Merge branch 'espressif:master' into master

.github/workflows/pre_commit_check.yml

@@ -40,3 +40,5 @@ jobs:
             echo ""
             exit 1
           fi
+          # Run pre-commit for PowerShell scripts check
+          pre-commit run --hook-stage manual check-powershell-scripts --from-ref base_ref --to-ref pr_ref --show-diff-on-failure

.gitlab-ci.yml

@@ -30,4 +30,5 @@ include:
   - '.gitlab/ci/integration_test.yml'
   - '.gitlab/ci/host-test.yml'
   - '.gitlab/ci/deploy.yml'
+  - '.gitlab/ci/post_deploy.yml'
   - '.gitlab/ci/test-win.yml'

.gitlab/CODEOWNERS

@@ -170,6 +170,7 @@
 /docs/**/api-reference/system/              @esp-idf-codeowners/system
 /docs/**/security/                          @esp-idf-codeowners/security
 /docs/**/migration-guides/                  @esp-idf-codeowners/docs @esp-idf-codeowners/all-maintainers
+/docs/**/contribute/install-pre-commit-hook.rst @esp-idf-codeowners/ci @esp-idf-codeowners/tools
 
 /examples/README.md           @esp-idf-codeowners/docs @esp-idf-codeowners/ci
 /examples/**/*.py             @esp-idf-codeowners/ci @esp-idf-codeowners/tools

.gitlab/ci/build.yml

@@ -112,6 +112,22 @@ fast_template_app:
     BUILD_COMMAND_ARGS: "-p"
 #------------------------------------------------------------------------------
 
+#######################
+# gnu_static_analyzer #
+#######################
+gcc_static_analyzer:
+  extends:
+    - .build_template_app_template
+    - .rules:build:target_test
+  stage: pre_check
+  tags: [build, shiny]
+  variables:
+    CI_CCACHE_DISABLE: 1
+    ANALYZING_APP: "examples/get-started/hello_world"
+  script:
+    - echo "CONFIG_COMPILER_STATIC_ANALYZER=y" >> ${ANALYZING_APP}/sdkconfig.defaults
+    - python -m idf_build_apps build -vv -p ${ANALYZING_APP} -t all
+
 ########################################
 # Clang Build Apps Without Tests Cases #
 ########################################

.gitlab/ci/docs.yml

@@ -171,6 +171,7 @@ build_docs_pdf:
     - job: fast_template_app
       artifacts: false
       optional: true
+  allow_failure: true # TODO IDFCI-2216
   artifacts:
     paths:
       - docs/_build/*/*/latex/*
@@ -182,6 +183,7 @@ build_docs_pdf_prod:
     - .build_docs_template
     - .doc-rules:build:docs-full-prod
   dependencies: [] # Stop build_docs jobs from downloading all previous job's artifacts
+  allow_failure: true # TODO IDFCI-2216
   artifacts:
     paths:
       - docs/_build/*/*/latex/*

.gitlab/ci/host-test.yml

@@ -395,6 +395,6 @@ test_idf_pytest_plugin:
       junit: XUNIT_RESULT.xml
   script:
     - cd ${IDF_PATH}/tools/ci/dynamic_pipelines/tests/test_report_generator
-    - python -m unittest test_target_test_report_generator.py
+    - python -m unittest test_report_generator.py
     - cd ${IDF_PATH}/tools/ci/idf_pytest
     - pytest --junitxml=${CI_PROJECT_DIR}/XUNIT_RESULT.xml

.gitlab/ci/post_deploy.yml

@@ -0,0 +1,12 @@
+generate_failed_jobs_report:
+  stage: post_deploy
+  tags: [build, shiny]
+  image: $ESP_ENV_IMAGE
+  when: always
+  artifacts:
+    expire_in: 1 week
+    when: always
+    paths:
+      - job_report.html
+  script:
+    - python tools/ci/dynamic_pipelines/scripts/generate_report.py --report-type job

.gitlab/ci/pre_commit.yml

@@ -45,3 +45,36 @@ check_pre_commit:
       paths:
         - .cache/submodule_archives
       policy: pull
+
+check_powershell:
+  extends:
+    - .before_script:minimal
+  stage: pre_check
+  image: docker:latest
+  services:
+    - docker:dind
+  tags:
+    - dind
+    - amd64
+  needs:
+    - pipeline_variables
+  variables:
+    # cache pre_commit
+    PRE_COMMIT_HOME: "$CI_PROJECT_DIR/.cache/pre-commit"
+  rules:
+    - changes:
+        - "*.ps1"
+  script:
+    - apk add python3
+    - apk add py3-pip
+    - pip install pre-commit --break-system-packages
+    - pre-commit run --hook-stage manual check-powershell-scripts --files $MODIFIED_FILES
+  cache:
+    - key: pre_commit-cache-${LATEST_GIT_TAG}
+      paths:
+        - .cache/pre-commit
+      policy: pull
+    - key: submodule-cache-${LATEST_GIT_TAG}
+      paths:
+        - .cache/submodule_archives
+      policy: pull

.gitlab/ci/rules.yml

@@ -66,6 +66,8 @@
   - "tools/ci/check_esp_memory_utils_headers.sh"
   - "tools/ci/check_blobs.sh"
   - "tools/ci/check_public_headers.py"
+  - "tools/ci/check_register_rw_half_word.cmake"
+  - "tools/ci/check_register_rw_half_word.py"
 
 .patterns-host_test: &patterns-host_test
   - ".gitlab/ci/host-test.yml"

.pre-commit-config.yaml

@@ -224,6 +224,11 @@ repos:
       name: shellcheck dash (export.sh)
       args: ['--shell', 'dash', '-x']
       files: 'export.sh'
+  - repo: https://github.com/espressif/esp-pwsh-check
+    rev: v1.0.1
+    hooks:
+    - id: check-powershell-scripts
+      stages: [manual]
   - repo: https://github.com/espressif/esp-idf-sbom.git
     rev: v0.13.0
     hooks:

CMakeLists.txt

@@ -96,7 +96,7 @@ if(CMAKE_C_COMPILER_ID MATCHES "Clang")
     list(APPEND compile_options "-Wno-pointer-bool-conversion")
     # mbedTLS md5.c triggers this warning in md5_test_buf (false positive)
     list(APPEND compile_options "-Wno-string-concatenation")
-    # multiple cases of implict convertions between unrelated enum types
+    # multiple cases of implicit conversions between unrelated enum types
     list(APPEND compile_options "-Wno-enum-conversion")
     # When IRAM_ATTR is specified both in function declaration and definition,
     # it produces different section names, since section names include __COUNTER__.
@@ -201,10 +201,18 @@ if(CONFIG_COMPILER_DISABLE_GCC13_WARNINGS)
                                     "-Wno-dangling-reference")
 endif()
 
+if(CONFIG_COMPILER_DISABLE_DEFAULT_ERRORS)
+    if(NOT CMAKE_C_COMPILER_ID MATCHES "Clang")
+        idf_build_replace_option_from_property(COMPILE_OPTIONS "-Werror" "-Werror=all")
+    endif()
+endif()
+
 # GCC-specific options
 if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
-    list(APPEND compile_options "-fstrict-volatile-bitfields"
-                                )
+    list(APPEND compile_options "-fstrict-volatile-bitfields")
+    if(CONFIG_COMPILER_STATIC_ANALYZER)
+        list(APPEND compile_options "-fanalyzer")
+    endif()
 endif()
 
 if(CONFIG_ESP_SYSTEM_USE_EH_FRAME)

Kconfig

@@ -48,6 +48,10 @@ mainmenu "Espressif IoT Development Framework Configuration"
         bool
         default "y" if IDF_TOOLCHAIN="clang"
 
+    config IDF_TOOLCHAIN_GCC
+        bool
+        default "y" if IDF_TOOLCHAIN="gcc"
+
     config IDF_TARGET_ARCH_RISCV
         bool
         default "n"
@@ -537,6 +541,20 @@ mainmenu "Espressif IoT Development Framework Configuration"
 
                 This option can be enabled for RISC-V targets only.
 
+        config COMPILER_DISABLE_DEFAULT_ERRORS
+            bool "Disable errors for default warnings"
+            default "y"
+            help
+                Enable this option if you do not want default warnings to be considered as errors,
+                especially when updating IDF.
+
+                This is a temporary flag that could help to allow upgrade while having
+                some time to address the warnings raised by those default warnings.
+                Alternatives are:
+                1) fix code (preferred),
+                2) remove specific warnings,
+                3) do not consider specific warnings as error.
+
         config COMPILER_DISABLE_GCC12_WARNINGS
             bool "Disable new warnings introduced in GCC 12"
             default "n"
@@ -606,6 +624,13 @@ mainmenu "Espressif IoT Development Framework Configuration"
                     Places orphan sections without a warning/error message.
         endchoice
 
+        config COMPILER_STATIC_ANALYZER
+            bool "Enable compiler static analyzer"
+            default "n"
+            depends on IDF_TOOLCHAIN_GCC
+            help
+                Enable compiler static analyzer. This may produce false-positive results and increases compile time.
+
     endmenu # Compiler Options
 
     menu "Component config"

components/bootloader/Kconfig.projbuild

@@ -360,9 +360,9 @@ menu "Bootloader config"
         # options, allowing to turn on "allow insecure options" and have secure boot with
         # "skip validation when existing deep sleep". Keeping this to avoid a breaking change,
         # but - as noted in help - it invalidates the integrity of Secure Boot checks
-        depends on SOC_RTC_FAST_MEM_SUPPORTED && ((SECURE_BOOT && SECURE_BOOT_INSECURE) || !SECURE_BOOT)
+        depends on ((SECURE_BOOT && SECURE_BOOT_INSECURE) || !SECURE_BOOT)
         default n
-        select BOOTLOADER_RESERVE_RTC_MEM
+        select BOOTLOADER_RESERVE_RTC_MEM if SOC_RTC_FAST_MEM_SUPPORTED
         help
             This option disables the normal validation of an image coming out of
             deep sleep (checksums, SHA256, and signature). This is a trade-off

components/bootloader_support/include/esp_secure_boot.h

@@ -63,6 +63,42 @@ extern "C" {
 #include "esp_efuse_table.h"
 #endif
 
+/**
+ * @brief   Secure Boot Signature Block Version field
+ */
+typedef enum {
+    ESP_SECURE_BOOT_V1_ECDSA = 0,           /*!< Secure Boot v1 */
+    ESP_SECURE_BOOT_V2_RSA   = 2,           /*!< Secure Boot v2 with RSA key */
+    ESP_SECURE_BOOT_V2_ECDSA = 3,           /*!< Secure Boot v2 with ECDSA key */
+} esp_secure_boot_sig_scheme_t;
+
+#if CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME
+#define ESP_SECURE_BOOT_SCHEME ESP_SECURE_BOOT_V1_ECDSA
+#elif CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
+#define ESP_SECURE_BOOT_SCHEME ESP_SECURE_BOOT_V2_RSA
+#elif CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
+#define ESP_SECURE_BOOT_SCHEME ESP_SECURE_BOOT_V2_ECDSA
+#endif
+
+#if CONFIG_SECURE_BOOT || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT
+/** @brief Get the selected secure boot scheme key type
+ *
+ * @return key type for the selected secure boot scheme
+ */
+static inline char* esp_secure_boot_get_scheme_name(esp_secure_boot_sig_scheme_t scheme)
+{
+    switch (scheme) {
+        case ESP_SECURE_BOOT_V2_RSA:
+            return "RSA";
+        case ESP_SECURE_BOOT_V1_ECDSA:
+        case ESP_SECURE_BOOT_V2_ECDSA:
+            return "ECDSA";
+        default:
+            return "Unknown";
+    }
+}
+#endif
+
 /** @brief Is secure boot currently enabled in hardware?
  *
  * This means that the ROM bootloader code will only boot

components/bootloader_support/private_include/bootloader_utility.h

@@ -56,9 +56,14 @@ __attribute__((__noreturn__)) void bootloader_utility_load_boot_image(const boot
 /**
  * @brief Load that application which was worked before we go to the deep sleep.
  *
+ * If chip supports the RTC memory:
  * Checks the reboot reason if it is the deep sleep and has a valid partition in the RTC memory
  * then try to load the application which was worked before we go to the deep sleep.
  *
+ * If chip does not support the RTC memory:
+ * Checks the reboot reason if it is the deep sleep then the partition table is read
+ * to select and load an application which was worked before we go to the deep sleep.
+ *
  */
 void bootloader_utility_load_boot_image_from_deep_sleep(void);
 #endif

components/bootloader_support/src/bootloader_clock_init.c

@@ -66,19 +66,22 @@ __attribute__((weak)) void bootloader_clock_configure(void)
         }
 #endif
 
-//TODO: [ESP32C61] IDF-9274, basic rtc support
-#if CONFIG_IDF_TARGET_ESP32C6 || CONFIG_IDF_TARGET_ESP32C5 || CONFIG_IDF_TARGET_ESP32C61
-        // TODO: IDF-5781 Some of esp32c6 SOC_RTC_FAST_CLK_SRC_XTAL_D2 rtc_fast clock has timing issue
-        // Force to use SOC_RTC_FAST_CLK_SRC_RC_FAST since 2nd stage bootloader
-        clk_cfg.fast_clk_src = SOC_RTC_FAST_CLK_SRC_RC_FAST;
-#else
         // Use RTC_FAST clock source sel register field's default value, XTAL_DIV, for 2nd stage bootloader
         // RTC_FAST clock source will be switched to RC_FAST at application startup
         clk_cfg.fast_clk_src = rtc_clk_fast_src_get();
         if (clk_cfg.fast_clk_src == SOC_RTC_FAST_CLK_SRC_INVALID) {
             clk_cfg.fast_clk_src = SOC_RTC_FAST_CLK_SRC_XTAL_DIV;
         }
+
+#if CONFIG_IDF_TARGET_ESP32C6
+        if (efuse_hal_chip_revision() == 0) {
+            // Some of ESP32C6-ECO0 chip's SOC_RTC_FAST_CLK_SRC_XTAL_D2 rtc_fast clock has timing issue,
+            // which will cause the chip to be unable to capture the reset reason when it is reset.
+            // Force to use SOC_RTC_FAST_CLK_SRC_RC_FAST since 2nd stage bootloader
+            clk_cfg.fast_clk_src = SOC_RTC_FAST_CLK_SRC_RC_FAST;
+        }
 #endif
+
         rtc_clk_init(clk_cfg);
     }
 

components/bootloader_support/src/bootloader_utility.c

@@ -461,15 +461,33 @@ static void set_actual_ota_seq(const bootloader_state_t *bs, int index)
 void bootloader_utility_load_boot_image_from_deep_sleep(void)
 {
     if (esp_rom_get_reset_reason(0) == RESET_REASON_CORE_DEEP_SLEEP) {
+#if SOC_RTC_FAST_MEM_SUPPORTED
         esp_partition_pos_t *partition = bootloader_common_get_rtc_retain_mem_partition();
-        if (partition != NULL) {
+        esp_image_metadata_t image_data;
+        if (partition != NULL && bootloader_load_image_no_verify(partition, &image_data) == ESP_OK) {
+            ESP_LOGI(TAG, "Fast booting app from partition at offset 0x%"PRIx32, partition->offset);
+            bootloader_common_update_rtc_retain_mem(NULL, true);
+            load_image(&image_data);
+        }
+#else // !SOC_RTC_FAST_MEM_SUPPORTED
+        bootloader_state_t bs = {0};
+        if (bootloader_utility_load_partition_table(&bs)) {
+            int index_of_last_loaded_app = FACTORY_INDEX;
+            esp_ota_select_entry_t otadata[2];
+            if (bs.ota_info.size && bootloader_common_read_otadata(&bs.ota_info, otadata) == ESP_OK) {
+                int active_otadata = bootloader_common_get_active_otadata(otadata);
+                if (active_otadata != -1) {
+                    index_of_last_loaded_app = (otadata[active_otadata].ota_seq - 1) % bs.app_count;
+                }
+            }
+            esp_partition_pos_t partition = index_to_partition(&bs, index_of_last_loaded_app);
             esp_image_metadata_t image_data;
-            if (bootloader_load_image_no_verify(partition, &image_data) == ESP_OK) {
-                ESP_LOGI(TAG, "Fast booting app from partition at offset 0x%"PRIx32, partition->offset);
-                bootloader_common_update_rtc_retain_mem(NULL, true);
+            if (partition.size && bootloader_load_image_no_verify(&partition, &image_data) == ESP_OK) {
+                ESP_LOGI(TAG, "Fast booting app from partition at offset 0x%"PRIx32, partition.offset);
                 load_image(&image_data);
             }
         }
+#endif // !SOC_RTC_FAST_MEM_SUPPORTED
         ESP_LOGE(TAG, "Fast booting is not successful");
         ESP_LOGI(TAG, "Try to load an app as usual with all validations");
     }

components/bootloader_support/src/secure_boot_v1/secure_boot_signatures_app.c

@@ -70,7 +70,7 @@ esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig
         return ESP_FAIL;
     }
 
-    if (sig_block->version != 0) {
+    if (sig_block->version != ESP_SECURE_BOOT_SCHEME) {
         ESP_LOGE(TAG, "image has invalid signature version field 0x%08"PRIx32" (image without a signature?)", sig_block->version);
         return ESP_FAIL;
     }

components/bootloader_support/src/secure_boot_v1/secure_boot_signatures_bootloader.c

@@ -69,7 +69,7 @@ esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig
         return ESP_FAIL;
     }
 
-    if (sig_block->version != 0) {
+    if (sig_block->version != ESP_SECURE_BOOT_SCHEME) {
         ESP_LOGE(TAG, "image has invalid signature version field 0x%08" PRIx32 " (image without a signature?)", sig_block->version);
         return ESP_FAIL;
     }

components/bootloader_support/src/secure_boot_v2/secure_boot.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */

components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c

@@ -44,6 +44,10 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
         || block->block_crc != esp_rom_crc32_le(0, (uint8_t *)block, CRC_SIGN_BLOCK_LEN)) {
         return ESP_FAIL;
     }
+    if (block->version != ESP_SECURE_BOOT_SCHEME) {
+        ESP_LOGE(TAG, "%s signing scheme selected but signature block generated for %s scheme", esp_secure_boot_get_scheme_name(ESP_SECURE_BOOT_SCHEME), esp_secure_boot_get_scheme_name(block->version));
+        return ESP_FAIL;
+    }
     return ESP_OK;
 }