fix(security): Fixed ESP32S2 memory protection check for Peri1 RTCSLOW interrupt

- fixes the issue found in https://github.com/espressif/esp-idf/issues/15359 - extends debug printouts in the related tests
2025-03-09 17:19:09 -04:00 · 2025-02-19 09:42:57 +01:00 · 2025-02-19 09:42:57 +01:00 · 64ae64fb16
commit 64ae64fb16
parent 04133e0225
3 changed files with 23 additions and 12 deletions
--- a/components/hal/esp32s2/include/hal/memprot_peri_ll.h
+++ b/components/hal/esp32s2/include/hal/memprot_peri_ll.h
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@ -112,7 +112,7 @@ static inline intptr_t memprot_ll_peri1_rtcslow_get_fault_address(void)
 static inline bool memprot_ll_peri1_rtcslow_is_intr_mine(void)
 {
-    if (memprot_ll_dram0_is_assoc_intr()) {
+    if (memprot_ll_peri1_is_assoc_intr()) {
        uint32_t faulting_address = (uint32_t)memprot_ll_peri1_rtcslow_get_fault_address();
        return faulting_address >= PERI1_RTCSLOW_ADDRESS_LOW && faulting_address <= PERI1_RTCSLOW_ADDRESS_HIGH;
    }
@ -123,7 +123,7 @@ static inline memprot_hal_err_t memprot_ll_peri1_rtcslow_set_prot(uint32_t *spli
 {
    uint32_t addr = (uint32_t)split_addr;
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
    if (addr < PERI1_RTCSLOW_ADDRESS_LOW || addr > PERI1_RTCSLOW_ADDRESS_HIGH) {
        return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
    }
@ -281,7 +281,7 @@ static inline memprot_hal_err_t memprot_ll_peri2_rtcslow_0_set_prot(uint32_t *sp
 {
    uint32_t addr = (uint32_t)split_addr;
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
    if (addr < PERI2_RTCSLOW_0_ADDRESS_LOW || addr > PERI2_RTCSLOW_0_ADDRESS_HIGH) {
        return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
    }
@ -369,7 +369,7 @@ static inline memprot_hal_err_t memprot_ll_peri2_rtcslow_1_set_prot(uint32_t *sp
 {
    uint32_t addr = (uint32_t)split_addr;
-    //check corresponding range fit & aligment to 32bit boundaries
+    //check corresponding range fit & alignment to 32bit boundaries
    if (addr < PERI2_RTCSLOW_1_ADDRESS_LOW || addr > PERI2_RTCSLOW_1_ADDRESS_HIGH) {
        return MEMP_HAL_ERR_SPLIT_ADDR_INVALID;
    }
--- a/tools/ci/check_copyright_ignore.txt
+++ b/tools/ci/check_copyright_ignore.txt
@ -996,7 +996,6 @@ tools/test_apps/system/build_test/main/test_main.c
 tools/test_apps/system/cxx_no_except/main/main.cpp
 tools/test_apps/system/gdb_loadable_elf/main/hello_world_main.c
 tools/test_apps/system/longjmp_test/main/hello_world_main.c
 tools/test_apps/system/memprot/main/esp32s2/test_memprot_main.c
 tools/test_apps/system/no_embedded_paths/check_for_file_paths.py
 tools/test_apps/system/no_embedded_paths/main/test_no_embedded_paths_main.c
 tools/test_apps/system/startup/main/test_startup_main.c
--- a/tools/test_apps/system/memprot/main/esp32s2/test_memprot_main.c
+++ b/tools/test_apps/system/memprot/main/esp32s2/test_memprot_main.c
@ -1,4 +1,9 @@
-/* MEMPROT IramDram testing code */
+/*
 * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
 #include <stdio.h>
 #include <string.h>
 #include "sdkconfig.h"
@ -6,6 +11,8 @@
 #include "esp32s2/memprot.h"
 #include "soc/soc.h"
 static const char *TAG = "memprot_test_ESP32S2";
 /*
 * ESP32S2 MEMORY PROTECTION MODULE TEST
 * =====================================
@ -64,7 +71,6 @@
 * ********************************************************************************************
 */
 /* !!!IMPORTANT!!!
 * a0 needs to be saved/restored manually (not clobbered) to avoid return address corruption
 * caused by ASM block handling
@ -107,7 +113,6 @@ static uint8_t RTC_SLOW_ATTR rtcslow_dummy_buffer[2 * SRAM_TEST_BUFFER_SIZE] = {
 * testing regions and splitting address scheme
 *
 */
 static uint32_t *test_memprot_dram0_rtcfast_get_min_split_addr(void)
 {
    return (uint32_t *)(rtcfast_dummy_buffer + sizeof(rtcfast_dummy_buffer) / 2);
@ -186,7 +191,6 @@ static uint32_t *test_memprot_addr_high(mem_type_prot_t mem_type)
    }
 }
 static uint32_t *test_memprot_get_split_addr(mem_type_prot_t mem_type)
 {
    switch (mem_type) {
@ -209,7 +213,6 @@ static uint32_t *test_memprot_get_split_addr(mem_type_prot_t mem_type)
    }
 }
 /*
 * testing setup of the memory-protection module
 */
@ -274,7 +277,7 @@ static void test_memprot_set_prot(uint32_t *mem_type_mask, bool use_panic_handle
        esp_memprot_set_prot_peri2(MEMPROT_PERI2_RTCSLOW_1, test_memprot_peri2_rtcslow_1_get_min_split_addr(), WR_LOW_DIS, RD_LOW_DIS, EX_LOW_DIS, WR_HIGH_DIS, RD_HIGH_DIS, EX_HIGH_DIS);
    }
-    //reenable protection (bus based)
+    //re-enable protection (bus based)
    if (use_iram0) {
        esp_memprot_intr_ena(MEMPROT_IRAM0_SRAM, true);
    }
@ -355,9 +358,11 @@ static void test_memprot_read(mem_type_prot_t mem_type)
    bool write_perm_low, write_perm_high, read_perm_low, read_perm_high;
    esp_memprot_get_perm_write(mem_type, &write_perm_low, &write_perm_high);
    esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
    ESP_EARLY_LOGD(TAG, "TEST_READ (low: r=%u w=%u, high: r=%u w=%u):", read_perm_low, write_perm_low, read_perm_high, write_perm_high);
    volatile uint32_t *ptr_low = test_memprot_addr_low(mem_type);
    volatile uint32_t *ptr_high = test_memprot_addr_high(mem_type);
    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", ptr_low, ptr_high);
    //temporarily allow WRITE for setting the test values
    esp_memprot_set_write_perm(mem_type, true, true);
@ -397,12 +402,14 @@ static void test_memprot_write(mem_type_prot_t mem_type)
    bool write_perm_low, write_perm_high, read_perm_low, read_perm_high;
    esp_memprot_get_perm_write(mem_type, &write_perm_low, &write_perm_high);
    esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
    ESP_EARLY_LOGD(TAG, "TEST_WRITE (low: r=%u w=%u, high: r=%u w=%u):", read_perm_low, write_perm_low, read_perm_high, write_perm_high);
    //temporarily allow READ operation
    esp_memprot_set_read_perm(mem_type, true, true);
    volatile uint32_t *ptr_low = test_memprot_addr_low(mem_type);
    volatile uint32_t *ptr_high = test_memprot_addr_high(mem_type);
    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", ptr_low, ptr_high);
    //perform WRITE in low region
    const uint32_t test_val = 10;
@ -447,8 +454,13 @@ static void test_memprot_exec(mem_type_prot_t mem_type)
    bool exec_perm_low, exec_perm_high;
    esp_memprot_get_perm_exec(mem_type, &exec_perm_low, &exec_perm_high);
    bool read_perm_low, read_perm_high;
    esp_memprot_get_perm_read(mem_type, &read_perm_low, &read_perm_high);
    ESP_EARLY_LOGD(TAG, "TEST_EXEC (low: r=%u w=%u x=%u, high: r=%u w=%u x=%u):", read_perm_low, write_perm_low, exec_perm_low, read_perm_high, write_perm_high, exec_perm_high);
    volatile uint32_t *fnc_ptr_low = test_memprot_addr_low(mem_type);
    volatile uint32_t *fnc_ptr_high = test_memprot_addr_high(mem_type);
    ESP_EARLY_LOGD(TAG, "[test_addr_low=0x%08X test_addr_high=0x%08X]", fnc_ptr_low, fnc_ptr_high);
    //enable WRITE permission for both segments
    esp_memprot_set_write_perm(mem_type, true, true);