Download mode disabled, flash encryption failed

[JWitteman]

Is it possible for secure boot v2 to disable the download mode before the flash encryption finishes?

I have CONFIG_SECURE_DISABLE_ROM_DL_MODE enabled. From the description I'm reading that during the startup of my app the download mode is disabled. But I have devices that are unable to start the application that has been uploaded during the production process (The serial console shows invalid header error). What might have happened to these devices is that during the assembly process they have been temporary been powered starting the flash encryption process but not long enough to finish it. I'm using esp32 v3, with secure boot v2 and flash encryption.

I have looked into the disable rom bootloader feature it gets enable here:
https://github.com/espressif/esp-idf/bl ... tup.c#L312
But I also found it here:
https://github.com/espressif/esp-idf/bl ... ures.c#L74
which I think gets called here:
https://github.com/espressif/esp-idf/bl ... ity.c#L587

This is on esp-idf version v4.4.2 which is the version the project is based on.

[ESP_Mahavir]

Hello,

Yes, the download mode will get disabled during secure boot workflow in the bootloader. The startup code that you pointed out is an additional protection kept to disable the download mode through the application (if not already disabled).

during the assembly process they have been temporary been powered starting the flash encryption process

We recommend to have stable and uninterrupted power supply during secure manufacturing process. For this case, we will check if we can refactor bootloader code to handle this failure scenario.

Alternatively, you may keep the `CONFIG_SECURE_DISABLE_ROM_DL_MODE` enabled only in the application code and let its startup code handle the EFuse programming.

[JWitteman]

Thank you for the information and confirming my suspicion.
I have all the information to determine what fix is most viable for the production process.