espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-03 20:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'doc/ota_flashenc_config' into 'master'

Browse Source 
docs: Add note that flash encryption is required in OTA app updates

See merge request espressif/esp-idf!6835
This commit is contained in:
Angus Gratton
2019-12-03 15:03:46 +08:00
parent 0ac47a6269 6bb09224b5
commit 7c8139734d
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/en/security/flash-encryption.rst
View File

@@ -377,7 +377,8 @@ On next boot second stage bootloader will encrypt the flash app partition and th
Once the flash encryption is enabled in Release mode the bootloader will write protect the ``FLASH_CRYPT_CNT`` eFuse. Once the flash encryption is enabled in Release mode the bootloader will write protect the ``FLASH_CRYPT_CNT`` eFuse.
For subsequent plaintext update in field OTA scheme should be used. Please refer :doc:`OTA <../api-reference/system/ota>` for further details. For subsequent plaintext update in field :ref:`OTA scheme <updating-encrypted-flash-ota>` should be used.
Possible Failures Possible Failures
^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^
@@ -547,6 +548,10 @@ OTA Updates
OTA updates to encrypted partitions will automatically write encrypted, as long as the ``esp_partition_write`` function is used. OTA updates to encrypted partitions will automatically write encrypted, as long as the ``esp_partition_write`` function is used.
Any app image which will be OTA updated onto a device with flash encryption enabled requires :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>` option to be enabled in the app configuration as well, when building the app.
Please refer to :doc:`OTA <../api-reference/system/ota>` for general information about ESP-IDF OTA updates.
.. _updating-encrypted-flash-serial: .. _updating-encrypted-flash-serial: