2021-02-07 02:31:17 +01:00
===============
Espressif ESP32
===============
2021-04-07 19:52:35 +02:00
The ESP32 is a series of single and dual-core SoCs from Espressif
based on Harvard architecture Xtensa LX6 CPUs and with on-chip support
2021-10-24 12:02:09 +02:00
for Bluetooth and Wi-Fi.
2021-04-07 19:52:35 +02:00
All embedded memory, external memory and peripherals are located on the
data bus and/or the instruction bus of these CPUs. With some minor
exceptions, the address mapping of two CPUs is symmetric, meaning they
use the same addresses to access the same memory. Multiple peripherals in
the system can access embedded memory via DMA.
On dual-core SoCs, the two CPUs are typically named "PRO_CPU" and "APP_CPU"
(for "protocol" and "application"), however for most purposes the
two CPUs are interchangeable.
2021-03-20 18:39:39 +01:00
2024-04-19 17:41:51 +02:00
ESP32 Toolchain
2024-06-19 21:39:56 +02:00
===============
2021-02-07 02:31:17 +01:00
2024-04-19 17:41:51 +02:00
The toolchain used to build ESP32 firmware can be either downloaded or built from the sources.
It is **highly** recommended to use (download or build) the same toolchain version that is being
used by the NuttX CI.
2021-04-07 19:52:35 +02:00
2024-04-19 17:41:51 +02:00
Please refer to the Docker
`container <https://github.com/apache/nuttx/tree/master/tools/ci/docker/linux/Dockerfile> `_ and
check for the current compiler version being used. For instance:
2021-03-20 18:39:39 +01:00
2024-04-19 17:41:51 +02:00
.. code-block ::
###############################################################################
# Build image for tool required by ESP32 builds
###############################################################################
FROM nuttx-toolchain-base AS nuttx-toolchain-esp32
# Download the latest ESP32 GCC toolchain prebuilt by Espressif
RUN mkdir -p xtensa-esp32-elf-gcc && \
curl -s -L "https://github.com/espressif/crosstool-NG/releases/download/esp-12.2.0_20230208/xtensa-esp32-elf-12.2.0_20230208-x86_64-linux-gnu.tar.xz" \
| tar -C xtensa-esp32-elf-gcc --strip-components 1 -xJ
RUN mkdir -p xtensa-esp32s2-elf-gcc && \
curl -s -L "https://github.com/espressif/crosstool-NG/releases/download/esp-12.2.0_20230208/xtensa-esp32s2-elf-12.2.0_20230208-x86_64-linux-gnu.tar.xz" \
| tar -C xtensa-esp32s2-elf-gcc --strip-components 1 -xJ
RUN mkdir -p xtensa-esp32s3-elf-gcc && \
curl -s -L "https://github.com/espressif/crosstool-NG/releases/download/esp-12.2.0_20230208/xtensa-esp32s3-elf-12.2.0_20230208-x86_64-linux-gnu.tar.xz" \
| tar -C xtensa-esp32s3-elf-gcc --strip-components 1 -xJ
For ESP32, the toolchain version is based on GGC 12.2.0 (`` xtensa-esp32-elf-12.2.0_20230208 `` )
The prebuilt Toolchain (Recommended)
------------------------------------
First, create a directory to hold the toolchain:
.. code-block :: console
$ mkdir -p /path/to/your/toolchain/xtensa-esp32-elf-gcc
Download and extract toolchain:
.. code-block :: console
$ curl -s -L "https://github.com/espressif/crosstool-NG/releases/download/esp-12.2.0_20230208/xtensa-esp32-elf-12.2.0_20230208-x86_64-linux-gnu.tar.xz" \
| tar -C xtensa-esp32-elf-gcc --strip-components 1 -xJ
Add the toolchain to your `PATH` :
.. code-block :: console
$ echo "export PATH=/path/to/your/toolchain/xtensa-esp32-elf-gcc/bin:$PATH" >> ~/.bashrc
You can edit your shell's rc files if you don't use bash.
2021-03-20 18:39:39 +01:00
2021-04-07 19:52:35 +02:00
Building from source
--------------------
You can also build the toolchain yourself. The steps to
2021-04-08 23:36:14 +02:00
build the toolchain with crosstool-NG on Linux are as follows
2021-04-07 19:52:35 +02:00
.. code-block :: console
$ git clone https://github.com/espressif/crosstool-NG.git
$ cd crosstool-NG
$ git submodule update --init
$ ./bootstrap && ./configure --enable-local && make
$ ./ct-ng xtensa-esp32-elf
$ ./ct-ng build
$ chmod -R u+w builds/xtensa-esp32-elf
$ export PATH="crosstool-NG/builds/xtensa-esp32-elf/bin:$PATH"
2021-07-26 21:16:30 +02:00
These steps are given in the setup guide in
`ESP-IDF documentation <https://docs.espressif.com/projects/esp-idf/en/latest/get-started/linux-setup-scratch.html> `_ .
2021-03-20 18:39:39 +01:00
2024-06-19 21:39:56 +02:00
Building and flashing NuttX
===========================
2021-03-20 18:39:39 +01:00
2024-06-10 18:07:35 +02:00
Bootloader and partitions
-------------------------
NuttX can boot the ESP32 directly using the so-called "Simple Boot". An externally-built
2nd stage bootloader is not required in this case as all functions required to boot the device
are built within NuttX. Simple boot does not require any specific configuration (it is selectable
by default if no other 2nd stage bootloader is used).
If other features are required, an externally-built 2nd stage bootloader is needed. The bootloader
is built using the `` make bootloader `` command. This command generates the firmware in the
`` nuttx `` folder. The `` ESPTOOL_BINDIR `` is used in the `` make flash `` command to specify the path
to the bootloader. For compatibility among other SoCs and future options of 2nd stage bootloaders,
the commands `` make bootloader `` and the `` ESPTOOL_BINDIR `` option (for the `` make flash `` ) can be
used even if no externally-built 2nd stage bootloader is being built (they will be ignored if
Simple Boot is used, for instance)::
$ make bootloader
.. note :: It is recommended that if this is the first time you are using the board with NuttX to
perform a complete SPI FLASH erase.
.. code-block :: console
$ esptool.py erase_flash
Building and Flashing
---------------------
First, make sure that `` esptool.py `` is installed. This tool is used to convert the ELF to a
compatible ESP32 image and to flash the image into the board.
2024-10-15 20:49:27 +02:00
It can be installed with: `` pip install esptool==4.8.dev4 `` .
2024-06-10 18:07:35 +02:00
It's a two-step process where the first converts the ELF file into an ESP32 compatible binary
and the second flashes it to the board. These steps are included in the build system and it is
possible to build and flash the NuttX firmware simply by running::
2021-03-20 18:39:39 +01:00
2024-06-10 18:07:35 +02:00
$ make flash ESPTOOL_PORT=<port> ESPTOOL_BINDIR=./
2021-03-20 18:39:39 +01:00
2024-06-10 18:07:35 +02:00
where `` <port> `` is typically `` /dev/ttyUSB0 `` or similar. `` ESPTOOL_BINDIR=./ `` is the path of the
externally-built 2nd stage bootloader and the partition table (if applicable): when built using the
`` make bootloader `` , these files are placed into `` nuttx `` folder. `` ESPTOOL_BAUD `` is able to
change the flash baud rate if desired.
2021-03-20 18:39:39 +01:00
2024-08-14 18:18:04 +02:00
Debugging with `` openocd `` and `` gdb ``
======================================
Espressif uses a specific version of OpenOCD to support ESP32: `openocd-esp32 <https://github.com/espressif/> `_ .
2024-06-19 21:39:56 +02:00
Please check `Building OpenOCD from Sources <https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/api-guides/jtag-debugging/index.html#jtag-debugging-building-openocd> `_
for more information on how to build OpenOCD for ESP32.
ESP32 has dedicated pins for JTAG debugging. The following pins are used for JTAG debugging:
============= ===========
ESP32 Pin JTAG Signal
============= ===========
MTDO / GPIO15 TDO
MTDI / GPIO12 TDI
MTCK / GPIO13 TCK
MTMS / GPIO14 TMS
============= ===========
Some boards, like :ref: `ESP32-Ethernet-Kit V1.2 <platforms/xtensa/esp32/boards/esp32-ethernet-kit/index:ESP32-Ethernet-Kit V1.2>` and
:ref: `ESP-WROVER-KIT <platforms/xtensa/esp32/boards/esp32-wrover-kit/index:ESP-WROVER-KIT>` , have a built-in JTAG debugger.
Other boards that don't have any built-in JTAG debugger can be debugged using an external JTAG debugger, like the one
described for the :ref: `ESP32-DevKitC <platforms/xtensa/esp32/boards/esp32-devkitc/index:Debugging with OpenOCD>` .
2024-08-14 18:18:04 +02:00
.. note :: One must configure the USB drivers to enable JTAG communication. Please check
`Configure USB Drivers <https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/api-guides/jtag-debugging/configure-ft2232h-jtag.html#configure-usb-drivers> `_
for configuring the JTAG adapter of the :ref: `ESP32-Ethernet-Kit V1.2 <platforms/xtensa/esp32/boards/esp32-ethernet-kit/index:ESP32-Ethernet-Kit V1.2>` and
:ref: `ESP-WROVER-KIT <platforms/xtensa/esp32/boards/esp32-wrover-kit/index:ESP-WROVER-KIT>` boards and other FT2232-based JTAG adapters.
2024-06-19 21:39:56 +02:00
OpenOCD can then be used::
openocd -c 'set ESP_RTOS hwthread; set ESP_FLASH_SIZE 0' -f board/esp32-wrover-kit-1.8v.cfg
2024-08-14 18:18:04 +02:00
Once OpenOCD is running, you can use GDB to connect to it and debug your application::
xtensa-esp32-elf-gdb -x gdbinit nuttx
whereas the content of the `` gdbinit `` file is::
target remote :3333
set remote hardware-watchpoint-limit 2
mon reset halt
flushregs
monitor reset halt
thb nsh_main
c
.. note :: `` nuttx `` is the ELF file generated by the build process. Please note that `` CONFIG_DEBUG_SYMBOLS `` must be enabled in the `` menuconfig `` .
Please refer to :doc: `/quickstart/debugging` for more information about debugging techniques.
2021-02-07 02:31:17 +01:00
Peripheral Support
==================
2021-04-08 23:50:01 +02:00
The following list indicates the state of peripherals' support in NuttX:
2021-03-20 18:39:39 +01:00
========== ======= =====
Peripheral Support NOTES
========== ======= =====
2021-04-08 23:50:01 +02:00
ADC No
2023-03-24 15:44:03 +01:00
AES Yes
2021-12-28 14:18:53 +01:00
Bluetooth Yes
2023-03-24 15:44:03 +01:00
CAN/TWAI Yes
DMA Yes
2023-11-28 15:50:59 +01:00
DAC Yes One-shot
2023-03-24 15:44:03 +01:00
eFuse Yes
Ethernet Yes
GPIO Yes
I2C Yes
2022-09-29 16:52:36 +02:00
I2S Yes
LED_PWM Yes
2024-07-03 14:49:11 +02:00
MCPWM Yes
2021-04-08 23:50:01 +02:00
Pulse_CNT No
2023-09-01 11:01:42 +02:00
RMT Yes
2023-03-24 15:44:03 +01:00
RNG Yes
2021-04-08 23:50:01 +02:00
RSA No
2023-03-24 15:44:03 +01:00
RTC Yes
SD/MMC No
SDIO No
SHA No
SPI Yes
SPIFLASH Yes
SPIRAM Yes
Timers Yes
Touch Yes
UART Yes
Watchdog Yes
Wifi Yes
2021-03-20 18:39:39 +01:00
========== ======= =====
2021-04-07 19:52:35 +02:00
Memory Map
==========
Address Mapping
---------------
================== ========== ========== =============== ===============
BUS TYPE START LAST DESCRIPTION NOTES
================== ========== ========== =============== ===============
0x00000000 0x3F3FFFFF Reserved
Data 0x3F400000 0x3F7FFFFF External Memory
Data 0x3F800000 0x3FBFFFFF External Memory
0x3FC00000 0x3FEFFFFF Reserved
Data 0x3FF00000 0x3FF7FFFF Peripheral
Data 0x3FF80000 0x3FFFFFFF Embedded Memory
Instruction 0x40000000 0x400C1FFF Embedded Memory
Instruction 0x400C2000 0x40BFFFFF External Memory
. 0x40C00000 0x4FFFFFFF Reserved
Data / Instruction 0x50000000 0x50001FFF Embedded Memory
. 0x50002000 0xFFFFFFFF Reserved
================== ========== ========== =============== ===============
Embedded Memory
---------------
=========== ========== ========== =============== ===============
BUS TYPE START LAST DESCRIPTION NOTES
=========== ========== ========== =============== ===============
Data 0x3ff80000 0x3ff81fff RTC FAST Memory PRO_CPU Only
. 0x3ff82000 0x3ff8ffff Reserved
Data 0x3ff90000 0x3ff9ffff Internal ROM 1
. 0x3ffa0000 0x3ffadfff Reserved
Data 0x3ffae000 0x3ffdffff Internal SRAM 2 DMA
Data 0x3ffe0000 0x3fffffff Internal SRAM 1 DMA
=========== ========== ========== =============== ===============
2022-06-07 20:04:33 +02:00
Boundary Address (Embedded)
---------------------------
2021-04-07 19:52:35 +02:00
====================== ========== ========== =============== ===============
BUS TYPE START LAST DESCRIPTION NOTES
====================== ========== ========== =============== ===============
Instruction 0x40000000 0x40007fff Internal ROM 0 Remap
Instruction 0x40008000 0x4005ffff Internal ROM 0
. 0x40060000 0x4006ffff Reserved
Instruction 0x40070000 0x4007ffff Internal SRAM 0 Cache
Instruction 0x40080000 0x4009ffff Internal SRAM 0
Instruction 0x400a0000 0x400affff Internal SRAM 1
Instruction 0x400b0000 0x400b7FFF Internal SRAM 1 Remap
Instruction 0x400b8000 0x400bffff Internal SRAM 1
Instruction 0x400c0000 0x400c1FFF RTC FAST Memory PRO_CPU Only
Data / Instruction 0x50000000 0x50001fff RTC SLOW Memory
====================== ========== ========== =============== ===============
External Memory
---------------
=========== ========== ========== =============== ===============
BUS TYPE START LAST DESCRIPTION NOTES
=========== ========== ========== =============== ===============
Data 0x3f400000 0x3f7fffff External Flash Read
Data 0x3f800000 0x3fbfffff External SRAM Read and Write
=========== ========== ========== =============== ===============
2022-06-07 20:04:33 +02:00
Boundary Address (External)
---------------------------
2021-04-07 19:52:35 +02:00
Instruction 0x400c2000 0x40bfffff 11512 KB External Flash Read
Linker Segments
---------------
+---------------------+------------+------------+------+------------------------------+
| DESCRIPTION | START | END | ATTR | LINKER SEGMENT NAME |
+=====================+============+============+======+==============================+
| FLASH mapped data: | 0x3f400010 | 0x3fc00010 | R | drom0_0_seg |
| - .rodata | | | | |
| - Constructors | | | | |
| /destructors | | | | |
+---------------------+------------+------------+------+------------------------------+
2021-04-08 23:36:14 +02:00
| COMMON data RAM: | 0x3ffb0000 | 0x40000000 | RW | dram0_0_seg (NOTE 1,2,3) |
2021-04-07 19:52:35 +02:00
| - .bss/.data | | | | |
+---------------------+------------+------------+------+------------------------------+
| IRAM for PRO cpu: | 0x40080000 | 0x400a0000 | RX | iram0_0_seg |
| - Interrupt Vectors| | | | |
| - Low level | | | | |
| handlers | | | | |
| - Xtensa/Espressif | | | | |
| libraries | | | | |
+---------------------+------------+------------+------+------------------------------+
| RTC fast memory: | 0x400c0000 | 0x400c2000 | RWX | rtc_iram_seg (PRO_CPU only) |
| - .rtc.text | | | | |
| (unused?) | | | | |
+---------------------+------------+------------+------+------------------------------+
| FLASH: | 0x400d0018 | 0x40400018 | RX | iram0_2_seg (actually FLASH)|
| - .text | | | | |
+---------------------+------------+------------+------+------------------------------+
2021-04-08 23:36:14 +02:00
| RTC slow memory: | 0x50000000 | 0x50001000 | RW | rtc_slow_seg (NOTE 4) |
2021-04-07 19:52:35 +02:00
| - .rtc.data/rodata | | | | |
| (unused?) | | | | |
+---------------------+------------+------------+------+------------------------------+
.. note ::
(1) Linker script will reserve space at the beginning of the segment
for BT and at the end for trace memory.
2021-04-08 23:36:14 +02:00
(2) Heap ends at the top of dram_0_seg.
(3) Parts of this region is reserved for the ROM bootloader.
(4) Linker script will reserve space at the beginning of the segment
2021-04-07 19:52:35 +02:00
for co-processor reserve memory and at the end for ULP coprocessor
reserve memory.
64-bit Timers
=============
ESP32 has 4 generic timers of 64 bits (2 from Group 0 and 2 from Group 1). They're
accessible as character drivers, the configuration along with a guidance on how
to run the example and the description of the application level interface
2023-10-27 12:57:14 +02:00
can be found :doc: `here </components/drivers/character/timers/timer>` .
2021-04-07 19:52:35 +02:00
Watchdog Timers
===============
ESP32 has 3 WDTs. 2 MWDTS from the Timers Module and 1 RWDT from the RTC Module
(Currently not supported yet). They're accessible as character drivers,
The configuration along with a guidance on how to run the example and the description
of the application level interface can be found
2023-10-27 12:57:14 +02:00
:doc: `here </components/drivers/character/timers/watchdog>` .
2021-04-07 19:52:35 +02:00
SMP
===
The ESP32 has 2 CPUs. Support is included for testing an SMP configuration.
That configuration is still not yet ready for usage but can be enabled with
the following configuration settings,
in :menuselection: `RTOS Features --> Tasks and Scheduling` , with::
CONFIG_SPINLOCK=y
CONFIG_SMP=y
CONFIG_SMP_NCPUS=2
Debug Tip: During debug session, OpenOCD may mysteriously switch from one
CPU to another. This behavior can be eliminated by uncommenting one of the
following in `` scripts/esp32.cfg `` ::
# Only configure the PRO CPU
#set ESP32_ONLYCPU 1
# Only configure the APP CPU
#set ESP32_ONLYCPU 2
2023-04-27 22:23:46 +02:00
.. _esp32_wi-fi_sta:
2021-10-24 12:02:09 +02:00
Wi-Fi
2022-06-07 20:04:33 +02:00
=====
2021-03-20 18:39:39 +01:00
A standard network interface will be configured and can be initialized such as::
2021-08-26 13:47:50 +02:00
nsh> ifup wlan0
nsh> wapi psk wlan0 mypasswd 3
nsh> wapi essid wlan0 myssid 1
nsh> renew wlan0
2021-03-20 18:39:39 +01:00
In this case a connection to AP with SSID `` myssid `` is done, using `` mypasswd `` as
password. IP address is obtained via DHCP using `` renew `` command. You can check
the result by running `` ifconfig `` afterwards.
2023-03-24 15:44:03 +01:00
.. tip :: Boards usually expose a `` wifi `` defconfig which enables Wi-Fi
2021-03-20 18:39:39 +01:00
2023-10-23 09:55:25 +02:00
.. tip :: Please check :doc: `wapi </applications/wireless/wapi/index>` documentation for more
2023-04-27 23:04:49 +02:00
information about its commands and arguments.
.. note :: The `` wapi psk `` command on Station mode sets a security threshold. That
is, it enables connecting only to an equally or more secure network than the set
threshold. `` wapi psk wlan0 mypasswd 3 `` sets a WPA2-PSK-secured network and
enables the device to connect to networks that are equally or more secure than
that (WPA3-SAE, for instance, would be eligible for connecting to).
2023-04-27 22:23:46 +02:00
.. _esp32_wi-fi_softap:
2021-10-24 12:02:09 +02:00
Wi-Fi SoftAP
2022-06-07 20:04:33 +02:00
============
2021-08-26 13:47:50 +02:00
It is possible to use ESP32 as an Access Point (SoftAP). Actually there are some
2022-09-29 16:52:36 +02:00
boards config examples called sta_softap which enables this support
2021-08-26 13:47:50 +02:00
If you are using this board config profile you can run these commands to be able
to connect your smartphone or laptop to your board::
nsh> ifup wlan1
nsh> dhcpd_start wlan1
2022-10-03 21:32:43 +02:00
nsh> wapi psk wlan1 mypasswd 3
2021-08-26 13:47:50 +02:00
nsh> wapi essid wlan1 nuttxap 1
In this case, you are creating the access point `` nuttxapp `` in your board and to
2022-10-03 21:32:43 +02:00
connect to it on your smartphone you will be required to type the password `` mypasswd ``
using WPA2.
2023-04-27 23:04:49 +02:00
2023-10-23 09:55:25 +02:00
.. tip :: Please check :doc: `wapi </applications/wireless/wapi/index>` documentation for more
2023-04-27 23:04:49 +02:00
information about its commands and arguments.
2021-08-26 13:47:50 +02:00
The `` dhcpd_start `` is necessary to let your board to associate an IP to your smartphone.
2021-03-20 18:39:39 +01:00
Bluetooth
=========
2021-12-28 14:18:53 +01:00
These are the steps to test Bluetooth Low Energy (BLE) scan on ESP32 (i.e. Devkit board).
First configure to use the BLE board profile::
$ make distclean
$ ./tools/configure.sh esp32-devkitc:ble
$ make flash ESPTOOL_PORT=/dev/ttyUSB0
2022-06-23 15:21:31 +02:00
Enter in the NSH shell using your preferred serial console tool and run the scan command::
2021-12-28 14:18:53 +01:00
NuttShell (NSH) NuttX-10.2.0
nsh> ifconfig
bnep0 Link encap:UNSPEC at DOWN
inet addr:0.0.0.0 DRaddr:0.0.0.0 Mask:0.0.0.0
wlan0 Link encap:Ethernet HWaddr ac:67:b2:53:8b:ec at UP
inet addr:10.0.0.2 DRaddr:10.0.0.1 Mask:255.255.255.0
nsh> bt bnep0 scan start
nsh> bt bnep0 scan stop
nsh> bt bnep0 scan get
Scan result:
1. addr: 63:14:2f:b9:9f:83 type: 1
rssi: -90
response type: 3
advertiser data: 1e ff 06 00 01 09 20 02 7c 33 a3 a7 cd c9 44 5b
2. addr: 52:ca:05:b5:ad:77 type: 1
rssi: -82
response type: 3
advertiser data: 1e ff 06 00 01 09 20 02 03 d1 21 57 bf 19 b3 7a
3. addr: 46:8e:b2:cd:94:27 type: 1
rssi: -92
response type: 2
advertiser data: 02 01 1a 09 ff c4 00 10 33 14 12 16 80 02 0a d4
4. addr: 46:8e:b2:cd:94:27 type: 1
rssi: -92
response type: 4
advertiser data: 18 09 5b 4c 47 5d 20 77 65 62 4f 53 20 54 56 20
5. addr: 63:14:2f:b9:9f:83 type: 1
rssi: -80
response type: 3
advertiser data: 1e ff 06 00 01 09 20 02 7c 33 a3 a7 cd c9 44 5b
nsh>
2021-03-20 18:39:39 +01:00
2022-09-29 16:52:36 +02:00
I2S
===
The I2S peripheral is accessible using either the generic I2S audio driver or a specific
audio codec driver. Also, it's possible to use the I2S character driver to bypass the
audio subsystem and develop specific usages of the I2S peripheral.
.. note :: Note that the bit-width and sample rate can be modified "on-the-go" when using
audio-related drivers. That is not the case for the I2S character device driver and
such parameters are set on compile time through `make menuconfig` .
2023-03-24 15:44:03 +01:00
.. warning :: Some upper driver implementations might not handle both transmission and
reception configured at the same time on the same peripheral.
2022-09-29 16:52:36 +02:00
Please check for usage examples using the :doc: `ESP32 DevKitC </platforms/xtensa/esp32/boards/esp32-devkitc/index>` .
2021-04-07 19:52:35 +02:00
Using QEMU
==========
2022-10-10 00:57:44 +02:00
First follow the instructions `here <https://github.com/espressif/qemu/wiki> `__ to build QEMU.
2021-10-19 17:14:35 +02:00
Enable the `` ESP32_QEMU_IMAGE `` config found in :menuselection: `Board Selection --> ESP32 binary image for QEMU` .
2021-04-07 19:52:35 +02:00
Download the bootloader and the partition table from https://github.com/espressif/esp-nuttx-bootloader/releases
2021-10-19 17:14:35 +02:00
and place them in a directory, say `` ../esp-bins `` .
Build and generate the QEMU image::
$ make ESPTOOL_BINDIR=../esp-bins
A QEMU-compatible `` nuttx.merged.bin `` binary image will be created. It can be run as::
2021-04-07 19:52:35 +02:00
2021-10-19 17:14:35 +02:00
$ qemu-system-xtensa -nographic -machine esp32 -drive file=nuttx.merged.bin,if=mtd,format=raw
2021-04-07 19:52:35 +02:00
2024-03-11 19:30:05 +01:00
QEMU Networking
---------------
Networking is possible using the openeth MAC driver. Enable `` ESP32_OPENETH `` option and set the nic in QEMU:
$ qemu-system-xtensa -nographic -machine esp32 -drive file=nuttx.merged.bin,if=mtd,format=raw -nic user,model=open_eth
2022-09-19 16:55:26 +02:00
Secure Boot and Flash Encryption
================================
Secure Boot
-----------
Secure Boot protects a device from running any unauthorized (i.e., unsigned) code by checking that
each piece of software that is being booted is signed. On an ESP32, these pieces of software include
the second stage bootloader and each application binary. Note that the first stage bootloader does not
require signing as it is ROM code thus cannot be changed. This is achieved using specific hardware in
2022-10-10 00:57:44 +02:00
conjunction with MCUboot (read more about MCUboot `here <https://docs.mcuboot.com/> `__ ).
2022-09-19 16:55:26 +02:00
The Secure Boot process on the ESP32 involves the following steps performed:
1. The first stage bootloader verifies the second stage bootloader's RSA-PSS signature. If the verification is successful,
the first stage bootloader loads and executes the second stage bootloader.
2. When the second stage bootloader loads a particular application image, the application's signature (RSA, ECDSA or ED25519) is verified
by MCUboot.
If the verification is successful, the application image is executed.
.. warning :: Once enabled, Secure Boot will not boot a modified bootloader. The bootloader will only boot an
application firmware image if it has a verified digital signature. There are implications for reflashing
updated images once Secure Boot is enabled. You can find more information about the ESP32's Secure boot
2022-10-10 00:57:44 +02:00
`here <https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html> `__ .
2022-09-19 16:55:26 +02:00
.. note :: As the bootloader image is built on top of the Hardware Abstraction Layer component
of `ESP-IDF <https://github.com/espressif/esp-idf> `_ , the
`API port by Espressif <https://docs.mcuboot.com/readme-espressif.html> `_ will be used
by MCUboot rather than the original NuttX port.
Flash Encryption
----------------
Flash encryption is intended for encrypting the contents of the ESP32's off-chip flash memory. Once this feature is enabled,
firmware is flashed as plaintext, and then the data is encrypted in place on the first boot. As a result, physical readout
of flash will not be sufficient to recover most flash contents.
.. warning :: After enabling Flash Encryption, an encryption key is generated internally by the device and
cannot be accessed by the user for re-encrypting data and re-flashing the system, hence it will be permanently encrypted.
Re-flashing an encrypted system is complicated and not always possible. You can find more information about the ESP32's Flash Encryption
2022-10-10 00:57:44 +02:00
`here <https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html> `__ .
2022-09-19 16:55:26 +02:00
Prerequisites
-------------
2022-10-27 16:29:05 +02:00
First of all, we need to install `` imgtool `` (a MCUboot utility application to manipulate binary
images) and `` esptool `` (the ESP32 toolkit)::
2022-09-19 16:55:26 +02:00
2024-10-15 20:49:27 +02:00
$ pip install imgtool esptool==4.8.dev4
2022-09-19 16:55:26 +02:00
We also need to make sure that the python modules are added to `` PATH `` ::
$ echo "PATH=$PATH:/home/$USER/.local/bin" >> ~/.bashrc
Now, we will create a folder to store the generated keys (such as `` ~/signing_keys `` )::
$ mkdir ~/signing_keys && cd ~/signing_keys
With all set up, we can now generate keys to sign the bootloader and application binary images,
respectively, of the compiled project::
$ espsecure.py generate_signing_key --version 2 bootloader_signing_key.pem
$ imgtool keygen --key app_signing_key.pem --type rsa-3072
.. important :: The contents of the key files must be stored securely and kept secret.
Enabling Secure Boot and Flash Encryption
-----------------------------------------
2022-10-27 16:29:05 +02:00
To enable Secure Boot for the current project, go to the project's NuttX directory, execute `` make menuconfig `` and the following steps:
2022-09-19 16:55:26 +02:00
2022-10-10 00:57:44 +02:00
1. Enable experimental features in :menuselection: `Build Setup --> Show experimental options` ;
2022-10-27 16:29:05 +02:00
2022-10-10 00:57:44 +02:00
2. Enable MCUboot in :menuselection: `Application Configuration --> Bootloader Utilities --> MCUboot` ;
2022-10-27 16:29:05 +02:00
2022-10-10 00:57:44 +02:00
3. Change image type to `` MCUboot-bootable format `` in :menuselection: `System Type --> Application Image Configuration --> Application Image Format` ;
2022-10-27 16:29:05 +02:00
2022-10-10 00:57:44 +02:00
4. Enable building MCUboot from the source code by selecting `` Build binaries from source `` ;
in :menuselection: `System Type --> Application Image Configuration --> Source for bootloader binaries` ;
2022-10-27 16:29:05 +02:00
2022-10-10 00:57:44 +02:00
5. Enable Secure Boot in :menuselection: `System Type --> Application Image Configuration --> Enable hardware Secure Boot in bootloader` ;
2022-10-27 16:29:05 +02:00
2022-10-10 00:57:44 +02:00
6. If you want to protect the SPI Bus against data sniffing, you can enable Flash Encryption in
:menuselection: `System Type --> Application Image Configuration --> Enable Flash Encryption on boot` .
2022-09-19 16:55:26 +02:00
Now you can design an update and confirm agent to your application. Check the `MCUboot design guide <https://docs.mcuboot.com/design.html> `_ and the
`MCUboot Espressif port documentation <https://docs.mcuboot.com/readme-espressif.html> `_ for
more information on how to apply MCUboot. Also check some `notes about the NuttX MCUboot port <https://github.com/mcu-tools/mcuboot/blob/main/docs/readme-nuttx.md> `_ ,
the `MCUboot porting guide <https://github.com/mcu-tools/mcuboot/blob/main/docs/PORTING.md> `_ and some
2024-06-19 21:39:56 +02:00
`examples of MCUboot applied in NuttX applications <https://github.com/apache/nuttx-apps/tree/master/examples/mcuboot> `_ .
2022-09-19 16:55:26 +02:00
After you developed an application which implements all desired functions, you need to flash it into the primary image slot
of the device (it will automatically be in the confirmed state, you can learn more about image
confirmation `here <https://docs.mcuboot.com/design.html#image-swapping> `_ ).
To flash to the primary image slot, select `` Application image primary slot `` in
:menuselection: `System Type --> Application Image Configuration --> Target slot for image flashing`
and compile it using `` make -j ESPSEC_KEYDIR=~/signing_keys `` .
When creating update images, make sure to change :menuselection: `System Type --> Application Image Configuration --> Target slot for image flashing`
to `` Application image secondary slot `` .
.. important :: When deploying your application, make sure to disable UART Download Mode by selecting `` Permanently disabled `` in
:menuselection: `System Type --> Application Image Configuration --> UART ROM download mode`
and change usage mode to `` Release `` in `System Type --> Application Image Configuration --> Enable usage mode` .
**After disabling UART Download Mode you will not be able to flash other images through UART.**
2021-04-07 19:52:35 +02:00
Things to Do
============
1. Lazy co-processor save logic supported by Xtensa. That logic works like this:
a. CPENABLE is set to zero on each context switch, disabling all co-
processors.
b. If/when the task attempts to use the disabled co-processor, an
exception occurs
c. The co-processor exception handler re-enables the co-processor.
Instead, the NuttX logic saves and restores CPENABLE on each context
switch. This has disadvantages in that (1) co-processor context will
be saved and restored even if the co-processor was never used, and (2)
tasks must explicitly enable and disable co-processors.
2. Currently the Xtensa port copies register state save information from
the stack into the TCB. A more efficient alternative would be to just
save a pointer to a register state save area in the TCB. This would
2021-04-21 00:10:42 +02:00
add some complexity to signal handling and also to up_initialstate().
But the performance improvement might be worth the effort.
2021-04-07 19:52:35 +02:00
3. See SMP-related issues above
2021-03-20 18:39:39 +01:00
Supported Boards
================
.. toctree ::
:glob:
:maxdepth: 1
2021-02-07 02:31:17 +01:00
2021-03-20 18:39:39 +01:00
boards/*/*