Merge branch 'feature/apply_new_version_logic' into 'master'

all: Apply new version logic (major * 100 + minor)

Closes IDF-4932 and IDF-4939

See merge request espressif/esp-idf!18787

Kconfig

@@ -16,6 +16,10 @@ mainmenu "Espressif IoT Development Framework Configuration"
         default "y" if IDF_TARGET_ESP32C6 # TODO: IDF-5630
         option env="IDF_ENV_FPGA"
 
+    config IDF_CI_BUILD
+        bool
+        option env="IDF_CI_BUILD"
+
     config IDF_TARGET_ARCH_RISCV
         bool
         default "n"

components/bootloader/Kconfig.projbuild

@@ -449,8 +449,8 @@ menu "Security features"
     config SECURE_BOOT_V2_RSA_SUPPORTED
         bool
         default y
-        # RSA secure boot is supported in ESP32 revision >= ECO3
-        depends on (IDF_TARGET_ESP32 && ESP32_REV_MIN >= 3) || SOC_SECURE_BOOT_V2_RSA
+        # RSA secure boot is supported in ESP32 revision >= v3.0
+        depends on (IDF_TARGET_ESP32 && ESP32_REV_MIN_FULL >= 300) || SOC_SECURE_BOOT_V2_RSA
 
     config SECURE_BOOT_V2_ECC_SUPPORTED
         bool
@@ -465,7 +465,7 @@ menu "Security features"
     config SECURE_BOOT_V2_PREFERRED
         bool
         default y
-        depends on ESP32_REV_MIN >= 3
+        depends on ESP32_REV_MIN_FULL >= 300
 
     config SECURE_BOOT_V2_ECDSA_ENABLED
         bool
@@ -586,8 +586,8 @@ menu "Security features"
     config SECURE_BOOT
         bool "Enable hardware Secure Boot in bootloader (READ DOCS FIRST)"
         default n
-        # Secure boot is not supported for ESP32-C3 revision < ECO3
-        depends on SOC_SECURE_BOOT_SUPPORTED && !(IDF_TARGET_ESP32C3 && ESP32C3_REV_MIN < 3)
+        # Secure boot is not supported for ESP32-C3 revision < v0.3
+        depends on SOC_SECURE_BOOT_SUPPORTED && !(IDF_TARGET_ESP32C3 && ESP32C3_REV_MIN_FULL < 3)
         select ESPTOOLPY_NO_STUB if !IDF_TARGET_ESP32 && !IDF_TARGET_ESP32S2
         help
             Build a bootloader which enables Secure Boot on first boot.
@@ -971,7 +971,7 @@ menu "Security features"
         default SECURE_ENABLE_SECURE_ROM_DL_MODE if SECURE_ROM_DL_MODE_ENABLED # NOERROR
         default SECURE_INSECURE_ALLOW_DL_MODE
         depends on SECURE_BOOT_V2_ENABLED || SECURE_FLASH_ENC_ENABLED
-        depends on !IDF_TARGET_ESP32 || ESP32_REV_MIN_3
+        depends on !(IDF_TARGET_ESP32 && ESP32_REV_MIN_FULL < 300)
 
         config SECURE_DISABLE_ROM_DL_MODE
             bool "UART ROM download mode (Permanently disabled (recommended))"

components/bootloader_support/bootloader_flash/src/bootloader_flash_config_esp32.c

@@ -17,6 +17,7 @@
 #include "soc/spi_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/soc_pins.h"
+#include "soc/chip_revision.h"
 #include "hal/efuse_hal.h"
 #include "hal/gpio_hal.h"
 #include "flash_qio_mode.h"
@@ -168,16 +169,13 @@ int bootloader_flash_get_wp_pin(void)
     return CONFIG_SPIRAM_SPIWP_SD3_PIN; // can be set for app when DIO or DOUT config used for PSRAM only
 #else
     // no custom value, find it based on the package eFuse value
-    uint8_t chip_ver;
-    uint32_t pkg_ver = bootloader_common_get_chip_ver_pkg();
-    switch(pkg_ver) {
+    switch(bootloader_common_get_chip_ver_pkg()) {
     case EFUSE_RD_CHIP_VER_PKG_ESP32U4WDH:
     case EFUSE_RD_CHIP_VER_PKG_ESP32D2WDQ5:
         return ESP32_D2WD_WP_GPIO;
     case EFUSE_RD_CHIP_VER_PKG_ESP32PICOD4:
         /* Same package IDs are used for ESP32-PICO-V3 and ESP32-PICO-D4, silicon version differentiates */
-        chip_ver = efuse_hal_get_major_chip_version();
-        return (chip_ver < 3) ? ESP32_D2WD_WP_GPIO : ESP32_PICO_V3_GPIO;
+        return !ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 300) ? ESP32_D2WD_WP_GPIO : ESP32_PICO_V3_GPIO;
     case EFUSE_RD_CHIP_VER_PKG_ESP32PICOV302:
         return ESP32_PICO_V3_GPIO;
     default:

components/bootloader_support/include/esp_app_format.h

@@ -84,8 +84,15 @@ typedef struct {
                                 * pin and sets this field to 0xEE=disabled) */
     uint8_t spi_pin_drv[3];     /*!< Drive settings for the SPI flash pins (read by ROM bootloader) */
     esp_chip_id_t chip_id;      /*!< Chip identification number */
-    uint8_t min_chip_rev;       /*!< Minimum chip revision supported by image */
-    uint8_t reserved[8];       /*!< Reserved bytes in additional header space, currently unused */
+    uint8_t min_chip_rev;       /*!< Minimal chip revision supported by image
+                                 * After the Major and Minor revision eFuses were introduced into the chips, this field is no longer used.
+                                 * But for compatibility reasons, we keep this field and the data in it.
+                                 * Use min_chip_rev_full instead.
+                                 * The software interprets this as a Major version for most of the chips and as a Minor version for the ESP32-C3.
+                                 */
+    uint16_t min_chip_rev_full; /*!< Minimal chip revision supported by image, in format: major * 100 + minor */
+    uint16_t max_chip_rev_full; /*!< Maximal chip revision supported by image, in format: major * 100 + minor */
+    uint8_t reserved[4];        /*!< Reserved bytes in additional header space, currently unused */
     uint8_t hash_appended;      /*!< If 1, a SHA256 digest "simple hash" (of the entire image) is appended after the checksum.
                                  * Included in image length. This digest
                                  * is separate to secure boot and only used for detecting corruption.

components/bootloader_support/include/esp_secure_boot.h

@@ -191,7 +191,7 @@ typedef struct {
  */
 esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
 
-#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_3
+#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_FULL >= 300
 /**
  * @brief Structure to hold public key digests calculated from the signature blocks of a single image.
  *
@@ -202,7 +202,7 @@ typedef struct {
     unsigned num_digests;                                       /* Number of valid digests, starting at index 0 */
 } esp_image_sig_public_key_digests_t;
 
-#endif // !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_3
+#endif // !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_FULL >= 300
 
 /** @brief Legacy ECDSA verification function
  *

components/bootloader_support/private_include/bootloader_signature.h

@@ -25,7 +25,7 @@
 #include "esp32c6/rom/secure_boot.h"
 #endif
 
-#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_3
+#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_FULL >= 300
 
 /** @brief Verify the secure boot signature block for Secure Boot V2.
  *

components/bootloader_support/src/bootloader_clock_init.c

@@ -6,6 +6,7 @@
 #include "sdkconfig.h"
 #include "soc/soc.h"
 #include "soc/rtc.h"
+#include "soc/chip_revision.h"
 #include "hal/efuse_hal.h"
 
 #if !CONFIG_IDF_TARGET_ESP32C6 // TODO: IDF-5645
@@ -41,7 +42,7 @@ __attribute__((weak)) void bootloader_clock_configure(void)
      * document). For rev. 0, switch to 240 instead if it has been enabled
      * previously.
      */
-    if (efuse_hal_get_major_chip_version() == 0 &&
+    if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 100) &&
             clk_ll_cpu_get_freq_mhz_from_pll() == CLK_LL_PLL_240M_FREQ_MHZ) {
         cpu_freq_mhz = 240;
     }

components/bootloader_support/src/bootloader_common_loader.c

@@ -17,14 +17,17 @@
 #include "soc/gpio_periph.h"
 #include "soc/rtc.h"
 #include "soc/efuse_reg.h"
+#include "soc/chip_revision.h"
 #include "hal/efuse_hal.h"
+#include "hal/efuse_ll.h"
 #include "hal/gpio_ll.h"
 #include "esp_image_format.h"
 #include "bootloader_sha.h"
 #include "sys/param.h"
 #include "bootloader_flash_priv.h"
 
 #define ESP_PARTITION_HASH_LEN 32 /* SHA-256 digest length */
+#define IS_MAX_REV_SET(max_chip_rev_full) (((max_chip_rev_full) != 65535) && ((max_chip_rev_full) != 0))
 
 static const char* TAG = "boot_comm";
 
@@ -61,27 +64,31 @@ esp_err_t bootloader_common_check_chip_validity(const esp_image_header_t* img_hd
     if (chip_id != img_hdr->chip_id) {
         ESP_LOGE(TAG, "mismatch chip ID, expected %d, found %d", chip_id, img_hdr->chip_id);
         err = ESP_FAIL;
-    }
-
+    } else {
 #ifndef CONFIG_IDF_ENV_FPGA
-#if defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32C2) || defined(CONFIG_IDF_TARGET_ESP32H2)
-    uint8_t revision = efuse_hal_get_major_chip_version();
-    // min_chip_rev keeps the MAJOR wafer version for these chips
-#else
-    uint8_t revision = efuse_hal_get_minor_chip_version();
-    // min_chip_rev keeps the MINOR wafer version for these chips
-#endif
-    if (revision < img_hdr->min_chip_rev) {
-        /* To fix this error, please update mininum supported chip revision from configuration,
-         * located in TARGET (e.g. ESP32) specific options under "Component config" menu */
-        ESP_LOGE(TAG, "This chip is revision %d but the application is configured for minimum revision %d. Can't run.", revision, img_hdr->min_chip_rev);
-        err = ESP_FAIL;
-    } else if (revision != img_hdr->min_chip_rev) {
-#ifdef BOOTLOADER_BUILD
-        ESP_LOGI(TAG, "chip revision: %d, min. %s chip revision: %d", revision, type == ESP_IMAGE_BOOTLOADER ? "bootloader" : "application", img_hdr->min_chip_rev);
-#endif
-    }
+        unsigned revision = efuse_hal_chip_revision();
+        unsigned int major_rev = revision / 100;
+        unsigned int minor_rev = revision % 100;
+        unsigned min_rev = img_hdr->min_chip_rev_full;
+        if (type == ESP_IMAGE_BOOTLOADER || type == ESP_IMAGE_APPLICATION) {
+            if (!ESP_CHIP_REV_ABOVE(revision, min_rev)) {
+                ESP_LOGE(TAG, "Image requires chip rev >= v%d.%d, but chip is v%d.%d",
+                         min_rev / 100, min_rev % 100,
+                         major_rev, minor_rev);
+                err = ESP_FAIL;
+            }
+        }
+        if (type == ESP_IMAGE_APPLICATION) {
+            unsigned max_rev = img_hdr->max_chip_rev_full;
+            if ((IS_MAX_REV_SET(max_rev) && (revision > max_rev) && !efuse_ll_get_disable_wafer_version_major())) {
+                ESP_LOGE(TAG, "Image requires chip rev <= v%d.%d, but chip is v%d.%d",
+                         max_rev / 100, max_rev % 100,
+                         major_rev, minor_rev);
+                err = ESP_FAIL;
+            }
+        }
 #endif // CONFIG_IDF_ENV_FPGA
+    }
 
     return err;
 }

components/bootloader_support/src/bootloader_init.c

@@ -41,7 +41,10 @@ esp_err_t bootloader_read_bootloader_header(void)
 
 esp_err_t bootloader_check_bootloader_validity(void)
 {
-    ESP_LOGI(TAG, "chip revision: V%03d", efuse_hal_chip_revision());
+    unsigned int revision = efuse_hal_chip_revision();
+    unsigned int major = revision / 100;
+    unsigned int minor = revision % 100;
+    ESP_LOGI(TAG, "chip revision: v%d.%d", major, minor);
     /* compare with the one set in bootloader image header */
     if (bootloader_common_check_chip_validity(&bootloader_image_hdr, ESP_IMAGE_BOOTLOADER) != ESP_OK) {
         return ESP_FAIL;

components/bootloader_support/src/esp32c3/bootloader_esp32c3.c

@@ -25,6 +25,7 @@
 #include "soc/extmem_reg.h"
 #include "soc/io_mux_reg.h"
 #include "soc/system_reg.h"
+#include "soc/chip_revision.h"
 #include "esp32c3/rom/efuse.h"
 #include "esp32c3/rom/ets_sys.h"
 #include "bootloader_common.h"
@@ -252,7 +253,7 @@ static inline void bootloader_hardware_init(void)
 {
     // This check is always included in the bootloader so it can
     // print the minimum revision error message later in the boot
-    if (efuse_hal_get_minor_chip_version() < 3) {
+    if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 3)) {
         REGI2C_WRITE_MASK(I2C_ULP, I2C_ULP_IR_FORCE_XPD_IPH, 1);
         REGI2C_WRITE_MASK(I2C_BIAS, I2C_BIAS_DREG_1P1_PVT, 12);
     }
@@ -265,8 +266,7 @@ static inline void bootloader_ana_reset_config(void)
       For ECO2: fix brownout reset bug, support swt & brownout reset;
       For ECO3: fix clock glitch reset bug, support all reset, include: swt & brownout & clock glitch reset.
     */
-    uint8_t chip_version = efuse_hal_get_minor_chip_version();
-    switch (chip_version) {
+    switch (efuse_hal_chip_revision()) {
         case 0:
         case 1:
             //Enable WDT reset. Disable BOR and GLITCH reset

components/efuse/esp32/esp_efuse_fields.c

@@ -13,6 +13,7 @@
 #include "esp_err.h"
 #include "esp_log.h"
 #include "soc/efuse_periph.h"
+#include "soc/chip_revision.h"
 #include "hal/efuse_hal.h"
 #include "bootloader_random.h"
 #include "sys/param.h"
@@ -41,9 +42,9 @@ void esp_efuse_disable_basic_rom_console(void)
 
 esp_err_t esp_efuse_disable_rom_download_mode(void)
 {
-#ifndef CONFIG_ESP32_REV_MIN_3
+#if CONFIG_ESP32_REV_MIN_FULL < 300
     /* Check if we support this revision at all */
-    if (efuse_hal_get_major_chip_version() < 3) {
+    if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 300)) {
         return ESP_ERR_NOT_SUPPORTED;
     }
 #endif

components/efuse/include/esp_efuse.h

@@ -46,7 +46,7 @@ typedef enum {
     ESP_EFUSE_ROM_LOG_ALWAYS_OFF    /**< Disable ROM logging permanently */
 } esp_efuse_rom_log_scheme_t;
 
-#if CONFIG_ESP32_REV_MIN_3 || !CONFIG_IDF_TARGET_ESP32
+#if CONFIG_ESP32_REV_MIN_FULL >= 300 || !CONFIG_IDF_TARGET_ESP32
 /**
  * @brief Pointers to the trusted key digests.
  *
@@ -742,7 +742,7 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
 esp_err_t esp_efuse_write_keys(const esp_efuse_purpose_t purposes[], uint8_t keys[][32], unsigned number_of_keys);
 
 
-#if CONFIG_ESP32_REV_MIN_3 || !CONFIG_IDF_TARGET_ESP32
+#if CONFIG_ESP32_REV_MIN_FULL >= 300 || !CONFIG_IDF_TARGET_ESP32
 /**
  * @brief Read key digests from efuse. Any revoked/missing digests will be marked as NULL
  *

components/efuse/src/efuse_controller/keys/without_key_purposes/three_key_blocks/esp_efuse_api_key.c

@@ -240,7 +240,7 @@ esp_err_t esp_efuse_write_keys(const esp_efuse_purpose_t purposes[], uint8_t key
     return err;
 }
 
-#if CONFIG_ESP32_REV_MIN_3
+#if CONFIG_ESP32_REV_MIN_FULL >= 300
 esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *trusted_keys)
 {
     if (trusted_keys == NULL) {
@@ -249,4 +249,4 @@ esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *truste
     trusted_keys->key_digests[0] = (const void *)esp_efuse_utility_get_read_register_address(EFUSE_BLK_SECURE_BOOT);
     return ESP_OK;
 }
-#endif // CONFIG_ESP32_REV_MIN_3
+#endif // CONFIG_ESP32_REV_MIN_FULL >= 300

components/esp_hw_support/Kconfig

@@ -1,4 +1,10 @@
 menu "Hardware Settings"
+
+    menu "Chip revision"
+        # Insert chip-specific HW config
+        orsource "./port/$IDF_TARGET/Kconfig.hw_support"
+    endmenu
+
     orsource "./port/$IDF_TARGET/Kconfig.spiram"
 
     menu "MAC Config"
@@ -183,9 +189,6 @@ menu "Hardware Settings"
             default 0x10000 if MMU_PAGE_SIZE_64KB
     endmenu
 
-    # Insert chip-specific HW config
-    orsource "./port/$IDF_TARGET/Kconfig.hw_support"
-
     menu "GDMA Configuration"
         depends on SOC_GDMA_SUPPORTED
         config GDMA_CTRL_FUNC_IN_IRAM

components/esp_hw_support/port/esp32/Kconfig.hw_support

@@ -2,25 +2,67 @@ choice ESP32_REV_MIN
     prompt "Minimum Supported ESP32 Revision"
     default ESP32_REV_MIN_0
     help
-        Minimum revision that ESP-IDF would support.
-        ESP-IDF performs different strategy on different esp32 revision.
+        Required minimum chip revision. ESP-IDF will check for it and
+        reject to boot if the chip revision fails the check.
+        This ensures the chip used will have some modifications (features, or bugfixes).
+
+        The complied binary will only support chips above this revision,
+        this will also help to reduce binary size.
 
     config ESP32_REV_MIN_0
-        bool "Rev 0"
+        bool "Rev v0.0 (ECO0)"
         # Brownout on Rev 0 is bugged, must use interrupt
         select ESP_SYSTEM_BROWNOUT_INTR
     config ESP32_REV_MIN_1
-        bool "Rev 1"
+        bool "Rev v1.0 (ECO1)"
+    config ESP32_REV_MIN_1_1
+        bool "Rev v1.1 (ECO1.1)"
     config ESP32_REV_MIN_2
-        bool "Rev 2"
+        bool "Rev v2.0 (ECO2)"
     config ESP32_REV_MIN_3
-        bool "Rev 3"
+        bool "Rev v3.0 (ECO3)"
+        select ESP_INT_WDT if ESP32_ECO3_CACHE_LOCK_FIX
+    config ESP32_REV_MIN_3_1
+        bool "Rev v3.1 (ECO4)"
         select ESP_INT_WDT if ESP32_ECO3_CACHE_LOCK_FIX
 endchoice
 
 config ESP32_REV_MIN
+    # we keep it for compatibility. Use ESP32_REV_MIN_FULL instead.
     int
     default 0 if ESP32_REV_MIN_0
-    default 1 if ESP32_REV_MIN_1
+    default 1 if ESP32_REV_MIN_1 || ESP32_REV_MIN_1_1
     default 2 if ESP32_REV_MIN_2
-    default 3 if ESP32_REV_MIN_3
+    default 3 if ESP32_REV_MIN_3 || ESP32_REV_MIN_3_1
+
+config ESP32_REV_MIN_FULL
+    int
+    default 0 if ESP32_REV_MIN_0
+    default 100 if ESP32_REV_MIN_1
+    default 101 if ESP32_REV_MIN_1_1
+    default 200 if ESP32_REV_MIN_2
+    default 300 if ESP32_REV_MIN_3
+    default 301 if ESP32_REV_MIN_3_1
+
+config ESP_REV_MIN_FULL
+    int
+    default ESP32_REV_MIN_FULL
+
+    #
+    # MAX Revision
+    #
+
+    comment "Maximum Supported ESP32 Revision (Rev v3.99)"
+    # Maximum revision that IDF supports.
+    # It can not be changed by user.
+    # Only Espressif can change it when a new version will be supported in IDF.
+    # Supports all chips starting from ESP32_REV_MIN_FULL to ESP32_REV_MAX_FULL
+
+config ESP32_REV_MAX_FULL
+    int
+    default 399
+    # keep in sync the "Maximum Supported Revision" description with this value
+
+config ESP_REV_MAX_FULL
+    int
+    default ESP32_REV_MAX_FULL