Chip not loading after few updates in encryption mode

Post Reply
User avatar
redradist
Posts: 30
Joined: Sat Apr 11, 2020 8:33 am

Chip not loading after few updates in encryption mode

Postby redradist » Tue Jul 13, 2021 5:50 am

Hi all,

I've faced with an issue that after update my software (encryption enabled, release build) by UART, after some update I see the following:
```console
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
```
Somewhere on forum I've read that it could be an issue with hardware, but it is not ... I've two boards in such state after manual update firmware by UART with encryption enabled ...

Maybe it is somehow related to fuse ? Maybe I need to reset somehow fuse table ?
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Chip not loading after few updates in encryption mode

Postby WiFive » Tue Jul 13, 2021 6:51 am

It could mean the code in the flash is not encrypted but the chip expects it to be encrypted or the opposite. You said "a few updates", encryption can only be disabled 3 times if that's what you are doing.
Top
User avatar
redradist
Posts: 30
Joined: Sat Apr 11, 2020 8:33 am

Re: Chip not loading after few updates in encryption mode

Postby redradist » Tue Jul 13, 2021 7:34 pm

WiFive wrote:
Tue Jul 13, 2021 6:51 am
 It could mean the code in the flash is not encrypted but the chip expects it to be encrypted or the opposite. You said "a few updates", encryption can only be disabled 3 times if that's what you are doing.
What do you mean 3 times ???
Actually seems like after 3 or 4 update using UART with enabled encryption in release mode I've started see such message ...
How to reset this behavior ?
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Chip not loading after few updates in encryption mode

Postby WiFive » Wed Jul 14, 2021 1:29 am

If you enable encryption in release mode you are supposed to only use OTA updates.
Top
User avatar
redradist
Posts: 30
Joined: Sat Apr 11, 2020 8:33 am

Re: Chip not loading after few updates in encryption mode

Postby redradist » Wed Jul 14, 2021 9:48 pm

WiFive wrote:
Wed Jul 14, 2021 1:29 am
 If you enable encryption in release mode you are supposed to only use OTA updates.
Yeah, I understood ...
I did it with OTA, but then I updated few times using UART and it is not loading an more ...
Is there a way to restore it ?
Maybe an issue with my custom partition table ?
```
nvs, data, nvs, 0xb000, 0x12000,
otadata, data, ota, 0x1d000, 0x2000,
phy_init, data, phy, 0x1f000, 0x1000,
ota_0, app, ota_0, 0x20000, 0x1d0000,
ota_1, app, ota_1, 0x1f0000, 0x1d0000,
```
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Chip not loading after few updates in encryption mode

Postby WiFive » Wed Jul 14, 2021 10:05 pm

If you don't have the encryption key and your DISABLE_DL_ENCRYPT efuse is set then no you can't do anything.
Top
User avatar
redradist
Posts: 30
Joined: Sat Apr 11, 2020 8:33 am

Re: Chip not loading after few updates in encryption mode

Postby redradist » Fri Jul 16, 2021 8:50 pm

WiFive wrote:
Wed Jul 14, 2021 10:05 pm
 If you don't have the encryption key and your DISABLE_DL_ENCRYPT efuse is set then no you can't do anything.
No, I did not set DISABLE_DL_ENCRYPT efuse manually
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Chip not loading after few updates in encryption mode

Postby WiFive » Fri Jul 16, 2021 10:45 pm

Ok but in release mode it is set by bootloader so you should check your efuse values
Top
User avatar
redradist
Posts: 30
Joined: Sat Apr 11, 2020 8:33 am

Re: Chip not loading after few updates in encryption mode

Postby redradist » Sat Jul 17, 2021 9:48 am

WiFive wrote:
Fri Jul 16, 2021 10:45 pm
 Ok but in release mode it is set by bootloader so you should check your efuse values
Here is my fuse:
```console
Connecting....
Detecting chip type... ESP32
espefuse.py v3.0
EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0): BLOCK3 partially served for ADC calibration data = False R/W (0b0)
ADC_VREF (BLOCK0): Voltage reference calibration = 1121 R/W (0b00011)

Config fuses:
XPD_SDIO_FORCE (BLOCK0): Ignore MTDI pin (GPIO12) for VDD_SDIO on reset = False R/W (0b0)
XPD_SDIO_REG (BLOCK0): If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0): If XPD_SDIO_FORCE & XPD_SDIO_REG = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0): 8MHz clock freq override = 53 R/W (0x35)
SPI_PAD_CONFIG_CLK (BLOCK0): Override SD_CLK pad (GPIO6/SPICLK) = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0): Override SD_DATA_0 pad (GPIO7/SPIQ) = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0): Override SD_DATA_1 pad (GPIO8/SPID) = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0): Override SD_DATA_2 pad (GPIO9/SPIHD) = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0): Override SD_CMD pad (GPIO11/SPICS0) = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0): Disable SDIO host = False R/W (0b0)

Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 128 R/W (0x0080)
RD_DIS (BLOCK0): Efuse read disable mask = 1 R/W (0x1)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)

Identity fuses:
MAC (BLOCK0): Factory MAC Address
= 30:ae:a4:dd:9b:ec (CRC 0x78 OK) R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 120 R/W (0x78)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = False R/W (0b0)
CHIP_VERSION (BLOCK0): Reserved for future chip versions = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 1 R/W (0b001)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)

Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 127 R/W (0b1111111)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = False R/W (0b0)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = False R/W (0b0)
JTAG_DISABLE (BLOCK0): Disable JTAG = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = True R/W (0b1)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = True R/W (0b1)
BLOCK1 (BLOCK1): Flash encryption key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK2 (BLOCK2): Secure boot key
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W

Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).
```

I have found the https://docs.espressif.com/projects/esp ... encryption how to disable encryption to fix this error, but did not quite get what value to set ???

espefuse.py burn_efuse FLASH_CRYPT_CNT <value>

<value> is missed in documentation
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Chip not loading after few updates in encryption mode

Postby WiFive » Sat Jul 17, 2021 11:06 pm

It would be incremented but your FLASH_CRYPT_CNT is already max so it cannot be changed
Top
Post Reply

Return to “ESP-IDF”

Who is online

Users browsing this forum: iryna7 and 192 guests