탐색 도움말
로그인
RT-Thread-packages
/
esp-idf
의 미러 https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
포크 0
파일 이슈 0 위키
소스 검색

Merge branch 'feature/logs_for_flash_enc_virtual' into 'master'

bootloader_support: Adds better logs for virtual efuses

See merge request espressif/esp-idf!21748

Closes https://github.com/espressif/esp-idf/pull/10383
Mahavir Jain 3 년 전
부모
4934487be4 92de037883
커밋
d6dd8a56f3
3개의 변경된 파일12개의 추가작업 그리고 0개의 파일을 삭제
분할 보기 변경상태 보기
  1. 5 0
      components/bootloader/Kconfig.projbuild
  2. 4 0
      components/bootloader_support/src/flash_encryption/flash_encrypt.c
  3. 3 0
      components/efuse/Kconfig

+ 5 - 0
components/bootloader/Kconfig.projbuild
파일 보기 

@@ -811,6 +811,10 @@ menu "Security features"
 
             Release mode should always be selected for production or manufacturing. Once enabled it's no longer
 
             possible for the device in ROM Download Mode to use the flash encryption hardware.
 
 
+            When EFUSE_VIRTUAL is enabled, SECURE_FLASH_ENCRYPTION_MODE_RELEASE is not available.
 
+            For CI tests we use IDF_CI_BUILD to bypass it ("export IDF_CI_BUILD=1").
 
+            We do not recommend bypassing it for other purposes.
 
+
 
             Refer to the Flash Encryption section of the ESP-IDF Programmer's Guide for details.
 
 
         config SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT
 
@@ -820,6 +824,7 @@ menu "Security features"
 
         config SECURE_FLASH_ENCRYPTION_MODE_RELEASE
 
             bool "Release"
 
             select PARTITION_TABLE_MD5 if !APP_COMPATIBLE_PRE_V3_1_BOOTLOADERS
 
+            depends on !EFUSE_VIRTUAL || IDF_CI_BUILD
 
 
     endchoice

+ 4 - 0
components/bootloader_support/src/flash_encryption/flash_encrypt.c
파일 보기 

@@ -313,6 +313,10 @@ esp_err_t esp_flash_encrypt_enable(void)
 
 
     ESP_LOGI(TAG, "Flash encryption completed");
 
 
+#if CONFIG_EFUSE_VIRTUAL
 
+    ESP_LOGW(TAG, "Flash encryption not really completed. Must disable virtual efuses");
 
+#endif
 
+
 
     return err;
 
 }

+ 3 - 0
components/efuse/Kconfig
파일 보기 

@@ -23,6 +23,9 @@ menu "eFuse Bit Manager"
 
             to RAM instead of eFuse registers, all permanent changes (via eFuse) are disabled.
 
             Log output will state changes that would be applied, but they will not be.
 
 
+            If it is "y", then SECURE_FLASH_ENCRYPTION_MODE_RELEASE cannot be used.
 
+            Because the EFUSE VIRT mode is for testing only.
 
+
 
             During startup, the eFuses are copied into RAM. This mode is useful for fast tests.
 
 
     config EFUSE_VIRTUAL_KEEP_IN_FLASH