Merge branch 'bugfix/memprot_s2_intr_peri1' into 'master'

fix(security): ESP32S2 memory protection check for Peri1 RTCSLOW interrupt

See merge request espressif/esp-idf!37105

Author: pacucha42

components/hal/esp32s2/include/hal/memprot_peri_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -112,7 +112,7 @@ static inline intptr_t memprot_ll_peri1_rtcslow_get_fault_address(void)
 
 static inline bool memprot_ll_peri1_rtcslow_is_intr_mine(void)
 {
-    if (memprot_ll_dram0_is_assoc_intr()) {
+    if (memprot_ll_peri1_is_assoc_intr()) {
         uint32_t faulting_address = (uint32_t)memprot_ll_peri1_rtcslow_get_fault_address();
         return faulting_address >= PERI1_RTCSLOW_ADDRESS_LOW && faulting_address <= PERI1_RTCSLOW_ADDRESS_HIGH;
     }
@@ -123,7 +123,7 @@ static inline memprot_hal_err_t memprot_ll_peri1_rtcslow_set_prot(uint32_t *spli
 {
     uint32_t addr = (uint32_t)split_addr;
 
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
     if (addr < PERI1_RTCSLOW_ADDRESS_LOW || addr > PERI1_RTCSLOW_ADDRESS_HIGH) {
         return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
     }
@@ -281,7 +281,7 @@ static inline memprot_hal_err_t memprot_ll_peri2_rtcslow_0_set_prot(uint32_t *sp
 {
     uint32_t addr = (uint32_t)split_addr;
 
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
     if (addr < PERI2_RTCSLOW_0_ADDRESS_LOW || addr > PERI2_RTCSLOW_0_ADDRESS_HIGH) {
         return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
     }
@@ -369,7 +369,7 @@ static inline memprot_hal_err_t memprot_ll_peri2_rtcslow_1_set_prot(uint32_t *sp
 {
     uint32_t addr = (uint32_t)split_addr;
 
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
     if (addr < PERI2_RTCSLOW_1_ADDRESS_LOW || addr > PERI2_RTCSLOW_1_ADDRESS_HIGH) {
         return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
     }

tools/ci/check_copyright_ignore.txt

@@ -996,7 +996,6 @@ tools/test_apps/system/build_test/main/test_main.c
 tools/test_apps/system/cxx_no_except/main/main.cpp
 tools/test_apps/system/gdb_loadable_elf/main/hello_world_main.c
 tools/test_apps/system/longjmp_test/main/hello_world_main.c
-tools/test_apps/system/memprot/main/esp32s2/test_memprot_main.c
 tools/test_apps/system/no_embedded_paths/check_for_file_paths.py
 tools/test_apps/system/no_embedded_paths/main/test_no_embedded_paths_main.c
 tools/test_apps/system/startup/main/test_startup_main.c

tools/test_apps/system/memprot/main/esp32s2/test_memprot_main.c

@@ -1,11 +1,18 @@
-/* MEMPROT IramDram testing code */
+/*
+ * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 #include <stdio.h>
 #include <string.h>
 #include "sdkconfig.h"
 #include "esp_log.h"
 #include "esp32s2/memprot.h"
 #include "soc/soc.h"
 
+static const char *TAG = "memprot_test_ESP32S2";
+
 /*
  * ESP32S2 MEMORY PROTECTION MODULE TEST
  * =====================================
@@ -64,7 +71,6 @@
  * ********************************************************************************************
  */
 
-
 /* !!!IMPORTANT!!!
  * a0 needs to be saved/restored manually (not clobbered) to avoid return address corruption
  * caused by ASM block handling
@@ -107,7 +113,6 @@ static uint8_t RTC_SLOW_ATTR rtcslow_dummy_buffer[2 * SRAM_TEST_BUFFER_SIZE] = {
  * testing regions and splitting address scheme
  *
  */
-
 static uint32_t *test_memprot_dram0_rtcfast_get_min_split_addr(void)
 {
     return (uint32_t *)(rtcfast_dummy_buffer + sizeof(rtcfast_dummy_buffer) / 2);
@@ -186,7 +191,6 @@ static uint32_t *test_memprot_addr_high(mem_type_prot_t mem_type)
     }
 }
 
-
 static uint32_t *test_memprot_get_split_addr(mem_type_prot_t mem_type)
 {
     switch (mem_type) {
@@ -209,7 +213,6 @@ static uint32_t *test_memprot_get_split_addr(mem_type_prot_t mem_type)
     }
 }
 
-
 /*
  * testing setup of the memory-protection module
  */
@@ -274,7 +277,7 @@ static void test_memprot_set_prot(uint32_t *mem_type_mask, bool use_panic_handle
         esp_memprot_set_prot_peri2(MEMPROT_PERI2_RTCSLOW_1, test_memprot_peri2_rtcslow_1_get_min_split_addr(), WR_LOW_DIS, RD_LOW_DIS, EX_LOW_DIS, WR_HIGH_DIS, RD_HIGH_DIS, EX_HIGH_DIS);
     }
 
-    //reenable protection (bus based)
+    //re-enable protection (bus based)
     if (use_iram0) {
         esp_memprot_intr_ena(MEMPROT_IRAM0_SRAM, true);
     }
@@ -355,9 +358,11 @@ static void test_memprot_read(mem_type_prot_t mem_type)
     bool write_perm_low, write_perm_high, read_perm_low, read_perm_high;
     esp_memprot_get_perm_write(mem_type, &write_perm_low, &write_perm_high);
     esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
+    ESP_EARLY_LOGD(TAG, "TEST_READ (low: r=%u w=%u, high: r=%u w=%u):", read_perm_low, write_perm_low, read_perm_high, write_perm_high);
 
     volatile uint32_t *ptr_low = test_memprot_addr_low(mem_type);
     volatile uint32_t *ptr_high = test_memprot_addr_high(mem_type);
+    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", ptr_low, ptr_high);
 
     //temporarily allow WRITE for setting the test values
     esp_memprot_set_write_perm(mem_type, true, true);
@@ -397,12 +402,14 @@ static void test_memprot_write(mem_type_prot_t mem_type)
     bool write_perm_low, write_perm_high, read_perm_low, read_perm_high;
     esp_memprot_get_perm_write(mem_type, &write_perm_low, &write_perm_high);
     esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
+    ESP_EARLY_LOGD(TAG, "TEST_WRITE (low: r=%u w=%u, high: r=%u w=%u):", read_perm_low, write_perm_low, read_perm_high, write_perm_high);
 
     //temporarily allow READ operation
     esp_memprot_set_read_perm(mem_type, true, true);
 
     volatile uint32_t *ptr_low = test_memprot_addr_low(mem_type);
     volatile uint32_t *ptr_high = test_memprot_addr_high(mem_type);
+    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", ptr_low, ptr_high);
 
     //perform WRITE in low region
     const uint32_t test_val = 10;
@@ -447,8 +454,13 @@ static void test_memprot_exec(mem_type_prot_t mem_type)
     bool exec_perm_low, exec_perm_high;
     esp_memprot_get_perm_exec(mem_type, &exec_perm_low, &exec_perm_high);
 
+    bool read_perm_low, read_perm_high;
+    esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
+    ESP_EARLY_LOGD(TAG, "TEST_EXEC (low: r=%u w=%u x=%u, high: r=%u w=%u x=%u):", read_perm_low, write_perm_low, exec_perm_low, read_perm_high, write_perm_high, exec_perm_high);
+
     volatile uint32_t *fnc_ptr_low = test_memprot_addr_low(mem_type);
     volatile uint32_t *fnc_ptr_high = test_memprot_addr_high(mem_type);
+    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", fnc_ptr_low, fnc_ptr_high);
 
     //enable WRITE permission for both segments
     esp_memprot_set_write_perm(mem_type, true, true);