Merge branch 'feat/flash_enc_encrypt_app_image_of_size_image_length' into 'master'

feat(bootloader_support): Encrypt only the app image instead of the whole partition

Closes IDFGH-11439

See merge request espressif/esp-idf!27295

docs/en/migration-guides/release-5.x/5.3/index.rst

@@ -7,5 +7,6 @@ Migration from 5.2 to 5.3
     :maxdepth: 1
 
     peripherals
+    security
     storage
     system

docs/en/migration-guides/release-5.x/5.3/security.rst

@@ -0,0 +1,14 @@
+Security
+========
+
+:link_to_translation:`zh_CN:[中文]`
+
+.. only:: SOC_FLASH_ENC_SUPPORTED
+
+    Platform security features
+    --------------------------
+
+    When flash encryption is enabled, encrypt only the app image that is present partition of type app, instead of encrypting the whole partition. This can help to optimize the encryption time required during the first boot.
+
+    This could be configured using the config ``CONFIG_SECURE_FLASH_ENCRYPT_ONLY_IMAGE_LEN_IN_APP_PART``, which is enabled by default from ESP-IDF v5.3
+    and is disabled for all earlier releases to avoid any breaking behaviour.