux LWIP port was using --wrap linker flags to intercept read,
write, close, fcntl and select, routing socket FDs (>= LWIP_SOCKET_OFFSET)
to lwip_*() functions. This conflicted with the dlsym(RTLD_NEXT)
cooperative syscall interposition used by the new FreeRTOS Linux
simulator.
Replace the --wrap approach with esp_vfs_register_fd_range(), matching
how LWIP already integrates with VFS on bare-metal ESP32 targets.
The cooperative read()/write() wrappers in vfs_coop_syscalls.c check
VFS first, so LWIP FDs are dispatched to lwip_read() etc. before the
cooperative fallback path is reached.