Merge branch 'feature/esp_tee_c5_v5.5' into 'release/v5.5'

feat(esp_tee): Initial support for ESP32-C5 and related changes (v5.5)

See merge request espressif/esp-idf!42357

Author: mahavirj

components/bootloader_support/bootloader_flash/src/bootloader_flash.c

@@ -138,7 +138,7 @@ esp_err_t bootloader_flash_erase_range(uint32_t start_addr, uint32_t size)
 #include "esp_flash_partitions.h"
 #include "rom/spi_flash.h"
 
-extern bool esp_tee_flash_check_paddr_in_active_tee_part(size_t paddr);
+extern bool esp_tee_flash_check_prange_in_active_tee_part(const size_t paddr, const size_t len);
 #endif
 
 static const char *TAG = "bootloader_flash";
@@ -524,7 +524,7 @@ esp_err_t bootloader_flash_write(size_t dest_addr, void *src, size_t size, bool
      * by validating the address before proceeding.
      */
 #if ESP_TEE_BUILD
-    bool addr_chk = esp_tee_flash_check_paddr_in_active_tee_part(dest_addr);
+    bool addr_chk = esp_tee_flash_check_prange_in_active_tee_part(dest_addr, size);
     if (addr_chk) {
         ESP_EARLY_LOGE(TAG, "bootloader_flash_write invalid dest_addr");
         return ESP_FAIL;
@@ -578,7 +578,7 @@ esp_err_t bootloader_flash_erase_sector(size_t sector)
 esp_err_t bootloader_flash_erase_range(uint32_t start_addr, uint32_t size)
 {
 #if ESP_TEE_BUILD
-    bool addr_chk = esp_tee_flash_check_paddr_in_active_tee_part(start_addr);
+    bool addr_chk = esp_tee_flash_check_prange_in_active_tee_part(start_addr, size);
     if (addr_chk) {
         return ESP_ERR_INVALID_ARG;
     }

components/esp_hw_support/include/esp_cpu.h

@@ -271,15 +271,33 @@ FORCE_INLINE_ATTR void esp_cpu_intr_set_mtvt_addr(const void *mtvt_addr)
 {
     rv_utils_set_mtvt((uint32_t)mtvt_addr);
 }
+
+/**
+ * @brief Set the base address of the current CPU's Interrupt Vector Table (XTVT), based
+ * on the current privilege level
+ *
+ * @param xtvt_addr Interrupt Vector Table's base address
+ *
+ * @note The XTVT table is only applicable when CLIC is supported
+ */
+FORCE_INLINE_ATTR void esp_cpu_intr_set_xtvt_addr(const void *xtvt_addr)
+{
+    rv_utils_set_xtvt((uint32_t)xtvt_addr);
+}
 #endif  //#if SOC_INT_CLIC_SUPPORTED
 
 #if SOC_CPU_SUPPORT_WFE
 /**
  * @brief Disable the WFE (wait for event) feature for CPU.
  */
-FORCE_INLINE_ATTR void rv_utils_disable_wfe_mode(void)
+FORCE_INLINE_ATTR void esp_cpu_disable_wfe_mode(void)
 {
+#if CONFIG_SECURE_ENABLE_TEE && !NON_OS_BUILD
+    extern esprv_int_mgmt_t esp_tee_intr_sec_srv_cb;
+    esp_tee_intr_sec_srv_cb(2, SS_RV_UTILS_WFE_MODE_ENABLE, false);
+#else
     rv_utils_wfe_mode_enable(false);
+#endif
 }
 #endif
 
@@ -450,9 +468,14 @@ FORCE_INLINE_ATTR uint32_t esp_cpu_intr_get_enabled_mask(void)
 {
 #ifdef __XTENSA__
     return xt_utils_intr_get_enabled_mask();
+#else
+#if CONFIG_SECURE_ENABLE_TEE && !NON_OS_BUILD && CONFIG_IDF_TARGET_ESP32C5
+    extern esprv_int_mgmt_t esp_tee_intr_sec_srv_cb;
+    return esp_tee_intr_sec_srv_cb(1, SS_RV_UTILS_INTR_GET_ENABLED_MASK);
 #else
     return rv_utils_intr_get_enabled_mask();
 #endif
+#endif
 }
 
 /**

components/esp_hw_support/mspi_timing_tuning/port/esp32c5/mspi_timing_tuning_configs.h

@@ -28,7 +28,10 @@
 #define MSPI_TIMING_FLASH_MODULE_CLOCK               120
 #endif
 //------------------------------------FLASH Needs Tuning or not-------------------------------------//
-#if MSPI_TIMING_FLASH_STR_MODE
+/* TODO: [ESP-TEE | IDF-10425] The SPI1 controller is protected by APM when ESP-TEE is enabled.
+ * MSPI tuning requires access to this controller, so it is currently disabled.
+ */
+#if MSPI_TIMING_FLASH_STR_MODE && !CONFIG_SECURE_ENABLE_TEE
 #define MSPI_TIMING_FLASH_NEEDS_TUNING               (MSPI_TIMING_FLASH_MODULE_CLOCK > 40)
 #endif
 
@@ -45,7 +48,8 @@
 #define MSPI_TIMING_PSRAM_MODULE_CLOCK               10      //Define this to 10MHz
 #endif
 //------------------------------------PSRAM Needs Tuning or not-------------------------------------//
-#if MSPI_TIMING_PSRAM_STR_MODE
+/* TODO: [ESP-TEE | IDF-10425] */
+#if MSPI_TIMING_PSRAM_STR_MODE && !CONFIG_SECURE_ENABLE_TEE
 #define MSPI_TIMING_PSRAM_NEEDS_TUNING               (MSPI_TIMING_PSRAM_MODULE_CLOCK > 40)
 #endif
 

components/esp_hw_support/port/esp32c5/CMakeLists.txt

@@ -1,3 +1,5 @@
+idf_build_get_property(non_os_build NON_OS_BUILD)
+
 set(srcs "rtc_clk_init.c"
     "rtc_time.c"
     "rtc_clk.c"
@@ -8,7 +10,7 @@ set(srcs "rtc_clk_init.c"
     "ocode_init.c"
 )
 
-if(NOT BOOTLOADER_BUILD)
+if(NOT non_os_build)
     list(APPEND srcs "sar_periph_ctrl.c")
 endif()
 

components/esp_hw_support/port/esp32c5/cpu_region_protect.c

@@ -126,6 +126,14 @@ void esp_cpu_configure_region_protection(void)
     //
     esp_cpu_configure_invalid_regions();
 
+    /* NOTE: When ESP-TEE is active, only configure invalid memory regions in bootloader
+     * to prevent errors before TEE initialization. TEE will handle all other
+     * memory protection.
+     */
+#if CONFIG_SECURE_ENABLE_TEE && BOOTLOADER_BUILD
+    return;
+#endif
+
     //
     // Configure all the valid address regions using PMP
     //

components/esp_hw_support/port/esp32c5/esp_cpu_intr.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -15,7 +15,20 @@ void esp_cpu_intr_get_desc(int core_id, int intr_num, esp_cpu_intr_desc_t *intr_
      * Reserve interrupt line 1 for the Wifi controller.
      * Reserve interrupt line 6 since it is used for disabling interrupts in the interrupt allocator (INT_MUX_DISABLED_INTNO)
      */
-    const uint32_t rsvd_mask = BIT(1) | BIT(6);
+    const uint32_t base_rsvd_mask = BIT(1) | BIT(6);
+
+    /* On the ESP32-C5, interrupt 31 is reserved for ESP-TEE
+     * for operations related to secure peripherals under its control
+     * (e.g. AES, SHA, APM)
+     *
+     * Interrupt 30 is reserved for handling REE interrupts occurring in TEE.
+     */
+#if CONFIG_SECURE_ENABLE_TEE
+    const uint32_t rsvd_mask = base_rsvd_mask | BIT(30) | BIT(31);
+#else
+    const uint32_t rsvd_mask = base_rsvd_mask;
+#endif
+
     intr_desc_ret->priority = 1;
     intr_desc_ret->type = ESP_CPU_INTR_TYPE_NA;
     intr_desc_ret->flags = esp_riscv_intr_num_flags(intr_num, rsvd_mask);

components/esp_hw_support/port/esp32c6/esp_cpu_intr.c

@@ -19,12 +19,12 @@ void esp_cpu_intr_get_desc(int core_id, int intr_num, esp_cpu_intr_desc_t *intr_
     // [TODO: IDF-2465]
     const uint32_t base_rsvd_mask = BIT(1) | BIT(3) | BIT(4) | BIT(6) | BIT(7);
 
-    /* On the ESP32-C6, interrupt 14 is reserved for ESP-TEE
+    /* On the ESP32-C6, interrupt 31 is reserved for ESP-TEE
      * for operations related to secure peripherals under its control
      * (e.g. AES, SHA, APM)
      */
 #if CONFIG_SECURE_ENABLE_TEE
-    const uint32_t rsvd_mask = base_rsvd_mask | BIT(14);
+    const uint32_t rsvd_mask = base_rsvd_mask | BIT(31);
 #else
     const uint32_t rsvd_mask = base_rsvd_mask;
 #endif

components/esp_hw_support/port/esp32h2/cpu_region_protect.c

@@ -62,6 +62,10 @@ static void esp_cpu_configure_invalid_regions(void)
     // 7. End of address space
     PMA_ENTRY_SET_TOR(11, SOC_PERIPHERAL_HIGH, PMA_NONE);
     PMA_ENTRY_SET_TOR(12, UINT32_MAX, PMA_TOR | PMA_NONE);
+
+    PMA_ENTRY_CFG_RESET(13);
+    PMA_ENTRY_CFG_RESET(14);
+    PMA_ENTRY_CFG_RESET(15);
 }
 
 void esp_cpu_configure_region_protection(void)

components/esp_hw_support/port/esp32h2/esp_cpu_intr.c

@@ -18,12 +18,12 @@ void esp_cpu_intr_get_desc(int core_id, int intr_num, esp_cpu_intr_desc_t *intr_
     // [TODO: IDF-2465]
     const uint32_t base_rsvd_mask = BIT(3) | BIT(4) | BIT(6) | BIT(7);
 
-    /* On the ESP32-H2, interrupt 14 is reserved for ESP-TEE
+    /* On the ESP32-H2, interrupt 31 is reserved for ESP-TEE
      * for operations related to secure peripherals under its control
      * (e.g. AES, SHA, APM)
      */
 #if CONFIG_SECURE_ENABLE_TEE
-    const uint32_t rsvd_mask = base_rsvd_mask | BIT(14);
+    const uint32_t rsvd_mask = base_rsvd_mask | BIT(31);
 #else
     const uint32_t rsvd_mask = base_rsvd_mask;
 #endif

components/esp_mm/port/esp32c5/ext_mem_layout.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -10,16 +10,41 @@
 #include "../ext_mem_layout.h"
 #include "hal/mmu_types.h"
 
+/* NOTE: With ESP-TEE enabled:
+ * - The start address is moved by the size of TEE IDROM segments since these
+ *   segments are placed at the start of the linear address space
+ * - TEE IROM and DROM segments are both 64KB (CONFIG_SECURE_TEE_IROM_SIZE,
+ *   CONFIG_SECURE_TEE_DROM_SIZE) for now. Thus, the number of reserved entries
+ *   from the start would be (64KB + 64KB)/MMU_PAGE_SIZE
+ * - The last few MMU entries are reserved for TEE flash operations. The number
+ *   of reserved entries matches the size of TEE IDROM segments (IROM + DROM)
+ *   plus one additional entry, i.e. (64KB + 64KB)/MMU_PAGE_SIZE + 1
+ */
+#if CONFIG_SECURE_ENABLE_TEE
+#define TEE_MMU_MEM_REG_START_OFFS   (CONFIG_SECURE_TEE_IROM_SIZE + CONFIG_SECURE_TEE_DROM_SIZE)
+#define TEE_MMU_RESV_PAGES           ((CONFIG_SECURE_TEE_IROM_SIZE + CONFIG_SECURE_TEE_DROM_SIZE) / CONFIG_MMU_PAGE_SIZE)
+#define TEE_MMU_MEM_REG_END_OFFS     ((TEE_MMU_RESV_PAGES + 1) * CONFIG_MMU_PAGE_SIZE)
+
+#define MMU_MEM_REG_START_ADDR_W_TEE (SOC_MMU_IRAM0_LINEAR_ADDRESS_LOW + TEE_MMU_MEM_REG_START_OFFS)
+#define MMU_MEM_REG_END_ADDR_W_TEE   (SOC_MMU_IRAM0_LINEAR_ADDRESS_HIGH - TEE_MMU_MEM_REG_END_OFFS)
+
+#define MMU_IRAM0_LINEAR_ADDRESS_LOW    MMU_MEM_REG_START_ADDR_W_TEE
+#define MMU_IRAM0_LINEAR_ADDRESS_HIGH   MMU_MEM_REG_END_ADDR_W_TEE
+#else
+#define MMU_IRAM0_LINEAR_ADDRESS_LOW    SOC_MMU_IRAM0_LINEAR_ADDRESS_LOW
+#define MMU_IRAM0_LINEAR_ADDRESS_HIGH   SOC_MMU_IRAM0_LINEAR_ADDRESS_HIGH
+#endif
+
 /**
  * The start addresses in this list should always be sorted from low to high, as MMU driver will need to
  * coalesce adjacent regions
  */
 // TODO: [ESP32C5] IDF-8658
 const mmu_mem_region_t g_mmu_mem_regions[SOC_MMU_LINEAR_ADDRESS_REGION_NUM] = {
     [0] = {
-        .start = SOC_MMU_IRAM0_LINEAR_ADDRESS_LOW,
-        .end = SOC_MMU_IRAM0_LINEAR_ADDRESS_HIGH,
-        .size = SOC_BUS_SIZE(SOC_MMU_IRAM0_LINEAR),
+        .start = MMU_IRAM0_LINEAR_ADDRESS_LOW,
+        .end = MMU_IRAM0_LINEAR_ADDRESS_HIGH,
+        .size = MMU_IRAM0_LINEAR_ADDRESS_HIGH - MMU_IRAM0_LINEAR_ADDRESS_LOW,
         .bus_id = CACHE_BUS_IBUS0 | CACHE_BUS_DBUS0,
         .targets = MMU_TARGET_FLASH0 | MMU_TARGET_PSRAM0,
         .caps = MMU_MEM_CAP_EXEC | MMU_MEM_CAP_READ | MMU_MEM_CAP_WRITE | MMU_MEM_CAP_32BIT | MMU_MEM_CAP_8BIT,