Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
Posted: Wed Feb 07, 2024 5:45 pm
Good afternoon, I think I made a mistake trying to encrypt the flash and activate secure boot v2 and locked my chip. I think I know what my mistake was, but I would like to check it, so I don't make the same mistake again.
I had already done the process some time ago with the idf 4.2 version and now I am working with 5.1. The other times I have done it always went well, but it has been a while since I did it and although I read the documentation on encryption and secure boot in the new version, I think I made a mistake.
Once I had everything well configured:
1º I generated the signature with openssl genrsa -out my_secure_boot_signing_key.pem 3072
2º I executed idf.py menuconfig and activated the encryption in release mode and also secure boot, with the name of the signature that I had generated and uninhabited UART ROM download. then exit menuconfig and save changes.
3º Then I built idf.py build.
4º I built the bootloader again idf.py bootloader.
5º Then I plugged in the chip and flashed with the output of the build command, as I have done other times...espy...write-flash.
6º Finally, idf.py flash.
No step of this process gave me error, but the device would not reboot, nor would it allow me to re-flash, it no longer connects. The only thing I can do is idf.py /dev/ttyACM0 monitor and then I see that it is constantly rebooting with this error:
I think my mistake was, flashing the bootloader first, I should have run idf.py flash and reboot it first so it would have encrypted the flash first.
As I didn't have the OTA scheme implemented and the unlock encryption mode selected, I think nothing can be done to recover the chip.
Please, if someone can confirm that my mistake was to do the secure boot process before doing idf.py flash to make it encrypted, please confirm it. I don't want to mess up a chip again. And if so, I think the documentation should highlight this point to send this error.
Thank you very much in advance,
I had already done the process some time ago with the idf 4.2 version and now I am working with 5.1. The other times I have done it always went well, but it has been a while since I did it and although I read the documentation on encryption and secure boot in the new version, I think I made a mistake.
Once I had everything well configured:
1º I generated the signature with openssl genrsa -out my_secure_boot_signing_key.pem 3072
2º I executed idf.py menuconfig and activated the encryption in release mode and also secure boot, with the name of the signature that I had generated and uninhabited UART ROM download. then exit menuconfig and save changes.
3º Then I built idf.py build.
4º I built the bootloader again idf.py bootloader.
5º Then I plugged in the chip and flashed with the output of the build command, as I have done other times...espy...write-flash.
6º Finally, idf.py flash.
No step of this process gave me error, but the device would not reboot, nor would it allow me to re-flash, it no longer connects. The only thing I can do is idf.py /dev/ttyACM0 monitor and then I see that it is constantly rebooting with this error:
Code: Select all
I (200) cpu_start: ELF file SHA256: d2b95646ec6ceb5d...
Warning: checksum mismatch between flashed and built applications. Checksum of built application is 1a031e44c0ef97588e9b046b6bebb50c3ba15637bb1b82456341ab20f3f39ffd
I (206) cpu_start: ESP-IDF: v5.1.1-1-gd3c99ed3b8
I (212) cpu_start: Min chip rev: v3.0
I (217) cpu_start: Max chip rev: v3.99
I (221) cpu_start: Chip rev: v3.0
I (226) heap_init: Initializing. RAM available for dynamic allocation:
I (234) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (239) heap_init: At 3FFB3070 len 0002CF90 (179 KiB): DRAM
I (246) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (252) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (259) heap_init: At 4008CD70 len 00013290 (76 KiB): IRAM
I (266) spi_flash: detected chip: winbond
I (269) spi_flash: flash io: dio
E (273) flash_encrypt: Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on
abort() was called at PC 0x400e34b6 on core 0
0x400e34b6: esp_mmu_vaddr_to_paddr at /home/alfredo/esp/esp-idf/components/esp_mm/esp_mmu_map.c:724 (discriminator 5)
Backtrace: 0x400813be:0x3ffe3b30 0x40086595:0x3ffe3b50 0x4008b98e:0x3ffe3b70 0x400e34b6:0x3ffe3be0 0x400d2282:0x3ffe3c10 0x40081282:0x3ffe3c50 0x400791b6:0x3ffe3c90 |<-CORRUPTED
0x400813be: rtc_brownout_isr_handler at /home/alfredo/esp/esp-idf/components/esp_system/port/brownout.c:49
0x40086595: xQueueGenericReset at /home/alfredo/esp/esp-idf/components/freertos/FreeRTOS-Kernel/queue.c:300 (discriminator 1)
0x4008b98e: _calloc_r at /home/alfredo/esp/esp-idf/components/newlib/heap.c:70
0x400e34b6: esp_mmu_vaddr_to_paddr at /home/alfredo/esp/esp-idf/components/esp_mm/esp_mmu_map.c:724 (discriminator 5)
0x400d2282: panic_handler at /home/alfredo/esp/esp-idf/components/esp_system/port/panic_handler.c:167
0x40081282: xt_highint4 at /home/alfredo/esp/esp-idf/components/esp_system/port/soc/esp32/highint_hdl.S:286
ELF file SHA256: d2b95646ec6ceb5d
Warning: checksum mismatch between flashed and built applications. Checksum of built application is 1a031e44c0ef97588e9b046b6bebb50c3ba15637bb1b82456341ab20f3f39ffd
Rebooting...
As I didn't have the OTA scheme implemented and the unlock encryption mode selected, I think nothing can be done to recover the chip.
Please, if someone can confirm that my mistake was to do the secure boot process before doing idf.py flash to make it encrypted, please confirm it. I don't want to mess up a chip again. And if so, I think the documentation should highlight this point to send this error.
Thank you very much in advance,