flash加密问题咨询【已解决】

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Tue Jun 14, 2022 12:16 am

我就是按照你说的步骤,在现有efuse的值下,打开了menuconfig里面的flash加密选项。但是在烧写的时候提示我加密密钥需要先编程

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Tue Jun 14, 2022 12:19 am

wangyuxin-esp wrote:
Mon Jun 13, 2022 12:20 pm
从该设备的 efuse 来看,目前尚未使能 flash 加密。请通过 idf.py menuconfig -> security 选择启用 flash 加密,然后使用 idf.py flash monitor 烧录固件,若正常启用 flash 加密,可以在 log 中看到 flash encryption enabled 的类似提示。通过 menuconfig 进行使能 flash 加密后,再次通过 espefuse.py summary 查看设备 efuse,可以看到相关的 efuse 已经自动烧写,代表已经成功使能 flash 加密。
关于 flash 加密 develop 模式和 release 模式的说明参考:https://docs.espressif.com/projects/esp ... figuration

我就是在一个新的esp32S2上,直接在menuconfig中打开flash加密选项,其他啥也不改变。编译之后在烧写的时候就会提示那个报错。现在是烧写都无法成功烧写。

ESP_WangYX
Posts: 97
Joined: Mon Jun 28, 2021 12:48 pm

Re: flash加密问题咨询

Postby ESP_WangYX » Tue Jun 14, 2022 3:09 am

使用的什么版本的 esp-idf?请在 menuconfig 中选择使能 flash 加密,若烧录时提示上述错误,将 sdkconfig 中 Security features 下的配置发出来看看是不是配置问题。

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Tue Jun 14, 2022 8:30 am

wangyuxin-esp wrote:
Tue Jun 14, 2022 3:09 am
使用的什么版本的 esp-idf?请在 menuconfig 中选择使能 flash 加密,若烧录时提示上述错误,将 sdkconfig 中 Security features 下的配置发出来看看是不是配置问题。
我刚才有新创建一个flash加密的工程,只勾选了flash加密和efuse 虚拟化两个选项,我是用的IDF版本4.4.1.下面是donfig文件。在后面是烧写日志
{#
# Security features
#
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_TARGET_HAS_SECURE_ROM_DL_MODE=y
# CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT is not set
# CONFIG_SECURE_BOOT is not set
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_AES128=y
# CONFIG_SECURE_FLASH_ENCRYPTION_AES256 is not set
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not set}

> Executing task: D:/software/Espressif/python_env/idf4.4_py3.8_env/Scripts/python.exe D:\software\Espressif\frameworks\esp-idf-v4.4.1\components\esptool_py\esptool\esptool.py -p COM11 -b 460800 --before default_reset --after no_reset --chip esp32s2 write_flash --flash_mode dio --flash_freq 80m --flash_size detect 0x9000 partition_table/partition-table.bin --encrypt-files 0x20000 flash_encryption.bin 0x1000 bootloader/bootloader.bin <

esptool.py v3.3-dev
Serial port COM11
Connecting....
Chip is ESP32-S2
Features: WiFi, No Embedded Flash, No Embedded PSRAM, ADC and temperature sensor calibration in BLK2 of efuse V1
Crystal is 40MHz
MAC: 34:b4:72:69:a7:88
Uploading stub...
Running stub...
Stub running...
Changing baud rate to 460800
Changed.
Configuring flash size...
Auto-detected Flash size: 4MB
Flash encryption key is not programmed

A fatal error occurred: Can't perform encrypted flash write, consult Flash Encryption documentation for more information
终端进程“D:\software\Espressif\python_env\idf4.4_py3.8_env\Scripts\python.exe 'D:\software\Espressif\frameworks\esp-idf-v4.4.1\components\esptool_py\esptool\esptool.py', '-p', 'COM11', '-b', '460800', '--before', 'default_reset', '--after', 'no_reset', '--chip', 'esp32s2', 'write_flash', '--flash_mode', 'dio', '--flash_freq', '80m', '--flash_size', 'detect', '0x9000', 'partition_table/partition-table.bin', '--encrypt-files', '0x20000', 'flash_encryption.bin', '0x1000', 'bootloader/bootloader.bin'”已终止,退出代码: 2。

ESP_WangYX
Posts: 97
Joined: Mon Jun 28, 2021 12:48 pm

Re: flash加密问题咨询

Postby ESP_WangYX » Wed Jun 15, 2022 2:17 am

这里有两个需要排查的地方:
1)使用 efuse 虚拟功能,在官方文档和示例 https://github.com/espressif/esp-idf/tr ... encryption 中未说明与 efuse 虚拟功能结合使用的情况,请关闭 efuse 虚拟功能进行测试
2)从当前开发板配置的 security 选项来看,该开发板好像使能了 secure boot,在先启用 secure boot 后,security 配置菜单若未选择正确的选项,可能导致无法使能 flash 加密。作为安全功能,建议分开测试了解他们的不同。

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Thu Jun 16, 2022 6:18 am

wangyuxin-esp wrote:
Wed Jun 15, 2022 2:17 am
这里有两个需要排查的地方:
1)使用 efuse 虚拟功能,在官方文档和示例 https://github.com/espressif/esp-idf/tr ... encryption 中未说明与 efuse 虚拟功能结合使用的情况,请关闭 efuse 虚拟功能进行测试
2)从当前开发板配置的 security 选项来看,该开发板好像使能了 secure boot,在先启用 secure boot 后,security 配置菜单若未选择正确的选项,可能导致无法使能 flash 加密。作为安全功能,建议分开测试了解他们的不同。
# CONFIG_SECURE_BOOT is not set
中间这一行写的是安全启动没有开启吧。。。。
并且我测试了一下,关闭虚拟efuse是一样的。(并且在efuse文档中写的有虚拟保险丝可以在闪存加密和安全启动中使用,见下图)

{#
# Security features
#
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_TARGET_HAS_SECURE_ROM_DL_MODE=y
# CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT is not set
# CONFIG_SECURE_BOOT is not set
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_AES128=y
# CONFIG_SECURE_FLASH_ENCRYPTION_AES256 is not set
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not set}
QQ截图20220616141736.png
QQ截图20220616141736.png (135.05 KiB) Viewed 5357 times

ESP_WangYX
Posts: 97
Joined: Mon Jun 28, 2021 12:48 pm

Re: flash加密问题咨询

Postby ESP_WangYX » Thu Jun 16, 2022 1:11 pm

我这里使用 ESP32-S2-Saola-1_v1.2 基于 esp-idf tag v4.4.1,commit ID: 1329b19fe 进行了测试。

Code: Select all

security 配置如下:
#
# Security features
#
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_TARGET_HAS_SECURE_ROM_DL_MODE=y
# CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT is not set
# CONFIG_SECURE_BOOT is not set
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_AES128=y
# CONFIG_SECURE_FLASH_ENCRYPTION_AES256 is not set
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not set

#
# Potentially insecure options
#
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
# CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED is not set
# end of Potentially insecure options

CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP=y
# CONFIG_SECURE_DISABLE_ROM_DL_MODE is not set
# CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE is not set
CONFIG_SECURE_INSECURE_ALLOW_DL_MODE=y
# end of Security features
烧录命令如下:

Code: Select all

/home/w_yx/.espressif/python_env/idf4.4_py3.6_env/bin/python ../esp-idf/components/esptool_py/esptool/esptool.py -p (PORT) -b 460800 --before default_reset --after no_reset --chip esp32s2  write_flash --flash_mode dio --flash_size detect --flash_freq 80m 0x1000 build/bootloader/bootloader.bin 0xa000 build/partition_table/partition-table.bin 0x20000 build/hello_world.bin
烧录时使用的命令为 `idf.py flash`,烧录时的 log:

Code: Select all

w_yx@yx:~/esp32_4_4/hello_world$ idf.py flash
Executing action: flash
Serial port /dev/ttyUSB0
Connecting.....
Detecting chip type... Unsupported detection protocol, switching and trying again...
Detecting chip type... ESP32-S2
Running ninja in directory /home/w_yx/esp32_4_4/hello_world/build
Executing "ninja flash"...
[1/5] cd /home/w_yx/esp32_4_4/hello_world/build/esp-idf/esptool_py && /home/w_yx/.espressi...partition_table/partition-table.bin /home/w_yx/esp32_4_4/hello_world/build/hello_world.bin
hello_world.bin binary size 0x25800 bytes. Smallest app partition is 0x100000 bytes. 0xda800 bytes (85%) free.
[2/5] Performing build step for 'bootloader'
[1/1] cd /home/w_yx/esp32_4_4/hello_world/build/bootloader/esp-idf/esptool_py && /home/w_yx/.espressif/python_env/idf4.4_py3.6_env/bin/python /home/w_yx/esp32_4_4/esp-idf/components/partition_table/check_sizes.py --offset 0xa000 bootloader 0x1000 /home/w_yx/esp32_4_4/hello_world/build/bootloader/bootloader.bin
Bootloader binary size 0x72f0 bytes. 0x1d10 bytes (20%) free.
[2/3] cd /home/w_yx/esp32_4_4/esp-idf/components/esptool_py && /usr/bin/cmake -D IDF_PATH=...o_world/build" -P /home/w_yx/esp32_4_4/esp-idf/components/esptool_py/run_serial_tool.cmake
esptool.py esp32s2 -p /dev/ttyUSB0 -b 460800 --before=default_reset --after=no_reset write_flash --flash_mode dio --flash_freq 80m --flash_size 4MB 0x1000 bootloader/bootloader.bin 0x20000 hello_world.bin 0xa000 partition_table/partition-table.bin
esptool.py v3.3-dev
Serial port /dev/ttyUSB0
Connecting.....
Chip is ESP32-S2
Features: WiFi, No Embedded Flash, No Embedded PSRAM, ADC and temperature sensor calibration in BLK2 of efuse V1
Crystal is 40MHz
MAC: 7c:df:a1:01:1c:66
Uploading stub...
Running stub...
Stub running...
Changing baud rate to 460800
Changed.
Configuring flash size...
Flash will be erased from 0x00001000 to 0x00008fff...
Flash will be erased from 0x00020000 to 0x00045fff...
Flash will be erased from 0x0000a000 to 0x0000afff...
Compressed 29424 bytes to 17921...
Writing at 0x00001000... (50 %)
Writing at 0x00007ae9... (100 %)
Wrote 29424 bytes (17921 compressed) at 0x00001000 in 0.9 seconds (effective 275.5 kbit/s)...
Hash of data verified.
Compressed 153600 bytes to 86209...
Writing at 0x00020000... (16 %)
Writing at 0x0002a2b2... (33 %)
Writing at 0x0002fc6e... (50 %)
Writing at 0x0003567b... (66 %)
Writing at 0x0003b854... (83 %)
Writing at 0x00043d81... (100 %)
Wrote 153600 bytes (86209 compressed) at 0x00020000 in 2.2 seconds (effective 557.9 kbit/s)...
Hash of data verified.
Compressed 3072 bytes to 105...
Writing at 0x0000a000... (100 %)
Wrote 3072 bytes (105 compressed) at 0x0000a000 in 0.0 seconds (effective 512.7 kbit/s)...
Hash of data verified.

Leaving...
Staying in bootloader.
Done
可以正常启用 flash 加密,请检查上述配置和使用的烧录命令选项。

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Sat Jun 18, 2022 7:21 am

wangyuxin-esp wrote:
Thu Jun 16, 2022 1:11 pm
我这里使用 ESP32-S2-Saola-1_v1.2 基于 esp-idf tag v4.4.1,commit ID: 1329b19fe 进行了测试。

Code: Select all

security 配置如下:
#
# Security features
#
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_TARGET_HAS_SECURE_ROM_DL_MODE=y
# CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT is not set
# CONFIG_SECURE_BOOT is not set
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_AES128=y
# CONFIG_SECURE_FLASH_ENCRYPTION_AES256 is not set
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not set

#
# Potentially insecure options
#
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
# CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED is not set
# end of Potentially insecure options

CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP=y
# CONFIG_SECURE_DISABLE_ROM_DL_MODE is not set
# CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE is not set
CONFIG_SECURE_INSECURE_ALLOW_DL_MODE=y
# end of Security features
烧录命令如下:

Code: Select all

/home/w_yx/.espressif/python_env/idf4.4_py3.6_env/bin/python ../esp-idf/components/esptool_py/esptool/esptool.py -p (PORT) -b 460800 --before default_reset --after no_reset --chip esp32s2  write_flash --flash_mode dio --flash_size detect --flash_freq 80m 0x1000 build/bootloader/bootloader.bin 0xa000 build/partition_table/partition-table.bin 0x20000 build/hello_world.bin
烧录时使用的命令为 `idf.py flash`,烧录时的 log:

Code: Select all

w_yx@yx:~/esp32_4_4/hello_world$ idf.py flash
Executing action: flash
Serial port /dev/ttyUSB0
Connecting.....
Detecting chip type... Unsupported detection protocol, switching and trying again...
Detecting chip type... ESP32-S2
Running ninja in directory /home/w_yx/esp32_4_4/hello_world/build
Executing "ninja flash"...
[1/5] cd /home/w_yx/esp32_4_4/hello_world/build/esp-idf/esptool_py && /home/w_yx/.espressi...partition_table/partition-table.bin /home/w_yx/esp32_4_4/hello_world/build/hello_world.bin
hello_world.bin binary size 0x25800 bytes. Smallest app partition is 0x100000 bytes. 0xda800 bytes (85%) free.
[2/5] Performing build step for 'bootloader'
[1/1] cd /home/w_yx/esp32_4_4/hello_world/build/bootloader/esp-idf/esptool_py && /home/w_yx/.espressif/python_env/idf4.4_py3.6_env/bin/python /home/w_yx/esp32_4_4/esp-idf/components/partition_table/check_sizes.py --offset 0xa000 bootloader 0x1000 /home/w_yx/esp32_4_4/hello_world/build/bootloader/bootloader.bin
Bootloader binary size 0x72f0 bytes. 0x1d10 bytes (20%) free.
[2/3] cd /home/w_yx/esp32_4_4/esp-idf/components/esptool_py && /usr/bin/cmake -D IDF_PATH=...o_world/build" -P /home/w_yx/esp32_4_4/esp-idf/components/esptool_py/run_serial_tool.cmake
esptool.py esp32s2 -p /dev/ttyUSB0 -b 460800 --before=default_reset --after=no_reset write_flash --flash_mode dio --flash_freq 80m --flash_size 4MB 0x1000 bootloader/bootloader.bin 0x20000 hello_world.bin 0xa000 partition_table/partition-table.bin
esptool.py v3.3-dev
Serial port /dev/ttyUSB0
Connecting.....
Chip is ESP32-S2
Features: WiFi, No Embedded Flash, No Embedded PSRAM, ADC and temperature sensor calibration in BLK2 of efuse V1
Crystal is 40MHz
MAC: 7c:df:a1:01:1c:66
Uploading stub...
Running stub...
Stub running...
Changing baud rate to 460800
Changed.
Configuring flash size...
Flash will be erased from 0x00001000 to 0x00008fff...
Flash will be erased from 0x00020000 to 0x00045fff...
Flash will be erased from 0x0000a000 to 0x0000afff...
Compressed 29424 bytes to 17921...
Writing at 0x00001000... (50 %)
Writing at 0x00007ae9... (100 %)
Wrote 29424 bytes (17921 compressed) at 0x00001000 in 0.9 seconds (effective 275.5 kbit/s)...
Hash of data verified.
Compressed 153600 bytes to 86209...
Writing at 0x00020000... (16 %)
Writing at 0x0002a2b2... (33 %)
Writing at 0x0002fc6e... (50 %)
Writing at 0x0003567b... (66 %)
Writing at 0x0003b854... (83 %)
Writing at 0x00043d81... (100 %)
Wrote 153600 bytes (86209 compressed) at 0x00020000 in 2.2 seconds (effective 557.9 kbit/s)...
Hash of data verified.
Compressed 3072 bytes to 105...
Writing at 0x0000a000... (100 %)
Wrote 3072 bytes (105 compressed) at 0x0000a000 in 0.0 seconds (effective 512.7 kbit/s)...
Hash of data verified.

Leaving...
Staying in bootloader.
Done
可以正常启用 flash 加密,请检查上述配置和使用的烧录命令选项。


找到原因了,我是用的是windows下的IDF工具的烧写按钮进行的烧写。试了敲命令行是可以烧写成功的,你也可以测一下windows下烧写按钮。已经解决了谢谢啦

ESP_WangYX
Posts: 97
Joined: Mon Jun 28, 2021 12:48 pm

Re: flash加密问题咨询

Postby ESP_WangYX » Sun Jun 19, 2022 6:36 am

Good,我会记录下该问题。

xinhaojie
Posts: 57
Joined: Wed Feb 23, 2022 10:56 am

Re: flash加密问题咨询

Postby xinhaojie » Tue Jun 21, 2022 2:15 am

wangyuxin-esp wrote:
Sun Jun 19, 2022 6:36 am
Good,我会记录下该问题。
实在是不好意思, 我有遇到问题了。我使用命令行烧写成功后,发现测试用例跟README.md里面显示的日志不一致。也就是加密分区没有加密成功。我是用了官方例程,只打开了闪存加密和虚拟efuse。其他未做修改。

-----------------------------------------以下代码调试-------------------------------
const esp_partition_t* partition = esp_partition_find_first(
ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_ANY, "storage");
我在实例代码(example_read_write_flash)函数中打印了“storage”分区中的 bool encrypted; 这个字段,显示是0.。。。

------------------------------------------以下是分区表-------------------------------
# Name, Type, SubType, Offset, Size, Flags
nvs, data, nvs, , 0x6000,
# Extra partition to demonstrate reading/writing of encrypted flash
storage, data, 0xff, , 0x1000, encrypted
factory, app, factory, , 1M,
# nvs_key partition contains the key that encrypts the NVS partition named nvs. The nvs_key partition needs to be encrypted.
nvs_key, data, nvs_keys, , 0x1000, encrypted,
efuse_em, data, efuse, , 0x2000

-------------------------------------------以下是运行日志--------------------------
ESP-ROM:esp32s2-rc4-20191025
Build:Oct 25 2019
rst:0x1 (POWERON),boot:0x8 (SPI_FAST_FLASH_BOOT)
SPIWP:0xee
mode:DIO, clock div:1
load:0x3ffe63d0,len:0x29a4
load:0x4004c000,len:0xa5c
load:0x40050000,len:0x4318
entry 0x4004c208
W (24) boot.esp32s2: eFuse virtual mode is enabled. If Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY!
I (40) boot: ESP-IDF v4.4.1 2nd stage bootloader
I (40) boot: compile time 10:09:02
I (40) boot: chip revision: 0
I (43) boot.esp32s2: SPI Speed : 80MHz
I (47) boot.esp32s2: SPI Mode : DIO
I (52) boot.esp32s2: SPI Flash Size : 2MB
I (57) boot: Enabling RNG early entropy source...
I (62) boot: Partition Table:
I (66) boot: ## Label Usage Type ST Offset Length
I (73) boot: 0 nvs WiFi data 01 02 0000a000 00006000
I (81) boot: 1 storage Unknown data 01 ff 00010000 00001000
I (88) boot: 2 factory factory app 00 00 00020000 00100000
I (95) boot: 3 nvs_key NVS keys 01 04 00120000 00001000
W (103) efuse: Loading virtual efuse blocks from flash
EFUSE_BLKx:
0) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
1) 0x7269a788 0x000034b4 0x00000000 0x00000000 0x00000000 0x00000000
2) 0xacfdb107 0x3fc42e3e 0x6014fa62 0x683d0a8a 0x21218410 0x1e1d2420 0x620b241f 0x10724c0c
3) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
4) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
5) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
6) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
7) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
8) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
9) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
10) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000

I (195) boot: 4 efuse_em efuse 01 05 00121000 00002000
I (203) boot: End of partition table
I (207) esp_image: segment 0: paddr=00020020 vaddr=3f000020 size=08d14h ( 36116) map
I (223) esp_image: segment 1: paddr=00028d3c vaddr=3ffbd700 size=01d30h ( 7472) load
I (226) esp_image: segment 2: paddr=0002aa74 vaddr=40022000 size=055a4h ( 21924) load
I (238) esp_image: segment 3: paddr=00030020 vaddr=40080020 size=19f24h (106276) map
I (262) esp_image: segment 4: paddr=00049f4c vaddr=400275a4 size=0615ch ( 24924) load
I (268) esp_image: segment 5: paddr=000500b0 vaddr=50000000 size=00010h ( 16) load
I (274) boot: Loaded app from partition at offset 0x20000
I (274) boot: Checking flash encryption...
I (279) efuse: Batch mode of writing fields is enabled
I (284) flash_encrypt: Generating new flash encryption key...
I (294) efuse: Writing EFUSE_BLK_KEY0 with purpose 4
W (297) flash_encrypt: Not disabling UART bootloader encryption
I (303) flash_encrypt: Disable UART bootloader cache...
I (309) flash_encrypt: Disable JTAG...
W (313) efuse: Virtual efuses enabled: Not really burning eFuses
I (378) efuse: Batch mode. Prepared fields are committed
I (378) esp_image: segment 0: paddr=00001020 vaddr=3ffe63d0 size=029a4h ( 10660)
I (382) esp_image: segment 1: paddr=000039cc vaddr=4004c000 size=00a5ch ( 2652)
I (390) esp_image: segment 2: paddr=00004430 vaddr=40050000 size=04318h ( 17176)
I (789) flash_encrypt: bootloader encrypted successfully
I (855) flash_encrypt: partition table encrypted and loaded successfully
I (855) flash_encrypt: Encrypting partition 1 at offset 0x10000 (length 0x1000)...
I (893) flash_encrypt: Done encrypting
I (893) esp_image: segment 0: paddr=00020020 vaddr=3f000020 size=08d14h ( 36116) map
I (902) esp_image: segment 1: paddr=00028d3c vaddr=3ffbd700 size=01d30h ( 7472)
I (905) esp_image: segment 2: paddr=0002aa74 vaddr=40022000 size=055a4h ( 21924)
I (916) esp_image: segment 3: paddr=00030020 vaddr=40080020 size=19f24h (106276) map
I (941) esp_image: segment 4: paddr=00049f4c vaddr=400275a4 size=0615ch ( 24924)
I (946) esp_image: segment 5: paddr=000500b0 vaddr=50000000 size=00010h ( 16)
I (946) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)...
I (11114) flash_encrypt: Done encrypting
I (11114) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)...
I (11148) flash_encrypt: Done encrypting
W (11149) efuse: Virtual efuses enabled: Not really burning eFuses
I (11207) flash_encrypt: Flash encryption completed
I (11207) boot: Resetting with flash encryption enabled...
ESP-ROM:esp32s2-rc4-20191025
Build:Oct 25 2019
rst:0x3 (RTC_SW_SYS_RST),boot:0x8 (SPI_FAST_FLASH_BOOT)
Saved PC:0x400515fa
SPIWP:0xee
mode:DIO, clock div:1
load:0x3ffe63d0,len:0x29a4
load:0x4004c000,len:0xa5c
load:0x40050000,len:0x4318
entry 0x4004c208
W (26) boot.esp32s2: eFuse virtual mode is enabled. If Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY!
I (42) boot: ESP-IDF v4.4.1 2nd stage bootloader
I (43) boot: compile time 10:09:02
I (43) boot: chip revision: 0
I (45) boot.esp32s2: SPI Speed : 80MHz
I (50) boot.esp32s2: SPI Mode : DIO
I (54) boot.esp32s2: SPI Flash Size : 2MB
I (59) boot: Enabling RNG early entropy source...
I (65) boot: Partition Table:
I (68) boot: ## Label Usage Type ST Offset Length
I (75) boot: 0 nvs WiFi data 01 02 0000a000 00006000
I (83) boot: 1 storage Unknown data 01 ff 00010000 00001000
I (90) boot: 2 factory factory app 00 00 00020000 00100000
I (98) boot: 3 nvs_key NVS keys 01 04 00120000 00001000
W (106) efuse: Loading virtual efuse blocks from flash
EFUSE_BLKx:
0) 0x00800100 0x00048c01 0x04040000 0x00000000 0x00000002 0x00000000
1) 0x7269a788 0x000034b4 0x00000000 0x00000000 0x00000000 0x00000000
2) 0xacfdb107 0x3fc42e3e 0x6014fa62 0x683d0a8a 0x21218410 0x1e1d2420 0x620b241f 0x10724c0c
3) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
4) 0x3f375a98 0x74fdc1be 0xf88fc48c 0xc4eb3167 0x0a8cd2fc 0x8195a26a 0x75c655bd 0x0687d009
5) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
6) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
7) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
8) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
9) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
10) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000

I (198) boot: 4 efuse_em efuse 01 05 00121000 00002000
I (205) boot: End of partition table
I (209) esp_image: segment 0: paddr=00020020 vaddr=3f000020 size=08d14h ( 36116) map
I (225) esp_image: segment 1: paddr=00028d3c vaddr=3ffbd700 size=01d30h ( 7472) load
I (228) esp_image: segment 2: paddr=0002aa74 vaddr=40022000 size=055a4h ( 21924) load
I (240) esp_image: segment 3: paddr=00030020 vaddr=40080020 size=19f24h (106276) map
I (264) esp_image: segment 4: paddr=00049f4c vaddr=400275a4 size=0615ch ( 24924) load
I (271) esp_image: segment 5: paddr=000500b0 vaddr=50000000 size=00010h ( 16) load
I (277) boot: Loaded app from partition at offset 0x20000
I (277) boot: Checking flash encryption...
I (281) flash_encrypt: flash encryption is enabled (1 plaintext flashes left)
I (289) boot: Disabling RNG early entropy source...
I (306) cache: Instruction cache : size 8KB, 4Ways, cache line size 32Byte
I (306) cpu_start: Pro cpu up.
I (317) cpu_start: Pro cpu start user code
I (317) cpu_start: cpu freq: 240000000
I (318) cpu_start: Application information:
I (322) cpu_start: Project name: flash_encryption
I (328) cpu_start: App version: 1
I (332) cpu_start: Compile time: Jun 21 2022 10:08:52
I (338) cpu_start: ELF file SHA256: cdcfef02e329b7bf...
I (344) cpu_start: ESP-IDF: v4.4.1
I (349) heap_init: Initializing. RAM available for dynamic allocation:
I (356) heap_init: At 3FFBFE58 len 0003C1A8 (240 KiB): DRAM
I (363) heap_init: At 3FFFC000 len 00003A10 (14 KiB): DRAM
I (369) heap_init: At 3FF9E000 len 00002000 (8 KiB): RTCRAM
I (376) spi_flash: detected chip: generic
I (380) spi_flash: flash io: dio
W (384) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
W (397) cpu_start: eFuse virtual mode is enabled. If Secure boot or Flash encryption is enabled then it does not provide any security. FOR TESTING ONLY!
W (412) efuse: Loading virtual efuse blocks from flash
EFUSE_BLKx:
0) 0x00800100 0x00048c01 0x04040000 0x00000000 0x00000002 0x00000000
1) 0x7269a788 0x000034b4 0x00000000 0x00000000 0x00000000 0x00000000
2) 0xacfdb107 0x3fc42e3e 0x6014fa62 0x683d0a8a 0x21218410 0x1e1d2420 0x620b241f 0x10724c0c
3) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
4) 0x3f375a98 0x74fdc1be 0xf88fc48c 0xc4eb3167 0x0a8cd2fc 0x8195a26a 0x75c655bd 0x0687d009
5) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
6) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
7) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
8) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
9) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
10) 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000

W (503) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (511) cpu_start: Starting scheduler on PRO CPU.

Example to check Flash Encryption status
This is esp32s2 chip with 1 CPU core(s), WiFi, silicon revision 0, 2MB external flash
FLASH_CRYPT_CNT eFuse value is 1
Flash encryption feature is enabled in DEVELOPMENT mode
Erasing partition "storage" (0x1000 bytes)
Writing data with esp_partition_write:
I (616) example: 0x3ffc2e80 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (616) example: 0x3ffc2e90 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with esp_partition_read:
I (626) example: 0x3ffc2e60 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (636) example: 0x3ffc2e70 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with spi_flash_read:
I (646) example: 0x3ffc2e60 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (656) example: 0x3ffc2e70 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
I (666) nvs: NVS partition "nvs" is encrypted.

Who is online

Users browsing this forum: Bing [Bot] and 61 guests