From 53d57bd01a4a5c25c1b1d7b6e185ca0996dd888d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Quentin?= <bjoernQ@users.noreply.github.com>
Date: Thu, 20 Feb 2025 10:57:12 +0100
Subject: [PATCH] ESP32-H2/ESP32-C6: Don't rely on the bootloader to
 deconfigure permission control (#3150)

* ESP32-H2/ESP32-C6: Don't rely on the bootloader to deconfigure permission control

* CHANGELOG.md
---
 esp-hal/CHANGELOG.md                   |  2 ++
 esp-hal/Cargo.toml                     | 14 +++++++-------
 esp-hal/src/lib.rs                     |  2 ++
 esp-hal/src/soc/esp32/mod.rs           |  2 ++
 esp-hal/src/soc/esp32c2/mod.rs         |  2 ++
 esp-hal/src/soc/esp32c3/mod.rs         |  2 ++
 esp-hal/src/soc/esp32c6/mod.rs         | 20 ++++++++++++++++++++
 esp-hal/src/soc/esp32h2/mod.rs         | 20 ++++++++++++++++++++
 esp-hal/src/soc/esp32h2/peripherals.rs |  1 +
 esp-hal/src/soc/esp32s2/mod.rs         |  2 ++
 esp-hal/src/soc/esp32s3/mod.rs         |  2 ++
 11 files changed, 62 insertions(+), 7 deletions(-)

diff --git a/esp-hal/CHANGELOG.md b/esp-hal/CHANGELOG.md
index eb99331ce..c60e284e9 100644
--- a/esp-hal/CHANGELOG.md
+++ b/esp-hal/CHANGELOG.md
@@ -54,6 +54,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - I2C: Async functions are postfixed with `_async`, non-async functions are available in async-mode (#3056)
 
+- ESP32-H2/ESP32-C6: Don't rely on the bootloader to deconfigure permission control (#3150)
+
 ### Fixed
 
 - `DmaDescriptor` is now `#[repr(C)]` (#2988)
diff --git a/esp-hal/Cargo.toml b/esp-hal/Cargo.toml
index f85804ffd..833842056 100644
--- a/esp-hal/Cargo.toml
+++ b/esp-hal/Cargo.toml
@@ -57,13 +57,13 @@ ufmt-write               = "0.1.0"
 # IMPORTANT:
 # Each supported device MUST have its PAC included below along with a
 # corresponding feature.
-esp32   = { version = "0.35.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32c2 = { version = "0.24.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32c3 = { version = "0.27.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32c6 = { version = "0.18.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32h2 = { version = "0.14.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32s2 = { version = "0.26.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
-esp32s3 = { version = "0.30.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "0f3ea9f", optional = true }
+esp32   = { version = "0.35.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32c2 = { version = "0.24.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32c3 = { version = "0.27.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32c6 = { version = "0.18.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32h2 = { version = "0.14.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32s2 = { version = "0.26.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
+esp32s3 = { version = "0.30.0", features = ["critical-section", "rt"], git = "https://github.com/esp-rs/esp-pacs", rev = "5d133b594", optional = true }
 
 [target.'cfg(target_arch = "riscv32")'.dependencies]
 riscv            = { version = "0.12.1" }
diff --git a/esp-hal/src/lib.rs b/esp-hal/src/lib.rs
index a3bd03865..199dac98e 100644
--- a/esp-hal/src/lib.rs
+++ b/esp-hal/src/lib.rs
@@ -467,6 +467,8 @@ pub struct Config {
 /// This function sets up the CPU clock and watchdog, then, returns the
 /// peripherals and clocks.
 pub fn init(config: Config) -> Peripherals {
+    crate::soc::pre_init();
+
     system::disable_peripherals();
 
     let mut peripherals = Peripherals::take();
diff --git a/esp-hal/src/soc/esp32/mod.rs b/esp-hal/src/soc/esp32/mod.rs
index 05a7b3a8c..535e0f638 100644
--- a/esp-hal/src/soc/esp32/mod.rs
+++ b/esp-hal/src/soc/esp32/mod.rs
@@ -131,3 +131,5 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
 pub extern "Rust" fn __init_data() -> bool {
     false
 }
+
+pub(crate) fn pre_init() {}
diff --git a/esp-hal/src/soc/esp32c2/mod.rs b/esp-hal/src/soc/esp32c2/mod.rs
index c9899712d..4fcf919f8 100644
--- a/esp-hal/src/soc/esp32c2/mod.rs
+++ b/esp-hal/src/soc/esp32c2/mod.rs
@@ -45,3 +45,5 @@ pub(crate) mod constants {
     /// RC FAST Clock value (Hertz).
     pub const RC_FAST_CLK: Rate = Rate::from_khz(17500);
 }
+
+pub(crate) fn pre_init() {}
diff --git a/esp-hal/src/soc/esp32c3/mod.rs b/esp-hal/src/soc/esp32c3/mod.rs
index 7fc5d234b..da4b497e3 100644
--- a/esp-hal/src/soc/esp32c3/mod.rs
+++ b/esp-hal/src/soc/esp32c3/mod.rs
@@ -63,3 +63,5 @@ pub(crate) mod constants {
     /// RC FAST Clock value (Hertz).
     pub const RC_FAST_CLK: Rate = Rate::from_khz(17500);
 }
+
+pub(crate) fn pre_init() {}
diff --git a/esp-hal/src/soc/esp32c6/mod.rs b/esp-hal/src/soc/esp32c6/mod.rs
index 82e50fa7d..60b07dddb 100644
--- a/esp-hal/src/soc/esp32c6/mod.rs
+++ b/esp-hal/src/soc/esp32c6/mod.rs
@@ -71,3 +71,23 @@ pub(crate) mod constants {
     /// RC FAST Clock value (Hertz).
     pub const RC_FAST_CLK: Rate = Rate::from_khz(17_500);
 }
+
+pub(crate) fn pre_init() {
+    // By default, these access path filters are enable and allow the access to
+    // masters only if they are in TEE mode.
+    //
+    // Since all masters except HP CPU boot in REE mode, default setting of these
+    // filters will deny the access by all masters except HP CPU.
+    //
+    // So, disabling these filters early.
+
+    crate::peripherals::LP_APM::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+    crate::peripherals::LP_APM0::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+    crate::peripherals::HP_APM::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+}
diff --git a/esp-hal/src/soc/esp32h2/mod.rs b/esp-hal/src/soc/esp32h2/mod.rs
index 27406d94e..6c8067e9d 100644
--- a/esp-hal/src/soc/esp32h2/mod.rs
+++ b/esp-hal/src/soc/esp32h2/mod.rs
@@ -71,3 +71,23 @@ pub(crate) mod constants {
     /// RC FAST Clock value (Hertz).
     pub const RC_FAST_CLK: Rate = Rate::from_khz(17500);
 }
+
+pub(crate) fn pre_init() {
+    // By default, these access path filters are enable and allow the access to
+    // masters only if they are in TEE mode.
+    //
+    // Since all masters except HP CPU boot in REE mode, default setting of these
+    // filters will deny the access by all masters except HP CPU.
+    //
+    // So, disabling these filters early.
+
+    crate::peripherals::LP_APM::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+    crate::peripherals::LP_APM0::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+    crate::peripherals::HP_APM::regs()
+        .func_ctrl()
+        .write(|w| unsafe { w.bits(0x0) });
+}
diff --git a/esp-hal/src/soc/esp32h2/peripherals.rs b/esp-hal/src/soc/esp32h2/peripherals.rs
index 43a13940a..2ff1c5e25 100644
--- a/esp-hal/src/soc/esp32h2/peripherals.rs
+++ b/esp-hal/src/soc/esp32h2/peripherals.rs
@@ -51,6 +51,7 @@ crate::peripherals! {
         LP_ANA <= LP_ANA,
         LP_AON <= LP_AON,
         LP_APM <= LP_APM,
+        LP_APM0 <= LP_APM0,
         LP_PERI <= LP_PERI,
         LP_TIMER <= LP_TIMER,
         LP_WDT <= LP_WDT,
diff --git a/esp-hal/src/soc/esp32s2/mod.rs b/esp-hal/src/soc/esp32s2/mod.rs
index b5401c4d6..812645df2 100644
--- a/esp-hal/src/soc/esp32s2/mod.rs
+++ b/esp-hal/src/soc/esp32s2/mod.rs
@@ -165,3 +165,5 @@ pub unsafe fn cache_get_dcache_line_size() -> u32 {
     }
     Cache_Get_DCache_Line_Size()
 }
+
+pub(crate) fn pre_init() {}
diff --git a/esp-hal/src/soc/esp32s3/mod.rs b/esp-hal/src/soc/esp32s3/mod.rs
index f0c3fe440..8f602661e 100644
--- a/esp-hal/src/soc/esp32s3/mod.rs
+++ b/esp-hal/src/soc/esp32s3/mod.rs
@@ -209,3 +209,5 @@ pub unsafe fn cache_get_dcache_line_size() -> u32 {
     }
     Cache_Get_DCache_Line_Size()
 }
+
+pub(crate) fn pre_init() {}