ttfw_idf: Added ESP32-S3 FPGA support

Provision to burn and reset efuses of ESP32S3 on FPGA

test_app: Enabled automated test cases for ESP32S3

tools/ci/python_packages/ttfw_idf/IDFDUT.py

@@ -849,3 +849,40 @@ class ESP32C3FPGADUT(IDFFPGADUT):
     @classmethod
     def confirm_dut(cls, port, **kwargs):
         return True, cls.TARGET
+
+
+class ESP32S3FPGADUT(IDFFPGADUT):
+    TARGET = 'esp32s3'
+    TOOLCHAIN_PREFIX = 'xtensa-esp32s3-elf-'
+    FLASH_ENCRYPT_SCHEME = 'AES-XTS'
+    FLASH_ENCRYPT_CNT_KEY = 'SPI_BOOT_CRYPT_CNT'
+    FLASH_ENCRYPT_CNT_VAL = 1
+    FLASH_ENCRYPT_PURPOSE = 'XTS_AES_128_KEY'
+    SECURE_BOOT_EN_KEY = 'SECURE_BOOT_EN'
+    SECURE_BOOT_EN_VAL = 1
+
+    @classmethod
+    def get_rom(cls):
+        return esptool.ESP32S3ROM
+
+    def erase_partition(self, esp, partition):
+        raise NotImplementedError()
+
+    def flash_encrypt_burn_cnt(self):
+        self.burn_efuse(self.FLASH_ENCRYPT_CNT_KEY, self.FLASH_ENCRYPT_CNT_VAL)
+
+    def flash_encrypt_burn_key(self, key, block=0):
+        self.burn_efuse_key(key, self.FLASH_ENCRYPT_PURPOSE, 'BLOCK_KEY%d' % block)
+
+    def flash_encrypt_get_scheme(self):
+        return self.FLASH_ENCRYPT_SCHEME
+
+    def secure_boot_burn_en_bit(self):
+        self.burn_efuse(self.SECURE_BOOT_EN_KEY, self.SECURE_BOOT_EN_VAL)
+
+    def secure_boot_burn_digest(self, digest, key_index=0, block=0):
+        self.burn_efuse_key_digest(digest, 'SECURE_BOOT_DIGEST%d' % key_index, 'BLOCK_KEY%d' % block)
+
+    @classmethod
+    def confirm_dut(cls, port, **kwargs):
+        return True, cls.TARGET

tools/ci/python_packages/ttfw_idf/__init__.py

@@ -24,7 +24,7 @@ from tiny_test_fw import TinyFW, Utility
 from .DebugUtils import CustomProcess, GDBBackend, OCDBackend  # noqa: export DebugUtils for users
 from .IDFApp import UT, ComponentUTApp, Example, IDFApp, LoadableElfTestApp, TestApp  # noqa: export all Apps for users
 from .IDFDUT import (ESP32C3DUT, ESP32C3FPGADUT, ESP32DUT, ESP32QEMUDUT, ESP32S2DUT,  # noqa: export DUTs for users
-                     ESP32S3DUT, ESP8266DUT, IDFDUT)
+                     ESP32S3DUT, ESP32S3FPGADUT, ESP8266DUT, IDFDUT)
 from .unity_test_parser import TestFormat, TestResults
 
 # pass TARGET_DUT_CLS_DICT to Env.py to avoid circular dependency issue.
@@ -34,6 +34,7 @@ TARGET_DUT_CLS_DICT = {
     'ESP32S3': ESP32S3DUT,
     'ESP32C3': ESP32C3DUT,
     'ESP32C3FPGA': ESP32C3FPGADUT,
+    'ESP32S3FPGA': ESP32S3FPGADUT,
 }
 
 

tools/test_apps/security/secure_boot/README.md

@@ -1,5 +1,5 @@
-| Supported Targets | ESP32 | ESP32-S2 | ESP32-C3 |
-| ----------------- | ----- | -------- | -------- |
+| Supported Targets | ESP32 | ESP32-S2 | ESP32-C3 | ESP32-S3 |
+| ----------------- | ----- | -------- | -------- | -------- |
 
 # Secure Boot
 
@@ -14,6 +14,7 @@ Any of the following ESP module:
 * ESP32-ECO3 (supports  Secure Boot V2 & Secure Boot V1)
 * ESP32S2 (supports Secure Boot V2)
 * ESP32C3-ECO3 (supports Secure Boot V2)
+* ESP32S3 (supports Secure Boot V2)
 
 It is recommended to use Secure Boot V2 from ESP32-ECO3 onwards.
 
@@ -68,7 +69,7 @@ Purpose of the example test cases (`example_test.py`) is to test the secure boot
 
 ### Hardware required
 
-* FPGA setup with ESP32C3 image
+* FPGA setup with ESP32C3/ESP32S3 image
 
 * COM port for programming and export it as ESPPORT
     e.g `export ESPPORT=/dev/ttyUSB0`
@@ -81,7 +82,7 @@ Purpose of the example test cases (`example_test.py`) is to test the secure boot
 ```
 export IDF_ENV_FPGA=1
 
-idf.py set-target esp32c3
+idf.py set-target esp32c3   #(or esp32s3)
 
 idf.py menuconfig
 ```

tools/test_apps/security/secure_boot/example_test.py

@@ -75,7 +75,7 @@ def dut_start_secure_app(dut):      # type: (ttfw_idf.IDFDUT) -> None
 
 # Test secure boot flow.
 # Correctly signed bootloader + correctly signed app should work
-@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
+@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
 def test_examples_security_secure_boot(env, _):    # type: (ttfw_idf.TinyFW.Env, None) -> None
     efuse_port = os.getenv('EFUSEPORT')
     dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
@@ -85,7 +85,7 @@ def test_examples_security_secure_boot(env, _):    # type: (ttfw_idf.TinyFW.Env,
 
 # Test efuse key index and key block combination.
 # Any key index can be written to any key block and should work
-@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
+@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
 def test_examples_security_secure_boot_key_combo(env, _):      # type: (ttfw_idf.TinyFW.Env, None) -> None
     efuse_port = os.getenv('EFUSEPORT')
     dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
@@ -101,7 +101,7 @@ def test_examples_security_secure_boot_key_combo(env, _):      # type: (ttfw_idf
 
 # Test secure boot key revoke.
 # If a key is revoked, bootloader signed with that key should fail verification
-@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
+@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
 def test_examples_security_secure_boot_key_revoke(env, _):     # type: (ttfw_idf.TinyFW.Env, None) -> None
     efuse_port = os.getenv('EFUSEPORT')
     dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
@@ -117,7 +117,7 @@ def test_examples_security_secure_boot_key_revoke(env, _):     # type: (ttfw_idf
 
 # Test bootloader signature corruption.
 # Corrupt one byte at a time of bootloader signature and test that the verification fails
-@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
+@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
 def test_examples_security_secure_boot_corrupt_bl_sig(env, _):     # type: (ttfw_idf.TinyFW.Env, None) -> None
     efuse_port = os.getenv('EFUSEPORT')
     dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)
@@ -140,7 +140,7 @@ def test_examples_security_secure_boot_corrupt_bl_sig(env, _):     # type: (ttfw
 
 # Test app signature corruption.
 # Corrupt app signature, one byte at a time, and test that the verification fails
-@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga'], ignore=True)
+@ttfw_idf.idf_custom_test(env_tag='Example_Secure_Boot', target=['esp32c3fpga', 'esp32s3fpga'], ignore=True)
 def test_examples_security_secure_boot_corrupt_app_sig(env, _):    # type: (ttfw_idf.TinyFW.Env, None) -> None
     efuse_port = os.getenv('EFUSEPORT')
     dut = env.get_dut('secure_boot', 'tools/test_apps/security/secure_boot', efuse_reset_port=efuse_port)