espressif: ci: Add new building jobs configs for Espressif chips
Add jobs for testing build ESP32-XX within more features:
Serial Recovery, Multi Image and Multi Boot
Signed-off-by: Almir Okato <almir.okato@espressif.com>
diff --git a/boot/espressif/ci_configs/multi-boot.conf b/boot/espressif/ci_configs/multi-boot.conf
new file mode 100644
index 0000000..4adf253
--- /dev/null
+++ b/boot/espressif/ci_configs/multi-boot.conf
@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# ATTENTION:
+# This configuration file targets the building for CI environment and contains
+# a set of definitions to resemble a bootloader image for RELEASE environment.
+
+CONFIG_ESP_IMAGE_NUMBER=2
+CONFIG_ESP_MULTI_PROCESSOR_BOOT=y
diff --git a/boot/espressif/ci_configs/multi-image.conf b/boot/espressif/ci_configs/multi-image.conf
new file mode 100644
index 0000000..895a865
--- /dev/null
+++ b/boot/espressif/ci_configs/multi-image.conf
@@ -0,0 +1,9 @@
+# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# ATTENTION:
+# This configuration file targets the building for CI environment and contains
+# a set of definitions to resemble a bootloader image for RELEASE environment.
+
+CONFIG_ESP_IMAGE_NUMBER=2
diff --git a/boot/espressif/secureboot-sign-ec256.conf b/boot/espressif/ci_configs/secureboot-sign-ec256.conf
similarity index 88%
rename from boot/espressif/secureboot-sign-ec256.conf
rename to boot/espressif/ci_configs/secureboot-sign-ec256.conf
index 37d4f7b..17b032b 100644
--- a/boot/espressif/secureboot-sign-ec256.conf
+++ b/boot/espressif/ci_configs/secureboot-sign-ec256.conf
@@ -18,3 +18,5 @@
CONFIG_ESP_SIGN_KEY_FILE=root-ec-p256.pem
CONFIG_ESP_USE_TINYCRYPT=1
CONFIG_ESP_SIGN_EC256=1
+CONFIG_ESP_DOWNGRADE_PREVENTION=1
+CONFIG_ESP_DOWNGRADE_PREVENTION_SECURITY_COUNTER=1
diff --git a/boot/espressif/secureboot-sign-ed25519.conf b/boot/espressif/ci_configs/secureboot-sign-ed25519.conf
similarity index 88%
rename from boot/espressif/secureboot-sign-ed25519.conf
rename to boot/espressif/ci_configs/secureboot-sign-ed25519.conf
index a317aa4..9cbdcd6 100644
--- a/boot/espressif/secureboot-sign-ed25519.conf
+++ b/boot/espressif/ci_configs/secureboot-sign-ed25519.conf
@@ -18,3 +18,5 @@
CONFIG_ESP_SIGN_KEY_FILE=root-ed25519.pem
CONFIG_ESP_USE_TINYCRYPT=1
CONFIG_ESP_SIGN_ED25519=1
+CONFIG_ESP_DOWNGRADE_PREVENTION=1
+CONFIG_ESP_DOWNGRADE_PREVENTION_SECURITY_COUNTER=1
diff --git a/boot/espressif/secureboot-sign-rsa2048.conf b/boot/espressif/ci_configs/secureboot-sign-rsa2048.conf
similarity index 89%
rename from boot/espressif/secureboot-sign-rsa2048.conf
rename to boot/espressif/ci_configs/secureboot-sign-rsa2048.conf
index f5ad883..2b22150 100644
--- a/boot/espressif/secureboot-sign-rsa2048.conf
+++ b/boot/espressif/ci_configs/secureboot-sign-rsa2048.conf
@@ -19,3 +19,5 @@
CONFIG_ESP_USE_MBEDTLS=1
CONFIG_ESP_SIGN_RSA=1
CONFIG_ESP_SIGN_RSA_LEN=2048
+CONFIG_ESP_DOWNGRADE_PREVENTION=1
+CONFIG_ESP_DOWNGRADE_PREVENTION_SECURITY_COUNTER=1
diff --git a/boot/espressif/secureboot-sign-rsa3072.conf b/boot/espressif/ci_configs/secureboot-sign-rsa3072.conf
similarity index 89%
rename from boot/espressif/secureboot-sign-rsa3072.conf
rename to boot/espressif/ci_configs/secureboot-sign-rsa3072.conf
index f6b2c9b..9f13785 100644
--- a/boot/espressif/secureboot-sign-rsa3072.conf
+++ b/boot/espressif/ci_configs/secureboot-sign-rsa3072.conf
@@ -19,3 +19,5 @@
CONFIG_ESP_USE_MBEDTLS=1
CONFIG_ESP_SIGN_RSA=1
CONFIG_ESP_SIGN_RSA_LEN=3072
+CONFIG_ESP_DOWNGRADE_PREVENTION=1
+CONFIG_ESP_DOWNGRADE_PREVENTION_SECURITY_COUNTER=1
diff --git a/boot/espressif/ci_configs/serialrecovery.conf b/boot/espressif/ci_configs/serialrecovery.conf
new file mode 100644
index 0000000..7e81bde
--- /dev/null
+++ b/boot/espressif/ci_configs/serialrecovery.conf
@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# ATTENTION:
+# This configuration file targets the building for CI environment and contains
+# a set of definitions to resemble a bootloader image for RELEASE environment.
+
+CONFIG_ESP_MCUBOOT_SERIAL=y
+CONFIG_ESP_MCUBOOT_ERASE_PROGRESSIVELY=y
diff --git a/boot/espressif/port/esp32/bootloader-multi.conf b/boot/espressif/port/esp32/bootloader-multi.conf
new file mode 100644
index 0000000..ad3355e
--- /dev/null
+++ b/boot/espressif/port/esp32/bootloader-multi.conf
@@ -0,0 +1,34 @@
+# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+#
+# SPDX-License-Identifier: Apache-2.0
+
+CONFIG_ESP_FLASH_SIZE=4MB
+CONFIG_ESP_BOOTLOADER_SIZE=0xF000
+CONFIG_ESP_BOOTLOADER_OFFSET=0x1000
+# Example of values to be used when multi image is enabled
+# Notice that the OS layer and update agent must be aware
+# of these regions
+CONFIG_ESP_APPLICATION_SIZE=0x80000
+CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS=0x10000
+CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS=0x90000
+CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS=0x110000
+CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS=0x190000
+CONFIG_ESP_SCRATCH_OFFSET=0x210000
+CONFIG_ESP_SCRATCH_SIZE=0x40000
+CONFIG_ESP_MCUBOOT_WDT_ENABLE=y
+
+CONFIG_ESP_CONSOLE_UART=y
+CONFIG_ESP_CONSOLE_UART_NUM=0
+# Configures alternative UART port for console printing
+# CONFIG_ESP_CONSOLE_UART_CUSTOM=y
+# CONFIG_ESP_CONSOLE_UART_TX_GPIO=26
+# CONFIG_ESP_CONSOLE_UART_RX_GPIO=25
+
+# Enables multi image, if it is not defined, it is assumed
+# only one updatable image
+# CONFIG_ESP_IMAGE_NUMBER=2
+
+# Enables multi image boot on independent processors
+# (main host OS is not responsible for booting the second image)
+# Use only with CONFIG_ESP_IMAGE_NUMBER=2
+# CONFIG_ESP_MULTI_PROCESSOR_BOOT=y
diff --git a/boot/espressif/port/esp32s3/bootloader-multi.conf b/boot/espressif/port/esp32s3/bootloader-multi.conf
new file mode 100644
index 0000000..21c3457
--- /dev/null
+++ b/boot/espressif/port/esp32s3/bootloader-multi.conf
@@ -0,0 +1,38 @@
+# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+#
+# SPDX-License-Identifier: Apache-2.0
+
+CONFIG_ESP_FLASH_SIZE=4MB
+CONFIG_ESP_BOOTLOADER_SIZE=0xF000
+CONFIG_ESP_BOOTLOADER_OFFSET=0x0000
+CONFIG_ESP_MCUBOOT_WDT_ENABLE=y
+# Example of values to be used when multi image is enabled
+# Notice that the OS layer and update agent must be aware
+# of these regions
+CONFIG_ESP_APPLICATION_SIZE=0x80000
+CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS=0x10000
+CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS=0x90000
+CONFIG_ESP_IMAGE1_PRIMARY_START_ADDRESS=0x110000
+CONFIG_ESP_IMAGE1_SECONDARY_START_ADDRESS=0x190000
+CONFIG_ESP_SCRATCH_OFFSET=0x210000
+CONFIG_ESP_SCRATCH_SIZE=0x40000
+
+# Use UART0 for console printing (use either UART or USB alone)
+CONFIG_ESP_CONSOLE_UART=y
+CONFIG_ESP_CONSOLE_UART_NUM=0
+# Configures alternative UART port for console printing
+# (UART_NUM=0 must not be changed)
+# CONFIG_ESP_CONSOLE_UART_CUSTOM=y
+# CONFIG_ESP_CONSOLE_UART_TX_GPIO=17
+# CONFIG_ESP_CONSOLE_UART_RX_GPIO=18
+# Use USB JTAG Serial for console printing
+# CONFIG_ESP_CONSOLE_USB_SERIAL_JTAG=y
+
+# Enables multi image, if it is not defined, it is assumed
+# only one updatable image
+# CONFIG_ESP_IMAGE_NUMBER=2
+
+# Enables multi image boot on independent processors
+# (main host OS is not responsible for booting the second image)
+# Use only with CONFIG_ESP_IMAGE_NUMBER=2
+# CONFIG_ESP_MULTI_PROCESSOR_BOOT=y