Merge branch 'fix/esp_tee_misc' into 'master'

feat(esp_tee): Miscellaneous fixes and updates

Closes IDF-13856, IDFCI-3085, IDFCI-3094, and IDFCI-3105

See merge request espressif/esp-idf!41433

Author: laukik-hase

components/esp_tee/Kconfig.projbuild

@@ -12,15 +12,15 @@ menu "ESP-TEE (Trusted Execution Environment)"
         config SECURE_TEE_IRAM_SIZE
             hex "IRAM region size"
             default 0x8000
-            range 0x7000 0xA000
+            range 0x5000 0xA000
             help
                 This configuration sets the IRAM size for the TEE module.
                 This should be 256-byte (0x100) aligned.
 
         config SECURE_TEE_DRAM_SIZE
             hex "DRAM region size"
-            default 0x6000
-            range 0x5000 0x7000
+            default 0x5000
+            range 0x4000 0x7000
             help
                 This configuration sets the DRAM size for the TEE module.
                 This should be 256-byte (0x100) aligned.

components/esp_tee/src/esp_tee.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -10,6 +10,7 @@
 #include "esp_private/cache_utils.h"
 
 #include "freertos/FreeRTOS.h"
+#include "freertos/portmacro.h"
 #include "freertos/semphr.h"
 #include "freertos/task.h"
 
@@ -43,7 +44,9 @@ uint32_t IRAM_ATTR esp_tee_service_call(int argc, ...)
     va_list ap = {0};
     va_start(ap, argc);
 
-    if (xTaskGetSchedulerState() == taskSCHEDULER_RUNNING) {
+    /* NOTE: Cannot take the mutex if the scheduler is suspended or
+     * service call is requested from a critical section */
+    if (xTaskGetSchedulerState() == taskSCHEDULER_RUNNING && xPortCanYield()) {
         if (xSemaphoreTake(s_tee_mutex, portMAX_DELAY) == pdTRUE) {
             val = _u2m_switch(argc, ap);
             xSemaphoreGive(s_tee_mutex);

components/esp_tee/src/esp_tee_config.c

@@ -12,7 +12,7 @@ extern int _tee_interrupt_handler(void);
 /* U-to-M mode switch */
 extern uint32_t _u2m_switch(int argc, va_list ap);
 /* REE IRAM end */
-extern uint32_t _iram_end;
+extern uint32_t _iram_text_end;
 /* REE IROM end */
 extern uint32_t _instruction_reserved_end;
 /* REE DROM start */
@@ -31,7 +31,7 @@ esp_tee_config_t esp_tee_app_config __attribute__((section(".esp_tee_app_cfg")))
 
     .ns_int_handler = &_tee_interrupt_handler,
     .ns_entry_addr = &_u2m_switch,
-    .ns_iram_end = &_iram_end,
+    .ns_iram_end = &_iram_text_end,
     .ns_irom_end = &_instruction_reserved_end,
     .ns_drom_start = &_rodata_reserved_start,
     .ns_drom_end = &_rodata_reserved_end,

components/esp_tee/subproject/components/tee_ota_ops/CMakeLists.txt

@@ -1,15 +1,16 @@
 idf_build_get_property(esp_tee_build ESP_TEE_BUILD)
 
 set(srcs)
-set(priv_requires)
+set(priv_requires esp_tee)
 set(include_dirs  "include")
 
 if(esp_tee_build)
     list(APPEND srcs "esp_tee_ota_ops.c")
-    list(APPEND priv_requires bootloader_support esp_tee log spi_flash tee_flash_mgr)
+    list(APPEND priv_requires bootloader_support log spi_flash tee_flash_mgr)
 else()
-    list(APPEND srcs "esp_tee_ota_ops_wrapper.c")
-    list(APPEND priv_requires esp_tee)
+    if(CONFIG_SECURE_ENABLE_TEE)
+        list(APPEND srcs "esp_tee_ota_ops_wrapper.c")
+    endif()
 endif()
 
 idf_component_register(SRCS ${srcs}

components/esp_tee/subproject/components/tee_sec_storage/CMakeLists.txt

@@ -7,7 +7,9 @@ if(esp_tee_build)
     list(APPEND srcs "tee_sec_storage.c")
     list(APPEND priv_requires efuse esp_partition log mbedtls nvs_flash spi_flash tee_flash_mgr)
 else()
-    list(APPEND srcs "tee_sec_storage_wrapper.c")
+    if(CONFIG_SECURE_ENABLE_TEE)
+        list(APPEND srcs "tee_sec_storage_wrapper.c")
+    endif()
 endif()
 
 idf_component_register(SRCS ${srcs}

components/esp_tee/subproject/main/arch/riscv/esp_tee_vector_table_plic.S

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -11,7 +11,7 @@
 #endif
 
     /* Handlers defined in the `esp_tee_vectors.S` file */
-    .global _panic_handler
+    .global _tee_panic_handler
     .global _tee_ns_intr_handler
     .global _tee_s_intr_handler
 
@@ -36,7 +36,7 @@
     .global _vector_table
     .type _vector_table, @function
 _vector_table:
-    j _panic_handler            /* 0: Exception entry */
+    j _tee_panic_handler        /* 0: Exception entry */
     /* NOTE: All of the free interrupts are used by the REE */
     j _tee_ns_intr_handler      /* 1: Free interrupt number */
     j _tee_ns_intr_handler      /* 2: Free interrupt number */
@@ -61,17 +61,16 @@ _vector_table:
     j _tee_ns_intr_handler      /* 21: Free interrupt number */
     j _tee_ns_intr_handler      /* 22: Free interrupt number */
     j _tee_ns_intr_handler      /* 23: Free interrupt number */
-    j _panic_handler            /* 24: ETS_INT_WDT_INUM panic-interrupt (soc-level panic) */
-    j _panic_handler            /* 25: ETS_CACHEERR_INUM panic-interrupt (soc-level panic) */
+    j _tee_panic_handler        /* 24: ETS_INT_WDT_INUM panic-interrupt (soc-level panic) */
+    j _tee_panic_handler        /* 25: ETS_CACHEERR_INUM panic-interrupt (soc-level panic) */
     /* NOTE: Triggers panic irrespective of the Kconfig setting with ESP-TEE */
-    j _panic_handler            /* 26: ETS_MEMPROT_ERR_INUM handler (soc-level panic) */
+    j _tee_panic_handler        /* 26: ETS_MEMPROT_ERR_INUM handler (soc-level panic) */
     /* TODO: [IDF-10770] Not supported yet with ESP-TEE */
-    j _panic_handler            /* 27: ETS_ASSIST_DEBUG_INUM handler (soc-level panic) */
+    j _tee_panic_handler        /* 27: ETS_ASSIST_DEBUG_INUM handler (soc-level panic) */
     j _tee_ns_intr_handler      /* 28: Free interrupt number */
     j _tee_ns_intr_handler      /* 29: Free interrupt number */
     j _tee_ns_intr_handler      /* 30: Free interrupt number */
     j _tee_s_intr_handler       /* 31: ESP-TEE: Secure interrupt handler entry */
-    j _panic_handler            /* exception handler, entry 0 */
 
     .size _vector_table, .-_vector_table
 

components/esp_tee/subproject/main/arch/riscv/esp_tee_vectors_clic.S

@@ -176,18 +176,14 @@ _s_sp:
     .global _tee_panic_handler
     .type _tee_panic_handler, @function
 _tee_panic_handler:
-     /* Exception handler. */
-    .global _panic_handler
-    .type _panic_handler, @function
-_panic_handler:
     /* Backup t0, t1 on the stack before using it */
     addi    sp, sp, -16
     sw      t0, 0(sp)
     sw      t1, 4(sp)
 
     /* Read mcause */
     csrr    t0, mcause
-    li      t1, VECTORS_MCAUSE_INTBIT_MASK | VECTORS_MCAUSE_REASON_MASK
+    li      t1, VECTORS_MCAUSE_REASON_MASK
     and     t0, t0, t1
 
     /* Check whether the exception is an M-mode ecall */
@@ -265,7 +261,7 @@ _return_from_exception:
     restore_general_regs RV_STK_FRMSZ
     mret
 
-    .size  _panic_handler, .-_panic_handler
+    .size  _tee_panic_handler, .-_tee_panic_handler
 
     /* ECALL handler. */
     .type _ecall_handler, @function
@@ -274,13 +270,12 @@ _ecall_handler:
 _machine_ecall:
     /* Enable the U-mode delegation of all interrupts */
     li      t0, INTMTX_SIG_IDX_ASSERT_IN_SEC_REG
-    li      t1, 0x00
-    sw      t1, 0(t0)
+    sw      zero, 0(t0)
     fence
     /* Verify the above */
 _1:
-    lw      t2, 0(t0)
-    bne     t2, t1, _2
+    lw      t1, 0(t0)
+    bnez    t1, _1
 
     /* Set the privilege mode to transition to after mret to U-mode  */
     li      t0, MSTATUS_MPP
@@ -365,7 +360,7 @@ _rtn_from_ns_int:
     /* Verify the above */
 _3:
     lw      t2, 0(t0)
-    bne     t2, t1, _2
+    bne     t2, t1, _3
 
     /* Restore the secure stack pointer */
     la      t0, _s_sp
@@ -457,13 +452,12 @@ _found_intr:
 
     /* Enable the U-mode interrupt delegation */
     li      t0, INTMTX_SIG_IDX_ASSERT_IN_SEC_REG
-    li      t1, 0x00
-    sw      t1, 0(t0)
+    sw      zero, 0(t0)
     fence
     /* Verify the above */
 _4:
-    lw      t2, 0(t0)
-    bne     t2, t1, _2
+    lw      t1, 0(t0)
+    bnez    t1, _4
 
     /* For U-mode interrupts, we use mret to switch to U-mode after executing the below steps - */
     /* Disable the U-mode global interrupts */
@@ -484,7 +478,7 @@ _4:
     csrc    mstatus, t1
 
     /* Save the current secure stack pointer and switch to the U-mode interrupt stack
-     * saved while entering the secure service call routine (see `sec_world_entry`) */
+     * saved while entering the secure service call routine (see `_tee_s_entry`) */
     la     t0, _s_sp
     sw     sp, 0(t0)
     la     t1, _ns_sp
@@ -589,7 +583,7 @@ _intr_hdlr_exec:
     mv      a0, sp      /* argument 1, stack pointer */
     mv      a1, s1      /* argument 2, interrupt number (mcause) */
     /* mask off the interrupt flag of mcause */
-    li	    t0, VECTORS_MCAUSE_INTBIT_MASK | VECTORS_MCAUSE_REASON_MASK
+    li      t0, VECTORS_MCAUSE_REASON_MASK
     and     a1, a1, t0
 
     jal     esp_tee_global_interrupt_handler