risc-v/esp32c3: Enable the creation of encrypted Flash partitions

Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>

arch/risc-v/src/esp32c3/Kconfig

@@ -778,6 +778,11 @@ config ESP32C3_WIFI_FS_MOUNTPT
 	---help---
 		Mount point of Wi-Fi storage file system.
 
+config ESP32C3_WIFI_MTD_ENCRYPT
+	bool "Encrypt Wi-Fi MTD partition"
+	default y
+	depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
 config ESP32C3_WIFI_MTD_OFFSET
 	hex "Wi-Fi MTD partition offset"
 	default 0x280000 if !ESP32C3_HAVE_OTA_PARTITION
@@ -891,6 +896,11 @@ if ESP32C3_HAVE_OTA_PARTITION
 
 comment "Application Image OTA Update support"
 
+config ESP32C3_OTA_PARTITION_ENCRYPT
+	bool "Encrypt OTA partitions"
+	default y
+	depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
 config ESP32C3_OTA_PRIMARY_SLOT_OFFSET
 	hex "Application image primary slot offset"
 	default 0x10000

arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.c

@@ -691,30 +691,40 @@ static int esp32c3_ioctl(struct mtd_dev_s *dev, int cmd,
  * Name: esp32c3_spiflash_alloc_mtdpart
  *
  * Description:
- *   Allocate SPI Flash MTD.
+ *   Allocate an MTD partition from the ESP32-C3 SPI Flash.
  *
  * Input Parameters:
- *   None
+ *   mtd_offset - MTD Partition offset from the base address in SPI Flash.
+ *   mtd_size   - Size for the MTD partition.
+ *   encrypted  - Flag indicating whether the newly allocated partition will
+ *                have its content encrypted.
  *
  * Returned Value:
- *   SPI Flash MTD data pointer if success or NULL if fail.
+ *   ESP32-C3 SPI Flash MTD data pointer if success or NULL if fail.
  *
  ****************************************************************************/
 
 struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
-                                                 uint32_t mtd_size)
+                                                 uint32_t mtd_size,
+                                                 bool encrypted)
 {
-  struct esp32c3_mtd_dev_s *priv =
+  const struct esp32c3_mtd_dev_s *priv;
-      (struct esp32c3_mtd_dev_s *)&g_esp32c3_spiflash;
+  const esp32c3_spiflash_chip_t *chip;
-  const esp32c3_spiflash_chip_t *chip = &(*priv->data)->chip;
   struct mtd_dev_s *mtd_part;
   uint32_t blocks;
   uint32_t startblock;
   uint32_t size;
 
-  ASSERT((mtd_offset + mtd_size) <= chip->chip_size);
+  if (encrypted)
-  ASSERT((mtd_offset % chip->sector_size) == 0);
+    {
-  ASSERT((mtd_size % chip->sector_size) == 0);
+      priv = &g_esp32c3_spiflash_encrypt;
+    }
+  else
+    {
+      priv = &g_esp32c3_spiflash;
+    }
+
+  chip = &(*priv->data)->chip;
 
   finfo("ESP32-C3 SPI Flash information:\n");
   finfo("\tID = 0x%" PRIx32 "\n", chip->device_id);
@@ -724,6 +734,10 @@ struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
   finfo("\tSector size = %" PRId32 " KB\n", chip->sector_size / 1024);
   finfo("\tBlock size = %" PRId32 " KB\n", chip->block_size / 1024);
 
+  ASSERT((mtd_offset + mtd_size) <= chip->chip_size);
+  ASSERT((mtd_offset % chip->sector_size) == 0);
+  ASSERT((mtd_size % chip->sector_size) == 0);
+
   if (mtd_size == 0)
     {
       size = chip->chip_size - mtd_offset;
@@ -739,7 +753,8 @@ struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
   startblock = MTD_SIZE2BLK(priv, mtd_offset);
   blocks = MTD_SIZE2BLK(priv, size);
 
-  mtd_part = mtd_partition(&priv->mtd, startblock, blocks);
+  mtd_part = mtd_partition((struct mtd_dev_s *)&priv->mtd, startblock,
+                           blocks);
   if (!mtd_part)
     {
       ferr("ERROR: Failed to create MTD partition\n");

arch/risc-v/src/esp32c3/esp32c3_spiflash_mtd.h

@@ -87,6 +87,8 @@ struct mtd_dev_s *esp32c3_spiflash_encrypt_mtd(void);
  * Input Parameters:
  *   mtd_offset - MTD Partition offset from the base address in SPI Flash.
  *   mtd_size   - Size for the MTD partition.
+ *   encrypted  - Flag indicating whether the newly allocated partition will
+ *                have its content encrypted.
  *
  * Returned Value:
  *   SPI Flash MTD data pointer if success or NULL if fail.
@@ -94,7 +96,8 @@ struct mtd_dev_s *esp32c3_spiflash_encrypt_mtd(void);
  ****************************************************************************/
 
 struct mtd_dev_s *esp32c3_spiflash_alloc_mtdpart(uint32_t mtd_offset,
-                                                 uint32_t mtd_size);
+                                                 uint32_t mtd_size,
+                                                 bool encrypted);
 
 #ifdef __cplusplus
 }

boards/risc-v/esp32c3/esp32c3-devkit/Kconfig

@@ -50,6 +50,11 @@ config ESP32C3_MERGE_BINS
 		This is only useful when the path to binary files (e.g. bootloader)
 		is provided via the ESPTOOL_BINDIR variable.
 
+config ESP32C3_STORAGE_MTD_ENCRYPT
+	bool "Encrypt Storage MTD partition"
+	default y
+	depends on ESP32C3_SECURE_FLASH_ENC_ENABLED
+
 config ESP32C3_STORAGE_MTD_OFFSET
 	hex "Storage MTD base address in SPI Flash"
 	default 0x180000 if !ESP32C3_HAVE_OTA_PARTITION

boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_spiflash.c

@@ -52,6 +52,24 @@
 
 #define ARRAYSIZE(x)                (sizeof((x)) / sizeof((x)[0]))
 
+#ifdef CONFIG_ESP32C3_OTA_PARTITION_ENCRYPT
+#  define OTA_ENCRYPT true
+#else
+#  define OTA_ENCRYPT false
+#endif
+
+#ifdef CONFIG_ESP32C3_WIFI_MTD_ENCRYPT
+#  define WIFI_ENCRYPT true
+#else
+#  define WIFI_ENCRYPT false
+#endif
+
+#ifdef CONFIG_ESP32C3_STORAGE_MTD_ENCRYPT
+#  define STORAGE_ENCRYPT true
+#else
+#  define STORAGE_ENCRYPT false
+#endif
+
 /****************************************************************************
  * Private Types
  ****************************************************************************/
@@ -130,7 +148,8 @@ static int init_ota_partitions(void)
   for (int i = 0; i < ARRAYSIZE(g_ota_partition_table); ++i)
     {
       const struct ota_partition_s *part = &g_ota_partition_table[i];
-      mtd = esp32c3_spiflash_alloc_mtdpart(part->offset, part->size);
+      mtd = esp32c3_spiflash_alloc_mtdpart(part->offset, part->size,
+                                           OTA_ENCRYPT);
 
       ret = ftl_initialize(i, mtd);
       if (ret < 0)
@@ -370,7 +389,8 @@ static int init_wifi_partition(void)
   FAR struct mtd_dev_s *mtd;
 
   mtd = esp32c3_spiflash_alloc_mtdpart(CONFIG_ESP32C3_WIFI_MTD_OFFSET,
-                                       CONFIG_ESP32C3_WIFI_MTD_SIZE);
+                                       CONFIG_ESP32C3_WIFI_MTD_SIZE,
+                                       WIFI_ENCRYPT);
   if (!mtd)
     {
       ferr("ERROR: Failed to alloc MTD partition of SPI Flash\n");
@@ -434,7 +454,8 @@ static int init_storage_partition(void)
   FAR struct mtd_dev_s *mtd;
 
   mtd = esp32c3_spiflash_alloc_mtdpart(CONFIG_ESP32C3_STORAGE_MTD_OFFSET,
-                                       CONFIG_ESP32C3_STORAGE_MTD_SIZE);
+                                       CONFIG_ESP32C3_STORAGE_MTD_SIZE,
+                                       STORAGE_ENCRYPT);
   if (!mtd)
     {
       ferr("ERROR: Failed to alloc MTD partition of SPI Flash\n");