Secure Boot OTA data partition invalid

mfitzpatrick
Posts: 3
Joined: Thu Apr 16, 2020 5:11 am

Secure Boot OTA data partition invalid

Postby mfitzpatrick » Thu Apr 16, 2020 5:32 am

Hi all,

I am trying to get OTA to work on a chip with secure-boot and flash encryption enabled. I am using ESP-IDF v3.3.2 (though I have also tried v3.3.1, and v3.3-beta3), and in each of these versions I'm using the esp_https_ota component from ESP-IDF to perform the download and install of the firmware binary.

I've been successful in installing unsigned firmware into a chip with neither secure-boot nor flash encryption enabled, so I know in principle the OTA code works. My problems seem to start when I enable the secure features. I'm fast running out of chips, sadly, as each time I try something new I can't re-flash the 'used' chip (I have tried the reflashable bootloader, but that won't even boot factory firmware for me so I've elected to put that aside and pursue only 1 problem at a time).

I'm sure others have successfully managed to get OTA working with secure boot, so I expect that my troubles are caused by misconfiguration. I'd appreciate any help if someone is able to point out any configuration errors I might have made when enabling this. Here is my SDK config file:

Code: Select all

#
# Automatically generated file; DO NOT EDIT.
# Espressif IoT Development Framework Configuration
#
CONFIG_IDF_TARGET="esp32"
CONFIG_IDF_FIRMWARE_CHIP_ID=0x0000

#
# SDK tool configuration
#
CONFIG_TOOLPREFIX="xtensa-esp32-elf-"
CONFIG_PYTHON="python"
CONFIG_MAKE_WARN_UNDEFINED_VARIABLES=y

#
# Application manager
#
CONFIG_APP_COMPILE_TIME_DATE=y
CONFIG_APP_EXCLUDE_PROJECT_VER_VAR=
CONFIG_APP_EXCLUDE_PROJECT_NAME_VAR=

#
# Bootloader config
#
CONFIG_LOG_BOOTLOADER_LEVEL_NONE=
CONFIG_LOG_BOOTLOADER_LEVEL_ERROR=
CONFIG_LOG_BOOTLOADER_LEVEL_WARN=
CONFIG_LOG_BOOTLOADER_LEVEL_INFO=y
CONFIG_LOG_BOOTLOADER_LEVEL_DEBUG=
CONFIG_LOG_BOOTLOADER_LEVEL_VERBOSE=
CONFIG_LOG_BOOTLOADER_LEVEL=3
CONFIG_BOOTLOADER_VDDSDIO_BOOST_1_8V=
CONFIG_BOOTLOADER_VDDSDIO_BOOST_1_9V=y
CONFIG_BOOTLOADER_FACTORY_RESET=y
CONFIG_BOOTLOADER_NUM_PIN_FACTORY_RESET=23
CONFIG_BOOTLOADER_OTA_DATA_ERASE=y
CONFIG_BOOTLOADER_DATA_FACTORY_RESET="nvs,phy_init,storage,ota_0,ota_1"
CONFIG_BOOTLOADER_APP_TEST=
CONFIG_BOOTLOADER_HOLD_TIME_GPIO=5
CONFIG_BOOTLOADER_WDT_ENABLE=y
CONFIG_BOOTLOADER_WDT_DISABLE_IN_USER_CODE=
CONFIG_BOOTLOADER_WDT_TIME_MS=9000
CONFIG_APP_ROLLBACK_ENABLE=

#
# Security features
#
CONFIG_SECURE_SIGNED_ON_BOOT=y
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_ENABLED=y
CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH=y
CONFIG_SECURE_BOOTLOADER_REFLASHABLE=
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOT_SIGNING_KEY="secure_boot_signing_key.pem"
CONFIG_SECURE_BOOT_INSECURE=
CONFIG_FLASH_ENCRYPTION_ENABLED=y
CONFIG_FLASH_ENCRYPTION_INSECURE=
CONFIG_FLASH_ENCRYPTION_DISABLE_PLAINTEXT=y

#
# Serial flasher config
#
CONFIG_ESPTOOLPY_PORT="/dev/ttyUSB0"
CONFIG_ESPTOOLPY_BAUD_115200B=y
CONFIG_ESPTOOLPY_BAUD_230400B=
CONFIG_ESPTOOLPY_BAUD_921600B=
CONFIG_ESPTOOLPY_BAUD_2MB=
CONFIG_ESPTOOLPY_BAUD_OTHER=
CONFIG_ESPTOOLPY_BAUD_OTHER_VAL=115200
CONFIG_ESPTOOLPY_BAUD=115200
CONFIG_ESPTOOLPY_COMPRESSED=y
CONFIG_FLASHMODE_QIO=
CONFIG_FLASHMODE_QOUT=
CONFIG_FLASHMODE_DIO=y
CONFIG_FLASHMODE_DOUT=
CONFIG_ESPTOOLPY_FLASHMODE="dio"
CONFIG_ESPTOOLPY_FLASHFREQ_80M=
CONFIG_ESPTOOLPY_FLASHFREQ_40M=y
CONFIG_ESPTOOLPY_FLASHFREQ_26M=
CONFIG_ESPTOOLPY_FLASHFREQ_20M=
CONFIG_ESPTOOLPY_FLASHFREQ="40m"
CONFIG_ESPTOOLPY_FLASHSIZE_1MB=
CONFIG_ESPTOOLPY_FLASHSIZE_2MB=
CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y
CONFIG_ESPTOOLPY_FLASHSIZE_8MB=
CONFIG_ESPTOOLPY_FLASHSIZE_16MB=
CONFIG_ESPTOOLPY_FLASHSIZE="4MB"
CONFIG_ESPTOOLPY_FLASHSIZE_DETECT=y
CONFIG_ESPTOOLPY_BEFORE_RESET=y
CONFIG_ESPTOOLPY_BEFORE_NORESET=
CONFIG_ESPTOOLPY_BEFORE="default_reset"
CONFIG_ESPTOOLPY_AFTER_RESET=y
CONFIG_ESPTOOLPY_AFTER_NORESET=
CONFIG_ESPTOOLPY_AFTER="hard_reset"
CONFIG_MONITOR_BAUD_9600B=
CONFIG_MONITOR_BAUD_57600B=
CONFIG_MONITOR_BAUD_115200B=y
CONFIG_MONITOR_BAUD_230400B=
CONFIG_MONITOR_BAUD_921600B=
CONFIG_MONITOR_BAUD_2MB=
CONFIG_MONITOR_BAUD_OTHER=
CONFIG_MONITOR_BAUD_OTHER_VAL=115200
CONFIG_MONITOR_BAUD=115200

#
# Partition Table
#
CONFIG_PARTITION_TABLE_SINGLE_APP=
CONFIG_PARTITION_TABLE_TWO_OTA=
CONFIG_PARTITION_TABLE_CUSTOM=y
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_PARTITION_TABLE_FILENAME="partitions.csv"
CONFIG_PARTITION_TABLE_OFFSET=0xd000
CONFIG_PARTITION_TABLE_MD5=y

#
# VBATT Configuration
#
CONFIG_VBATT_DEBUG_PRINT=

#
# Compiler options
#
CONFIG_OPTIMIZATION_LEVEL_DEBUG=
CONFIG_OPTIMIZATION_LEVEL_RELEASE=y
CONFIG_OPTIMIZATION_ASSERTIONS_ENABLED=y
CONFIG_OPTIMIZATION_ASSERTIONS_SILENT=
CONFIG_OPTIMIZATION_ASSERTIONS_DISABLED=
CONFIG_CXX_EXCEPTIONS=
CONFIG_STACK_CHECK_NONE=y
CONFIG_STACK_CHECK_NORM=
CONFIG_STACK_CHECK_STRONG=
CONFIG_STACK_CHECK_ALL=
CONFIG_STACK_CHECK=
CONFIG_WARN_WRITE_STRINGS=
CONFIG_DISABLE_GCC8_WARNINGS=

#
# Component config
#

#
# Application Level Tracing
#
CONFIG_ESP32_APPTRACE_DEST_TRAX=
CONFIG_ESP32_APPTRACE_DEST_NONE=y
CONFIG_ESP32_APPTRACE_ENABLE=
CONFIG_ESP32_APPTRACE_LOCK_ENABLE=y
CONFIG_AWS_IOT_SDK=

#
# Bluetooth
#
CONFIG_BT_ENABLED=
CONFIG_BTDM_CTRL_BR_EDR_SCO_DATA_PATH_EFF=0
CONFIG_BTDM_CTRL_AUTO_LATENCY_EFF=
CONFIG_BTDM_CONTROLLER_BLE_MAX_CONN_EFF=0
CONFIG_BTDM_CONTROLLER_BR_EDR_MAX_ACL_CONN_EFF=0
CONFIG_BTDM_CONTROLLER_BR_EDR_MAX_SYNC_CONN_EFF=0
CONFIG_BTDM_CONTROLLER_PINNED_TO_CORE=0
CONFIG_BT_RESERVE_DRAM=0
CONFIG_BLE_MESH=

#
# Driver configurations
#

#
# ADC configuration
#
CONFIG_ADC_FORCE_XPD_FSM=
CONFIG_ADC2_DISABLE_DAC=y

#
# SPI configuration
#
CONFIG_SPI_MASTER_IN_IRAM=
CONFIG_SPI_MASTER_ISR_IN_IRAM=y
CONFIG_SPI_SLAVE_IN_IRAM=
CONFIG_SPI_SLAVE_ISR_IN_IRAM=y

#
# eFuse Bit Manager
#
CONFIG_EFUSE_CUSTOM_TABLE=
CONFIG_EFUSE_VIRTUAL=
CONFIG_EFUSE_CODE_SCHEME_COMPAT_NONE=
CONFIG_EFUSE_CODE_SCHEME_COMPAT_3_4=y
CONFIG_EFUSE_CODE_SCHEME_COMPAT_REPEAT=
CONFIG_EFUSE_MAX_BLK_LEN=192

#
# ESP32-specific
#
CONFIG_IDF_TARGET_ESP32=y
CONFIG_ESP32_REV_MIN_0=y
CONFIG_ESP32_REV_MIN_1=
CONFIG_ESP32_REV_MIN_2=
CONFIG_ESP32_REV_MIN_3=
CONFIG_ESP32_REV_MIN=0
CONFIG_ESP32_DPORT_WORKAROUND=y
CONFIG_ESP32_DEFAULT_CPU_FREQ_80=
CONFIG_ESP32_DEFAULT_CPU_FREQ_160=y
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ=160
CONFIG_SPIRAM_SUPPORT=
CONFIG_MEMMAP_TRACEMEM=
CONFIG_MEMMAP_TRACEMEM_TWOBANKS=
CONFIG_ESP32_TRAX=
CONFIG_TRACEMEM_RESERVE_DRAM=0x0
CONFIG_TWO_UNIVERSAL_MAC_ADDRESS=
CONFIG_FOUR_UNIVERSAL_MAC_ADDRESS=y
CONFIG_NUMBER_OF_UNIVERSAL_MAC_ADDRESS=4
CONFIG_SYSTEM_EVENT_QUEUE_SIZE=32
CONFIG_SYSTEM_EVENT_TASK_STACK_SIZE=2304
CONFIG_MAIN_TASK_STACK_SIZE=8192
CONFIG_IPC_TASK_STACK_SIZE=1024
CONFIG_TIMER_TASK_STACK_SIZE=3584
CONFIG_NEWLIB_STDOUT_LINE_ENDING_CRLF=y
CONFIG_NEWLIB_STDOUT_LINE_ENDING_LF=
CONFIG_NEWLIB_STDOUT_LINE_ENDING_CR=
CONFIG_NEWLIB_STDIN_LINE_ENDING_CRLF=
CONFIG_NEWLIB_STDIN_LINE_ENDING_LF=
CONFIG_NEWLIB_STDIN_LINE_ENDING_CR=y
CONFIG_NEWLIB_NANO_FORMAT=
CONFIG_CONSOLE_UART_DEFAULT=y
CONFIG_CONSOLE_UART_CUSTOM=
CONFIG_CONSOLE_UART_NONE=
CONFIG_CONSOLE_UART_NUM=0
CONFIG_CONSOLE_UART_BAUDRATE=115200
CONFIG_ULP_COPROC_ENABLED=
CONFIG_ULP_COPROC_RESERVE_MEM=0
CONFIG_ESP32_PANIC_PRINT_HALT=
CONFIG_ESP32_PANIC_PRINT_REBOOT=y
CONFIG_ESP32_PANIC_SILENT_REBOOT=
CONFIG_ESP32_PANIC_GDBSTUB=
CONFIG_ESP32_DEBUG_OCDAWARE=
CONFIG_ESP32_DEBUG_STUBS_ENABLE=
CONFIG_INT_WDT=y
CONFIG_INT_WDT_TIMEOUT_MS=300
CONFIG_INT_WDT_CHECK_CPU1=y
CONFIG_TASK_WDT=y
CONFIG_TASK_WDT_PANIC=y
CONFIG_TASK_WDT_TIMEOUT_S=5
CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=y
CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU1=y
CONFIG_BROWNOUT_DET=y
CONFIG_BROWNOUT_DET_LVL_SEL_0=y
CONFIG_BROWNOUT_DET_LVL_SEL_1=
CONFIG_BROWNOUT_DET_LVL_SEL_2=
CONFIG_BROWNOUT_DET_LVL_SEL_3=
CONFIG_BROWNOUT_DET_LVL_SEL_4=
CONFIG_BROWNOUT_DET_LVL_SEL_5=
CONFIG_BROWNOUT_DET_LVL_SEL_6=
CONFIG_BROWNOUT_DET_LVL_SEL_7=
CONFIG_BROWNOUT_DET_LVL=0
CONFIG_REDUCE_PHY_TX_POWER=y
CONFIG_ESP32_TIME_SYSCALL_USE_RTC_FRC1=y
CONFIG_ESP32_TIME_SYSCALL_USE_RTC=
CONFIG_ESP32_TIME_SYSCALL_USE_FRC1=
CONFIG_ESP32_TIME_SYSCALL_USE_NONE=
CONFIG_ESP32_RTC_CLOCK_SOURCE_INTERNAL_RC=y
CONFIG_ESP32_RTC_CLOCK_SOURCE_EXTERNAL_CRYSTAL=
CONFIG_ESP32_RTC_CLOCK_SOURCE_EXTERNAL_OSC=
CONFIG_ESP32_RTC_CLOCK_SOURCE_INTERNAL_8MD256=
CONFIG_ESP32_RTC_CLK_CAL_CYCLES=1024
CONFIG_ESP32_DEEP_SLEEP_WAKEUP_DELAY=2000
CONFIG_ESP32_XTAL_FREQ_40=y
CONFIG_ESP32_XTAL_FREQ_26=
CONFIG_ESP32_XTAL_FREQ_AUTO=
CONFIG_ESP32_XTAL_FREQ=40
CONFIG_DISABLE_BASIC_ROM_CONSOLE=y
CONFIG_NO_BLOBS=
CONFIG_ESP_TIMER_PROFILING=
CONFIG_COMPATIBLE_PRE_V2_1_BOOTLOADERS=
CONFIG_ESP_ERR_TO_NAME_LOOKUP=y
CONFIG_ESP32_DPORT_DIS_INTERRUPT_LVL=5

#
# Wi-Fi
#
CONFIG_ESP32_WIFI_STATIC_RX_BUFFER_NUM=10
CONFIG_ESP32_WIFI_DYNAMIC_RX_BUFFER_NUM=32
CONFIG_ESP32_WIFI_STATIC_TX_BUFFER=
CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER=y
CONFIG_ESP32_WIFI_TX_BUFFER_TYPE=1
CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER_NUM=32
CONFIG_ESP32_WIFI_CSI_ENABLED=
CONFIG_ESP32_WIFI_AMPDU_TX_ENABLED=y
CONFIG_ESP32_WIFI_TX_BA_WIN=6
CONFIG_ESP32_WIFI_AMPDU_RX_ENABLED=y
CONFIG_ESP32_WIFI_RX_BA_WIN=6
CONFIG_ESP32_WIFI_NVS_ENABLED=y
CONFIG_ESP32_WIFI_TASK_PINNED_TO_CORE_0=y
CONFIG_ESP32_WIFI_TASK_PINNED_TO_CORE_1=
CONFIG_ESP32_WIFI_SOFTAP_BEACON_MAX_LEN=752
CONFIG_ESP32_WIFI_MGMT_SBUF_NUM=32
CONFIG_ESP32_WIFI_DEBUG_LOG_ENABLE=
CONFIG_ESP32_WIFI_IRAM_OPT=y
CONFIG_ESP32_WIFI_RX_IRAM_OPT=y

#
# PHY
#
CONFIG_ESP32_PHY_CALIBRATION_AND_DATA_STORAGE=y
CONFIG_ESP32_PHY_INIT_DATA_IN_PARTITION=
CONFIG_ESP32_PHY_MAX_WIFI_TX_POWER=20
CONFIG_ESP32_PHY_MAX_TX_POWER=20

#
# Power Management
#
CONFIG_PM_ENABLE=

#
# ADC-Calibration
#
CONFIG_ADC_CAL_EFUSE_TP_ENABLE=y
CONFIG_ADC_CAL_EFUSE_VREF_ENABLE=y
CONFIG_ADC_CAL_LUT_ENABLE=y

#
# Event Loop Library
#
CONFIG_EVENT_LOOP_PROFILING=

#
# ESP HTTP client
#
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=y
CONFIG_ESP_HTTP_CLIENT_ENABLE_BASIC_AUTH=

#
# HTTP Server
#
CONFIG_HTTPD_MAX_REQ_HDR_LEN=512
CONFIG_HTTPD_MAX_URI_LEN=512
CONFIG_HTTPD_ERR_RESP_NO_DELAY=y
CONFIG_HTTPD_PURGE_BUF_LEN=32
CONFIG_HTTPD_LOG_PURGE_DATA=

#
# ESP HTTPS OTA
#
CONFIG_OTA_ALLOW_HTTP=

#
# Core dump
#
CONFIG_ESP32_ENABLE_COREDUMP_TO_FLASH=
CONFIG_ESP32_ENABLE_COREDUMP_TO_UART=
CONFIG_ESP32_ENABLE_COREDUMP_TO_NONE=y
CONFIG_ESP32_ENABLE_COREDUMP=

#
# Ethernet
#
CONFIG_DMA_RX_BUF_NUM=10
CONFIG_DMA_TX_BUF_NUM=10
CONFIG_EMAC_L2_TO_L3_RX_BUF_MODE=y
CONFIG_EMAC_CHECK_LINK_PERIOD_MS=2000
CONFIG_EMAC_TASK_PRIORITY=20
CONFIG_EMAC_TASK_STACK_SIZE=3072

#
# FAT Filesystem support
#
CONFIG_FATFS_CODEPAGE_DYNAMIC=
CONFIG_FATFS_CODEPAGE_437=y
CONFIG_FATFS_CODEPAGE_720=
CONFIG_FATFS_CODEPAGE_737=
CONFIG_FATFS_CODEPAGE_771=
CONFIG_FATFS_CODEPAGE_775=
CONFIG_FATFS_CODEPAGE_850=
CONFIG_FATFS_CODEPAGE_852=
CONFIG_FATFS_CODEPAGE_855=
CONFIG_FATFS_CODEPAGE_857=
CONFIG_FATFS_CODEPAGE_860=
CONFIG_FATFS_CODEPAGE_861=
CONFIG_FATFS_CODEPAGE_862=
CONFIG_FATFS_CODEPAGE_863=
CONFIG_FATFS_CODEPAGE_864=
CONFIG_FATFS_CODEPAGE_865=
CONFIG_FATFS_CODEPAGE_866=
CONFIG_FATFS_CODEPAGE_869=
CONFIG_FATFS_CODEPAGE_932=
CONFIG_FATFS_CODEPAGE_936=
CONFIG_FATFS_CODEPAGE_949=
CONFIG_FATFS_CODEPAGE_950=
CONFIG_FATFS_CODEPAGE=437
CONFIG_FATFS_LFN_NONE=y
CONFIG_FATFS_LFN_HEAP=
CONFIG_FATFS_LFN_STACK=
CONFIG_FATFS_FS_LOCK=0
CONFIG_FATFS_TIMEOUT_MS=10000
CONFIG_FATFS_PER_FILE_CACHE=y

#
# Modbus configuration
#
CONFIG_MB_QUEUE_LENGTH=20
CONFIG_MB_SERIAL_TASK_STACK_SIZE=2048
CONFIG_MB_SERIAL_BUF_SIZE=256
CONFIG_MB_SERIAL_TASK_PRIO=10
CONFIG_MB_CONTROLLER_SLAVE_ID_SUPPORT=
CONFIG_MB_CONTROLLER_NOTIFY_TIMEOUT=20
CONFIG_MB_CONTROLLER_NOTIFY_QUEUE_SIZE=20
CONFIG_MB_CONTROLLER_STACK_SIZE=4096
CONFIG_MB_EVENT_QUEUE_TIMEOUT=20
CONFIG_MB_TIMER_PORT_ENABLED=y
CONFIG_MB_TIMER_GROUP=0
CONFIG_MB_TIMER_INDEX=0

#
# FreeRTOS
#
CONFIG_FREERTOS_UNICORE=
CONFIG_FREERTOS_NO_AFFINITY=0x7FFFFFFF
CONFIG_FREERTOS_CORETIMER_0=y
CONFIG_FREERTOS_CORETIMER_1=
CONFIG_FREERTOS_HZ=100
CONFIG_FREERTOS_ASSERT_ON_UNTESTED_FUNCTION=y
CONFIG_FREERTOS_CHECK_STACKOVERFLOW_NONE=
CONFIG_FREERTOS_CHECK_STACKOVERFLOW_PTRVAL=
CONFIG_FREERTOS_CHECK_STACKOVERFLOW_CANARY=y
CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK=
CONFIG_FREERTOS_INTERRUPT_BACKTRACE=y
CONFIG_FREERTOS_THREAD_LOCAL_STORAGE_POINTERS=1
CONFIG_FREERTOS_ASSERT_FAIL_ABORT=y
CONFIG_FREERTOS_ASSERT_FAIL_PRINT_CONTINUE=
CONFIG_FREERTOS_ASSERT_DISABLE=
CONFIG_FREERTOS_IDLE_TASK_STACKSIZE=1536
CONFIG_FREERTOS_ISR_STACKSIZE=1536
CONFIG_FREERTOS_LEGACY_HOOKS=
CONFIG_FREERTOS_MAX_TASK_NAME_LEN=16
CONFIG_SUPPORT_STATIC_ALLOCATION=y
CONFIG_ENABLE_STATIC_TASK_CLEAN_UP_HOOK=
CONFIG_TIMER_TASK_PRIORITY=1
CONFIG_TIMER_TASK_STACK_DEPTH=2048
CONFIG_TIMER_QUEUE_LENGTH=10
CONFIG_FREERTOS_QUEUE_REGISTRY_SIZE=0
CONFIG_FREERTOS_USE_TRACE_FACILITY=
CONFIG_FREERTOS_GENERATE_RUN_TIME_STATS=
CONFIG_FREERTOS_DEBUG_INTERNALS=
CONFIG_FREERTOS_CHECK_MUTEX_GIVEN_BY_OWNER=y
CONFIG_FREERTOS_CHECK_PORT_CRITICAL_COMPLIANCE=

#
# Heap memory debugging
#
CONFIG_HEAP_POISONING_DISABLED=y
CONFIG_HEAP_POISONING_LIGHT=
CONFIG_HEAP_POISONING_COMPREHENSIVE=
CONFIG_HEAP_TRACING=

#
# libsodium
#
CONFIG_LIBSODIUM_USE_MBEDTLS_SHA=y

#
# Log output
#
CONFIG_LOG_DEFAULT_LEVEL_NONE=
CONFIG_LOG_DEFAULT_LEVEL_ERROR=
CONFIG_LOG_DEFAULT_LEVEL_WARN=
CONFIG_LOG_DEFAULT_LEVEL_INFO=y
CONFIG_LOG_DEFAULT_LEVEL_DEBUG=
CONFIG_LOG_DEFAULT_LEVEL_VERBOSE=
CONFIG_LOG_DEFAULT_LEVEL=3
CONFIG_LOG_COLORS=y

#
# LWIP
#
CONFIG_L2_TO_L3_COPY=
CONFIG_ETHARP_SUPPORT_VLAN=
CONFIG_LWIP_IRAM_OPTIMIZATION=
CONFIG_LWIP_MAX_SOCKETS=10
CONFIG_LWIP_RANDOMIZE_INITIAL_LOCAL_PORTS=y
CONFIG_USE_ONLY_LWIP_SELECT=
CONFIG_LWIP_SO_REUSE=y
CONFIG_LWIP_SO_REUSE_RXTOALL=y
CONFIG_LWIP_SO_RCVBUF=
CONFIG_LWIP_IP_FRAG=y
CONFIG_LWIP_IP_REASSEMBLY=
CONFIG_LWIP_STATS=
CONFIG_LWIP_ETHARP_TRUST_IP_MAC=
CONFIG_ESP_GRATUITOUS_ARP=y
CONFIG_GARP_TMR_INTERVAL=60
CONFIG_TCPIP_RECVMBOX_SIZE=32
CONFIG_LWIP_DHCP_DOES_ARP_CHECK=y
CONFIG_LWIP_DHCP_RESTORE_LAST_IP=

#
# DHCP server
#
CONFIG_LWIP_DHCPS_LEASE_UNIT=60
CONFIG_LWIP_DHCPS_MAX_STATION_NUM=8
CONFIG_LWIP_AUTOIP=
CONFIG_LWIP_IPV6_AUTOCONFIG=
CONFIG_LWIP_NETIF_LOOPBACK=y
CONFIG_LWIP_LOOPBACK_MAX_PBUFS=8

#
# TCP
#
CONFIG_LWIP_MAX_ACTIVE_TCP=16
CONFIG_LWIP_MAX_LISTENING_TCP=16
CONFIG_TCP_MAXRTX=12
CONFIG_TCP_SYNMAXRTX=6
CONFIG_TCP_MSS=1436
CONFIG_TCP_MSL=60000
CONFIG_TCP_SND_BUF_DEFAULT=5744
CONFIG_TCP_WND_DEFAULT=5744
CONFIG_TCP_RECVMBOX_SIZE=6
CONFIG_TCP_QUEUE_OOSEQ=y
CONFIG_ESP_TCP_KEEP_CONNECTION_WHEN_IP_CHANGES=
CONFIG_TCP_OVERSIZE_MSS=y
CONFIG_TCP_OVERSIZE_QUARTER_MSS=
CONFIG_TCP_OVERSIZE_DISABLE=

#
# UDP
#
CONFIG_LWIP_MAX_UDP_PCBS=16
CONFIG_UDP_RECVMBOX_SIZE=6
CONFIG_TCPIP_TASK_STACK_SIZE=3072
CONFIG_TCPIP_TASK_AFFINITY_NO_AFFINITY=y
CONFIG_TCPIP_TASK_AFFINITY_CPU0=
CONFIG_TCPIP_TASK_AFFINITY_CPU1=
CONFIG_TCPIP_TASK_AFFINITY=0x7FFFFFFF
CONFIG_PPP_SUPPORT=

#
# ICMP
#
CONFIG_LWIP_MULTICAST_PING=
CONFIG_LWIP_BROADCAST_PING=

#
# LWIP RAW API
#
CONFIG_LWIP_MAX_RAW_PCBS=16

#
# SNTP
#
CONFIG_LWIP_DHCP_MAX_NTP_SERVERS=1
CONFIG_LWIP_SNTP_UPDATE_DELAY=3600000

#
# mbedTLS
#
CONFIG_MBEDTLS_INTERNAL_MEM_ALLOC=y
CONFIG_MBEDTLS_DEFAULT_MEM_ALLOC=
CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC=
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=16384
CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=
CONFIG_MBEDTLS_DEBUG=
CONFIG_MBEDTLS_ECP_RESTARTABLE=
CONFIG_MBEDTLS_CMAC_C=
CONFIG_MBEDTLS_HARDWARE_AES=y
CONFIG_MBEDTLS_HARDWARE_MPI=
CONFIG_MBEDTLS_HARDWARE_SHA=
CONFIG_MBEDTLS_HAVE_TIME=y
CONFIG_MBEDTLS_HAVE_TIME_DATE=
CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=y
CONFIG_MBEDTLS_TLS_SERVER_ONLY=
CONFIG_MBEDTLS_TLS_CLIENT_ONLY=
CONFIG_MBEDTLS_TLS_DISABLED=
CONFIG_MBEDTLS_TLS_SERVER=y
CONFIG_MBEDTLS_TLS_CLIENT=y
CONFIG_MBEDTLS_TLS_ENABLED=y

#
# TLS Key Exchange Methods
#
CONFIG_MBEDTLS_PSK_MODES=
CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=y
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA=y
CONFIG_MBEDTLS_SSL_RENEGOTIATION=y
CONFIG_MBEDTLS_SSL_PROTO_SSL3=
CONFIG_MBEDTLS_SSL_PROTO_TLS1=y
CONFIG_MBEDTLS_SSL_PROTO_TLS1_1=y
CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y
CONFIG_MBEDTLS_SSL_PROTO_DTLS=
CONFIG_MBEDTLS_SSL_ALPN=y
CONFIG_MBEDTLS_SSL_SESSION_TICKETS=y

#
# Symmetric Ciphers
#
CONFIG_MBEDTLS_AES_C=y
CONFIG_MBEDTLS_CAMELLIA_C=
CONFIG_MBEDTLS_DES_C=
CONFIG_MBEDTLS_RC4_DISABLED=y
CONFIG_MBEDTLS_RC4_ENABLED_NO_DEFAULT=
CONFIG_MBEDTLS_RC4_ENABLED=
CONFIG_MBEDTLS_BLOWFISH_C=
CONFIG_MBEDTLS_XTEA_C=
CONFIG_MBEDTLS_CCM_C=y
CONFIG_MBEDTLS_GCM_C=y
CONFIG_MBEDTLS_RIPEMD160_C=

#
# Certificates
#
CONFIG_MBEDTLS_PEM_PARSE_C=y
CONFIG_MBEDTLS_PEM_WRITE_C=y
CONFIG_MBEDTLS_X509_CRL_PARSE_C=y
CONFIG_MBEDTLS_X509_CSR_PARSE_C=y
CONFIG_MBEDTLS_ECP_C=y
CONFIG_MBEDTLS_ECDH_C=y
CONFIG_MBEDTLS_ECDSA_C=y
CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=y
CONFIG_MBEDTLS_ECP_NIST_OPTIM=y

#
# mDNS
#
CONFIG_MDNS_MAX_SERVICES=10

#
# ESP-MQTT Configurations
#
CONFIG_MQTT_PROTOCOL_311=y
CONFIG_MQTT_TRANSPORT_SSL=y
CONFIG_MQTT_TRANSPORT_WEBSOCKET=y
CONFIG_MQTT_TRANSPORT_WEBSOCKET_SECURE=y
CONFIG_MQTT_USE_CUSTOM_CONFIG=
CONFIG_MQTT_TASK_CORE_SELECTION_ENABLED=
CONFIG_MQTT_CUSTOM_OUTBOX=

#
# NVS
#
CONFIG_NVS_ENCRYPTION=

#
# OpenSSL
#
CONFIG_OPENSSL_DEBUG=
CONFIG_OPENSSL_ASSERT_DO_NOTHING=y
CONFIG_OPENSSL_ASSERT_EXIT=

#
# PThreads
#
CONFIG_ESP32_PTHREAD_TASK_PRIO_DEFAULT=5
CONFIG_ESP32_PTHREAD_TASK_STACK_SIZE_DEFAULT=3072
CONFIG_PTHREAD_STACK_MIN=768
CONFIG_ESP32_DEFAULT_PTHREAD_CORE_NO_AFFINITY=y
CONFIG_ESP32_DEFAULT_PTHREAD_CORE_0=
CONFIG_ESP32_DEFAULT_PTHREAD_CORE_1=
CONFIG_ESP32_PTHREAD_TASK_CORE_DEFAULT=-1
CONFIG_ESP32_PTHREAD_TASK_NAME_DEFAULT="pthread"

#
# SPI Flash driver
#
CONFIG_SPI_FLASH_VERIFY_WRITE=
CONFIG_SPI_FLASH_ENABLE_COUNTERS=
CONFIG_SPI_FLASH_ROM_DRIVER_PATCH=y
CONFIG_SPI_FLASH_WRITING_DANGEROUS_REGIONS_ABORTS=y
CONFIG_SPI_FLASH_WRITING_DANGEROUS_REGIONS_FAILS=
CONFIG_SPI_FLASH_WRITING_DANGEROUS_REGIONS_ALLOWED=
CONFIG_SPI_FLASH_YIELD_DURING_ERASE=y
CONFIG_SPI_FLASH_ERASE_YIELD_DURATION_MS=20
CONFIG_SPI_FLASH_ERASE_YIELD_TICKS=1

#
# SPIFFS Configuration
#
CONFIG_SPIFFS_MAX_PARTITIONS=3

#
# SPIFFS Cache Configuration
#
CONFIG_SPIFFS_CACHE=y
CONFIG_SPIFFS_CACHE_WR=y
CONFIG_SPIFFS_CACHE_STATS=
CONFIG_SPIFFS_PAGE_CHECK=y
CONFIG_SPIFFS_GC_MAX_RUNS=10
CONFIG_SPIFFS_GC_STATS=
CONFIG_SPIFFS_PAGE_SIZE=256
CONFIG_SPIFFS_OBJ_NAME_LEN=32
CONFIG_SPIFFS_USE_MAGIC=y
CONFIG_SPIFFS_USE_MAGIC_LENGTH=y
CONFIG_SPIFFS_META_LENGTH=4
CONFIG_SPIFFS_USE_MTIME=y

#
# Debug Configuration
#
CONFIG_SPIFFS_DBG=
CONFIG_SPIFFS_API_DBG=
CONFIG_SPIFFS_GC_DBG=
CONFIG_SPIFFS_CACHE_DBG=
CONFIG_SPIFFS_CHECK_DBG=
CONFIG_SPIFFS_TEST_VISUALISATION=

#
# TCP/IP Adapter
#
CONFIG_IP_LOST_TIMER_INTERVAL=120
CONFIG_TCPIP_LWIP=y

#
# Unity unit testing library
#
CONFIG_UNITY_ENABLE_FLOAT=y
CONFIG_UNITY_ENABLE_DOUBLE=y
CONFIG_UNITY_ENABLE_COLOR=
CONFIG_UNITY_ENABLE_IDF_TEST_RUNNER=y
CONFIG_UNITY_ENABLE_FIXTURE=

#
# Virtual file system
#
CONFIG_SUPPRESS_SELECT_DEBUG_OUTPUT=y
CONFIG_SUPPORT_TERMIOS=y

#
# Wear Levelling
#
CONFIG_WL_SECTOR_SIZE_512=
CONFIG_WL_SECTOR_SIZE_4096=y
CONFIG_WL_SECTOR_SIZE=4096

#
# Wi-Fi Provisioning Manager
#
CONFIG_WIFI_PROV_SCAN_MAX_ENTRIES=16
And here is the UART output from the OTA process and the resulting reboot:

Code: Select all

I (8243) esp_https_ota: Starting OTA...
I (8243) esp_https_ota: Writing to partition subtype 16 at offset 0x160000
I (8243) ota: Running firmware version: v0.2.3-alpha25-1-gae638c6-dirty
I (31023) esp_https_ota: Connection closed
I (31023) boot_comm: chip revision: 1, min. application chip revision: 0
I (31023) esp_image: segment 0: paddr=0x00160020 vaddr=0x3f400020 size=0x6c8d0 (444624) map
I (31293) esp_image: segment 1: paddr=0x001cc8f8 vaddr=0x3ffb0000 size=0x035d0 ( 13776) 
I (31303) esp_image: segment 2: paddr=0x001cfed0 vaddr=0x40080000 size=0x00140 (   320) 
0x40080000: _WindowOverflow4 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/freertos/xtensa_vectors.S:1779

I (31303) esp_image: segment 3: paddr=0x001d0018 vaddr=0x400d0018 size=0x97890 (620688) map
0x400d0018: _flash_cache_start at ??:?

I (31673) esp_image: segment 4: paddr=0x002678b0 vaddr=0x40080140 size=0x002c0 (   704) 
0x40080140: _WindowUnderflow12 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/freertos/xtensa_vectors.S:1960

I (31673) esp_image: segment 5: paddr=0x00267b78 vaddr=0x40080400 size=0x15134 ( 86324) 
I (31733) esp_image: segment 6: paddr=0x0027ccb4 vaddr=0x400c0000 size=0x00064 (   100) 
I (31733) esp_image: segment 7: paddr=0x0027cd20 vaddr=0x50000000 size=0x00008 (     8) 
I (31743) esp_image: segment 8: paddr=0x0027cd30 vaddr=0x00000000 size=0x03250 ( 12880) 
I (31753) esp_image: Verifying image signature...
I (31913) boot_comm: chip revision: 1, min. application chip revision: 0
I (31913) esp_image: segment 0: paddr=0x00160020 vaddr=0x3f400020 size=0x6c8d0 (444624) map
I (32183) esp_image: segment 1: paddr=0x001cc8f8 vaddr=0x3ffb0000 size=0x035d0 ( 13776) 
I (32193) esp_image: segment 2: paddr=0x001cfed0 vaddr=0x40080000 size=0x00140 (   320) 
0x40080000: _WindowOverflow4 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/freertos/xtensa_vectors.S:1779

I (32193) esp_image: segment 3: paddr=0x001d0018 vaddr=0x400d0018 size=0x97890 (620688) map
0x400d0018: _flash_cache_start at ??:?

I (32563) esp_image: segment 4: paddr=0x002678b0 vaddr=0x40080140 size=0x002c0 (   704) 
0x40080140: _WindowUnderflow12 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/freertos/xtensa_vectors.S:1960

I (32563) esp_image: segment 5: paddr=0x00267b78 vaddr=0x40080400 size=0x15134 ( 86324) 
I (32623) esp_image: segment 6: paddr=0x0027ccb4 vaddr=0x400c0000 size=0x00064 (   100) 
I (32623) esp_image: segment 7: paddr=0x0027cd20 vaddr=0x50000000 size=0x00008 (     8) 
I (32633) esp_image: segment 8: paddr=0x0027cd30 vaddr=0x00000000 size=0x03250 ( 12880) 
I (32643) esp_image: Verifying image signature...
I (33653) ota: Prepare to restart system!
I (34663) wifi:state: run -> init (0)
I (34663) wifi:pm stop, total sleep time: 7322569 us / 34154227 us

I (34663) wifi:new:<11,0>, old:<11,0>, ap:<255,255>, sta:<11,0>, prof:1
I (34673) net_wifi: station disconnected: 8
I (34703) wifi:flush txq
I (34703) wifi:stop sw txq
I (34703) wifi:lmac stop hw txq
ets Jun  8 2016 00:22:57

rst:0xc (SW_CPU_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0018,len:4
load:0x3fff001c,len:10996
load:0x40078000,len:19280
load:0x40080400,len:6060
entry 0x40080710
I (106) boot: Chip Revision: 1
I (106) boot_comm: chip revision: 1, min. bootloader chip revision: 0
I (47) boot: ESP-IDF v3.3.2-dirty 2nd stage bootloader
I (47) boot: compile time 14:45:50
I (47) boot: Enabling RNG early entropy source...
I (52) boot: SPI Speed      : 40MHz
I (56) boot: SPI Mode       : DIO
I (60) boot: SPI Flash Size : 8MB
I (65) boot: Partition Table:
I (68) boot: ## Label            Usage          Type ST Offset   Length
I (75) boot:  0 dev_keys         unknown          40 00 0000e000 00004000
I (83) boot:  1 otadata          OTA data         01 00 00012000 00002000
I (90) boot:  2 nvs              WiFi data        01 02 00014000 00008000
I (98) boot:  3 factory          factory app      00 00 00020000 00140000
I (105) boot:  4 ota_0            OTA app          00 10 00160000 00140000
I (113) boot:  5 ota_1            OTA app          00 11 002a0000 00140000
I (120) boot:  6 storage          Unknown data     01 82 003e0000 00020000
I (128) boot: End of partition table
I (5132) boot: Detect a condition of the factory reset
I (5132) boot: Data partitions to erase: nvs,phy_init,storage,ota_0,ota_1
I (5134) boot_comm: ## Label            Usage Offset   Length   Cleaned
I (5227) boot_comm:  1 otadata          data  00012000 00002000 [yes]
I (5537) boot_comm:  2 nvs              data  00014000 00008000 [yes]
I (5996) boot_comm:  6 storage          data  003e0000 00020000 [yes]
E (5996) boot: ota data partition invalid, falling back to factory
I (5999) boot_comm: chip revision: 1, min. application chip revision: 0
I (6006) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f400020 size=0x6d700 (448256) map
I (6171) esp_image: segment 1: paddr=0x0008d728 vaddr=0x3ffb0000 size=0x028e8 ( 10472) load
I (6175) esp_image: segment 2: paddr=0x00090018 vaddr=0x400d0018 size=0x97918 (620824) map
0x400d0018: _flash_cache_start at ??:?

I (6393) esp_image: segment 3: paddr=0x00127938 vaddr=0x3ffb28e8 size=0x00d04 (  3332) load
I (6395) esp_image: segment 4: paddr=0x00128644 vaddr=0x40080000 size=0x00400 (  1024) load
0x40080000: _WindowOverflow4 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/freertos/xtensa_vectors.S:1779

I (6400) esp_image: segment 5: paddr=0x00128a4c vaddr=0x40080400 size=0x15134 ( 86324) load
I (6444) esp_image: segment 6: paddr=0x0013db88 vaddr=0x400c0000 size=0x00064 (   100) load
I (6444) esp_image: segment 7: paddr=0x0013dbf4 vaddr=0x50000000 size=0x00008 (     8) load
I (6450) esp_image: segment 8: paddr=0x0013dc04 vaddr=0x00000000 size=0x0237c (  9084) 
I (6462) esp_image: Verifying image signature...
I (6770) boot: Loaded app from partition at offset 0x20000
I (6770) secure_boot: bootloader secure boot is already enabled. No need to generate digest. continuing..
I (6775) boot: Checking flash encryption...
I (6780) flash_encrypt: flash encryption is enabled (0 plaintext flashes left)
I (6788) boot: Checking secure boot...
I (6792) secure_boot: bootloader secure boot is already enabled, continuing..
I (6800) boot: Disabling RNG early entropy source...
I (6806) cpu_start: Pro cpu up.
I (6810) cpu_start: Application information:
I (6815) cpu_start: Project name:     firespy
I (6820) cpu_start: App version:      v0.2.3-alpha25-1-gae638c6-dirty
I (6827) cpu_start: Compile time:     Apr 16 2020 14:40:57
I (6833) cpu_start: ELF file SHA256:  02a74ef4ceecd1d3...
I (6839) cpu_start: ESP-IDF:          v3.3.2-dirty
I (6844) cpu_start: Starting app cpu, entry point is 0x40081300
0x40081300: call_start_cpu1 at /Users/mfitz/git_repos/firespy/third-party/esp32/components/esp32/cpu_start.c:268

I (6828) cpu_start: App cpu up.
I (6855) heap_init: Initializing. RAM available for dynamic allocation:
I (6862) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (6868) heap_init: At 3FFB9DD8 len 00026228 (152 KiB): DRAM
I (6875) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (6881) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (6888) heap_init: At 40095534 len 0000AACC (42 KiB): IRAM
I (6894) cpu_start: Pro cpu start user code
I (202) cpu_start: Starting scheduler on PRO CPU.
I (0) cpu_start: Starting scheduler on APP CPU.
I (204) wakeup: Time of day 2020-04-16 04:48:17.692203
W (204) SPIFFS: mount failed, -10025. formatting...
I (874) fs: Partition size: total: 113201, used: 0
I (904) wifi:wifi driver task: 3ffc39cc, prio:23, stack:3584, core=0
I (904) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (904) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (994) wifi:wifi firmware version: 44aa95c
I (994) wifi:config NVS flash: enabled
I (994) wifi:config nano formating: disabled
I (994) wifi:Init dynamic tx buffer num: 32
I (1004) wifi:Init data frame dynamic rx buffer num: 32
I (1004) wifi:Init management frame dynamic rx buffer num: 32
I (1014) wifi:Init management short buffer num: 32
I (1014) wifi:Init static rx buffer size: 1600
I (1024) wifi:Init static rx buffer num: 10
I (1024) wifi:Init dynamic rx buffer num: 32
In the UART output, the bootloader prints "ota data partition invalid, falling back to factory". The OTA installation isn't reporting any errors, and it appears to be calling esp_ota_set_boot_partition(), so I'm not sure where the problem could be originating.

Any help or pointers would be appreciated. I haven't been able to find any example apps which configure secure boot, and flash encryption, and run OTA, but I would be happy if anyone was able to provide a link to one so I can compare.

Thanks,
Matt.

chegewara
Posts: 2364
Joined: Wed Jun 14, 2017 9:00 pm

Re: Secure Boot OTA data partition invalid

Postby chegewara » Thu Apr 16, 2020 8:57 am

This:
E (5996) boot: ota data partition invalid, falling back to factory
is consequence of this:
I (5132) boot: Detect a condition of the factory reset
I (5132) boot: Data partitions to erase: nvs,phy_init,storage,ota_0,ota_1
You have enabled factory reset functionality and pin 23 is pulled down for 5 seconds causing to erase ota_data.

Code: Select all

CONFIG_BOOTLOADER_NUM_PIN_FACTORY_RESET=23
CONFIG_BOOTLOADER_OTA_DATA_ERASE=y
CONFIG_BOOTLOADER_DATA_FACTORY_RESET="nvs,phy_init,storage,ota_0,ota_1"
CONFIG_BOOTLOADER_APP_TEST=
CONFIG_BOOTLOADER_HOLD_TIME_GPIO=5

mfitzpatrick
Posts: 3
Joined: Thu Apr 16, 2020 5:11 am

Re: Secure Boot OTA data partition invalid

Postby mfitzpatrick » Thu Apr 16, 2020 11:23 am

Oh of course, I can't believe I missed that! You are a genius, thankyou! I hadn't attached that pin to 3.3v, which meant it was indeed floating at 0v.
OTA works as expected now!

Who is online

Users browsing this forum: No registered users and 80 guests