Merge branch 'refactor/esp_tee_ss_layer_in_flash' into 'master'

refactor(esp_tee): Place the secure services `_ss_` layer in the flash by default

See merge request espressif/esp-idf!38336

Author: laukik-hase

components/esp_tee/Kconfig.projbuild

@@ -14,18 +14,18 @@ menu "ESP-TEE (Trusted Execution Environment)"
         config SECURE_TEE_IRAM_SIZE
             hex "IRAM region size"
             default 0x8000
-            range 0x8000 0x10000
+            range 0x7000 0xA000
             help
                 This configuration sets the IRAM size for the TEE module.
-                This should be a multiple of 0x1000.
+                This should be 256-byte (0x100) aligned.
 
         config SECURE_TEE_DRAM_SIZE
             hex "DRAM region size"
-            default 0x8000
-            range 0x8000 0x10000
+            default 0x6000
+            range 0x5000 0x7000
             help
                 This configuration sets the DRAM size for the TEE module.
-                This should be a multiple of 0x1000.
+                This should be 256-byte (0x100) aligned.
 
         config SECURE_TEE_STACK_SIZE
             hex "Stack size"
@@ -34,7 +34,7 @@ menu "ESP-TEE (Trusted Execution Environment)"
             help
                 This configuration sets the stack size for the TEE module.
                 The TEE stack will be allocated from the TEE DRAM region.
-                This should be a multiple of 0x100.
+                This should be 16-byte (0x10) aligned.
 
         config SECURE_TEE_INTR_STACK_SIZE
             hex "Interrupt Stack size"
@@ -43,7 +43,7 @@ menu "ESP-TEE (Trusted Execution Environment)"
             help
                 This configuration sets the interrupt stack size for the TEE module.
                 The TEE interrupt stack will be allocated from the TEE DRAM region.
-                This should be a multiple of 0x100.
+                This should be 16-byte (0x10) aligned.
 
         config SECURE_TEE_IROM_SIZE
             hex

components/esp_tee/include/private/esp_tee_binary.h

@@ -23,6 +23,22 @@ extern "C" {
 #define ALIGN_UP_TO_MMU_PAGE_SIZE(addr)      (((addr) + (SOC_MMU_PAGE_SIZE) - 1) & ~((SOC_MMU_PAGE_SIZE) - 1))
 #define ALIGN_DOWN_TO_MMU_PAGE_SIZE(addr)    ((addr) & ~((SOC_MMU_PAGE_SIZE) - 1))
 
+#if ((CONFIG_SECURE_TEE_IRAM_SIZE) & (0xFF))
+#error "CONFIG_SECURE_TEE_IRAM_SIZE must be 256-byte (0x100) aligned"
+#endif
+
+#if ((CONFIG_SECURE_TEE_DRAM_SIZE) & (0xFF))
+#error "CONFIG_SECURE_TEE_DRAM_SIZE must be 256-byte (0x100) aligned"
+#endif
+
+#if ((CONFIG_SECURE_TEE_STACK_SIZE) & 0xF)
+#error "CONFIG_SECURE_TEE_STACK_SIZE must be 16-byte (0x10) aligned"
+#endif
+
+#if ((CONFIG_SECURE_TEE_INTR_STACK_SIZE) & 0xF)
+#error "CONFIG_SECURE_TEE_INTR_STACK_SIZE must be 16-byte (0x10) aligned"
+#endif
+
 /* NOTE: ESP32-C6 - TEE/REE memory regions */
 /* TEE I/DRAM */
 #define SOC_S_IRAM_START      (SOC_IRAM_LOW)

components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml

@@ -134,26 +134,10 @@ secure_services:
   - family: hal
     entries:
       - id: 54
-        type: IDF
-        function: efuse_hal_chip_revision
-        args: 0
-      - id: 55
-        type: IDF
-        function: efuse_hal_get_chip_ver_pkg
-        args: 1
-      - id: 56
-        type: IDF
-        function: efuse_hal_get_disable_wafer_version_major
-        args: 0
-      - id: 57
-        type: IDF
-        function: efuse_hal_get_mac
-        args: 1
-      - id: 58
         type: IDF
         function: wdt_hal_init
         args: 4
-      - id: 59
+      - id: 55
         type: IDF
         function: wdt_hal_deinit
         args: 1
@@ -256,22 +240,7 @@ secure_services:
         type: IDF
         function: esp_ecc_point_verify
         args: 1
-  # ID: 134-149 (16) - eFuse
-  - family: efuse
-    entries:
-      - id: 134
-        type: IDF
-        function: esp_efuse_check_secure_version
-        args: 1
-      - id: 135
-        type: IDF
-        function: esp_efuse_read_field_blob
-        args: 3
-      - id: 136
-        type: IDF
-        function: esp_flash_encryption_enabled
-        args: 0
-  # ID: 150-169 (20) - Reserved for future use
+  # ID: 134-169 (36) - Reserved for future use
   - family: attestation
     entries:
       - id: 170

components/esp_tee/src/esp_secure_service_wrapper.c

@@ -6,7 +6,6 @@
 #include <stdarg.h>
 
 #include "esp_err.h"
-#include "esp_efuse.h"
 #include "esp_random.h"
 
 #include "hal/sha_types.h"
@@ -32,43 +31,6 @@ void IRAM_ATTR __wrap_esp_rom_route_intr_matrix(int cpu_no, uint32_t model_num,
     esp_tee_service_call(4, SS_ESP_ROM_ROUTE_INTR_MATRIX, cpu_no, model_num, intr_num);
 }
 
-/* ---------------------------------------------- eFuse ------------------------------------------------- */
-
-uint32_t __wrap_efuse_hal_chip_revision(void)
-{
-    return esp_tee_service_call(1, SS_EFUSE_HAL_CHIP_REVISION);
-}
-
-uint32_t __wrap_efuse_hal_get_chip_ver_pkg(void)
-{
-    return esp_tee_service_call(1, SS_EFUSE_HAL_GET_CHIP_VER_PKG);
-}
-
-bool __wrap_efuse_hal_get_disable_wafer_version_major(void)
-{
-    return esp_tee_service_call(1, SS_EFUSE_HAL_GET_DISABLE_WAFER_VERSION_MAJOR);
-}
-
-void __wrap_efuse_hal_get_mac(uint8_t *mac)
-{
-    esp_tee_service_call(2, SS_EFUSE_HAL_GET_MAC, mac);
-}
-
-bool __wrap_esp_efuse_check_secure_version(uint32_t secure_version)
-{
-    return esp_tee_service_call(4, SS_ESP_EFUSE_CHECK_SECURE_VERSION, secure_version);
-}
-
-esp_err_t __wrap_esp_efuse_read_field_blob(const esp_efuse_desc_t *field[], void *dst, size_t dst_size_bits)
-{
-    return esp_tee_service_call(4, SS_ESP_EFUSE_READ_FIELD_BLOB, (uint32_t)field, (uint32_t)dst, (uint32_t)dst_size_bits);
-}
-
-bool __wrap_esp_flash_encryption_enabled(void)
-{
-    return esp_tee_service_call(1, SS_ESP_FLASH_ENCRYPTION_ENABLED);
-}
-
 /* ---------------------------------------------- RTC_WDT ------------------------------------------------- */
 
 void __wrap_wdt_hal_init(wdt_hal_context_t *hal, wdt_inst_t wdt_inst, uint32_t prescaler, bool enable_intr)

components/esp_tee/subproject/components/tee_sec_storage/include/esp_tee_sec_storage.h

@@ -12,6 +12,7 @@ extern "C" {
 #include <stddef.h>
 #include <stdint.h>
 #include <stdbool.h>
+#include "esp_err.h"
 
 #define MIN_SEC_STG_SLOT_ID                 0    /*!< Minimum secure storage slot ID */
 #define MAX_SEC_STG_SLOT_ID                 14   /*!< Maximum secure storage slot ID */

components/esp_tee/subproject/main/CMakeLists.txt

@@ -9,6 +9,7 @@ set(include)
 set(srcs "core/esp_tee_init.c"
          "core/esp_tee_intr.c"
          "core/esp_secure_services.c"
+         "core/esp_secure_services_iram.c"
          "core/esp_secure_dispatcher.c"
          "core/esp_secure_service_table.c")
 

components/esp_tee/subproject/main/common/panic/esp_tee_panic.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -20,12 +20,12 @@
 #include "esp_tee.h"
 #include "esp_tee_apm_intr.h"
 #include "esp_tee_rv_utils.h"
+
 #include "panic_helper.h"
+#include "sdkconfig.h"
 
 #define RV_FUNC_STK_SZ    (32)
 
-#define tee_panic_print(format, ...) esp_rom_printf(DRAM_STR(format), ##__VA_ARGS__)
-
 static void tee_panic_end(void)
 {
     // Disable interrupts
@@ -67,26 +67,27 @@ void abort(void)
     ESP_INFINITE_LOOP();
 }
 
+static void panic_print_info(const void *frame, int core)
+{
+    panic_print_registers((const void *)frame, core);
+    tee_panic_print("\n");
+    panic_print_backtrace((const void *)frame, 100);
+    tee_panic_print("\n");
+    tee_panic_print("Rebooting...\r\n\n");
+
+    tee_panic_end();
+}
+
 static void panic_handler(void *frame, bool pseudo_exccause)
 {
     int fault_core = esp_cpu_get_core_id();
-
-    tee_panic_print("\n=================================================\n");
-    tee_panic_print("Secure exception occurred on Core %d\n", fault_core);
     if (pseudo_exccause) {
         panic_print_isrcause((const void *)frame, fault_core);
     } else {
         panic_print_exccause((const void *)frame, fault_core);
     }
-    tee_panic_print("=================================================\n");
 
-    panic_print_registers((const void *)frame, fault_core);
-    tee_panic_print("\n");
-    panic_print_backtrace((const void *)frame, 100);
-    tee_panic_print("\n");
-    tee_panic_print("Rebooting...\r\n\n");
-
-    tee_panic_end();
+    panic_print_info((const void *)frame, fault_core);
     ESP_INFINITE_LOOP();
 }
 
@@ -105,34 +106,24 @@ void tee_apm_violation_isr(void *arg)
     intptr_t exc_sp = RV_READ_CSR(mscratch);
     RvExcFrame *frame = (RvExcFrame *)exc_sp;
 
-    apm_ctrl_path_t *apm_excp_type = NULL;
-    apm_ctrl_exception_info_t excp_info;
-
-    apm_excp_type = (apm_ctrl_path_t *)arg;
+    apm_ctrl_path_t *apm_excp_type = (apm_ctrl_path_t *)arg;
+    apm_ctrl_exception_info_t excp_info = {
+        .apm_path = {
+            .apm_ctrl = apm_excp_type->apm_ctrl,
+            .apm_m_path = apm_excp_type->apm_m_path,
+        }
+    };
 
-    excp_info.apm_path.apm_ctrl = apm_excp_type->apm_ctrl;
-    excp_info.apm_path.apm_m_path = apm_excp_type->apm_m_path;
     apm_hal_apm_ctrl_get_exception_info(&excp_info);
-
-    /* Clear APM M path interrupt. */
     apm_hal_apm_ctrl_exception_clear(apm_excp_type);
 
     int fault_core = esp_cpu_get_core_id();
+    panic_print_rsn((const void *)frame, fault_core, esp_tee_apm_excp_type_to_str(excp_info.excp_type));
 
-    tee_panic_print("\n=================================================\n");
-    tee_panic_print("APM permission violation occurred on Core %d\n", fault_core);
-    tee_panic_print("Guru Meditation Error: Core %d panic'ed (%s). ", fault_core, esp_tee_apm_excp_type_to_str(excp_info.excp_type));
-    tee_panic_print("Exception was unhandled.\n");
-    tee_panic_print("Fault addr: 0x%x | Mode: %s\n", excp_info.excp_addr, esp_tee_apm_excp_mode_to_str(excp_info.excp_mode));
-    tee_panic_print("Module: %s | Path: 0x%02x\n", esp_tee_apm_excp_ctrl_to_str(excp_info.apm_path.apm_ctrl), excp_info.apm_path.apm_m_path);
-    tee_panic_print("Master: %s | Region: 0x%02x\n", esp_tee_apm_excp_mid_to_str(excp_info.excp_id), excp_info.excp_regn);
-    tee_panic_print("=================================================\n");
-    panic_print_registers((const void *)frame, fault_core);
-    tee_panic_print("\n");
-    panic_print_backtrace((const void *)frame, 100);
-    tee_panic_print("\n");
-    tee_panic_print("Rebooting...\r\n\n");
+    tee_panic_print("Access addr: 0x%x | Mode: %s\n", excp_info.excp_addr, esp_tee_apm_excp_mode_to_str(excp_info.excp_mode));
+    tee_panic_print("Module: %s | Path: %d\n", esp_tee_apm_excp_ctrl_to_str(excp_info.apm_path.apm_ctrl), excp_info.apm_path.apm_m_path);
+    tee_panic_print("Master: %s | Region: %d\n", esp_tee_apm_excp_mid_to_str(excp_info.excp_id), (excp_info.excp_regn == 0) ? 0 : (__builtin_ffs(excp_info.excp_regn) - 1));
 
-    tee_panic_end();
+    panic_print_info((const void *)frame, fault_core);
     ESP_INFINITE_LOOP();
 }

components/esp_tee/subproject/main/common/panic/panic_helper.h

@@ -3,11 +3,21 @@
  *
  * SPDX-License-Identifier: Apache-2.0
  */
+#include <stdarg.h>
+#include "esp_rom_sys.h"
+
+#if CONFIG_SECURE_TEE_DEBUG_MODE
+#define tee_panic_print(format, ...) esp_rom_printf(DRAM_STR(format), ##__VA_ARGS__)
+#else
+#define tee_panic_print(format, ...)
+#endif
 
 void panic_print_backtrace(const void *f, int depth);
 
 void panic_print_registers(const void *f, int core);
 
+void panic_print_rsn(const void *f, int core, const char *rsn);
+
 void panic_print_exccause(const void *f, int core);
 
 void panic_print_isrcause(const void *f, int core);