diff --git a/docs/docs_not_updated/esp32h21.txt b/docs/docs_not_updated/esp32h21.txt index 08e40370fd..9d8e6baeaf 100644 --- a/docs/docs_not_updated/esp32h21.txt +++ b/docs/docs_not_updated/esp32h21.txt @@ -139,7 +139,6 @@ api-reference/bluetooth/esp_hf_defs.rst api-reference/peripherals/cap_touch_sens.rst api-reference/peripherals/index.rst api-reference/peripherals/rmt.rst -api-reference/peripherals/ds.rst api-reference/peripherals/sdio_slave.rst api-reference/peripherals/bitscrambler.rst api-reference/peripherals/temp_sensor.rst @@ -156,7 +155,6 @@ api-reference/peripherals/sdspi_share.rst api-reference/peripherals/ana_cmpr.rst api-reference/peripherals/i2c_slave_v1.rst api-reference/peripherals/adc_continuous.rst -api-reference/peripherals/hmac.rst api-reference/peripherals/sdspi_host.rst api-reference/peripherals/vad.rst api-reference/peripherals/i2s.rst @@ -174,7 +172,6 @@ api-reference/peripherals/sd_pullup_requirements.rst api-reference/peripherals/parlio.rst api-reference/peripherals/adc_calibration.rst api-reference/peripherals/lp_i2s.rst -api-reference/peripherals/ecdsa.rst api-reference/peripherals/dac.rst api-reference/peripherals/spi_flash/index.rst api-reference/peripherals/spi_flash/spi_flash_concurrency.rst @@ -207,12 +204,6 @@ api-reference/system/inc/show-efuse-table_ESP32-H21.rst api-reference/system/inc/espefuse_summary_ESP32-H21.rst api-reference/system/inc/espefuse_summary_ESP32-H21_dump.rst api-reference/system/power_management.rst -security/index.rst -security/flash-encryption.rst -security/secure-boot-v1.rst -security/security.rst -security/security-features-enablement-workflows.rst -security/secure-boot-v2.rst security/vulnerabilities.rst security/tee/index.rst security/tee/tee-advanced.rst diff --git a/docs/en/security/esp32c3_log.inc b/docs/en/security/esp32c3_log.inc index c81421d382..6974abe041 100644 --- a/docs/en/security/esp32c3_log.inc +++ b/docs/en/security/esp32c3_log.inc @@ -31,8 +31,6 @@ I (81) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (84) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (132) boot: Loaded app from partition at offset 0x20000 I (133) boot: Checking flash encryption... I (137) efuse: Batch mode of writing fields is enabled @@ -57,8 +55,6 @@ I (715) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (717) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (760) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... I (14797) flash_encrypt: Done encrypting I (14801) flash_encrypt: Flash encryption completed @@ -100,8 +96,6 @@ I (86) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (88) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (139) boot: Loaded app from partition at offset 0x20000 I (139) boot: Checking flash encryption... I (144) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) diff --git a/docs/en/security/esp32h21_log.inc b/docs/en/security/esp32h21_log.inc index 61dd838690..89c793aba9 100644 --- a/docs/en/security/esp32h21_log.inc +++ b/docs/en/security/esp32h21_log.inc @@ -3,7 +3,67 @@ .. code-block:: none - To be updated + rst:0x1 (POWERON),boot:0x1f (SPI_FAST_FLASH_BOOT) + SPIWP:0xee + mode:DIO, clock div:2 + load:0x40842cf0,len:0x27a4 + load:0x40839580,len:0x944 + load:0x4083ba78,len:0x3f44 + entry 0x408395ee + I (31) boot: ESP-IDF v5.5-dev-1478-gc15e6e1fb66-dirt 2nd stage bootloader + I (32) boot: compile time Jan 16 2025 12:04:40 + I (34) boot: chip revision: v0.0 + I (34) boot: efuse block revision: v0.0 + I (37) boot.esp32h21: SPI Speed : 32MHz + I (41) boot.esp32h21: SPI Mode : DIO + I (45) boot.esp32h21: SPI Flash Size : 4MB + I (49) boot: Enabling RNG early entropy source... + I (61) boot: Partition Table: + I (64) boot: ## Label Usage Type ST Offset Length + I (70) boot: 0 nvs WiFi data 01 02 0000e000 00006000 + I (77) boot: 1 storage Unknown data 01 ff 00014000 00001000 + I (83) boot: 2 factory factory app 00 00 00020000 00100000 + I (90) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (96) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (103) boot: 5 fat_encrypted Unknown data 01 81 00127000 00096000 + I (109) boot: 6 fat_not_encr Unknown data 01 81 001bd000 00096000 + I (116) boot: End of partition table + I (119) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (153) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) load + I (165) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (232) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) load + I (239) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) load + I (248) boot: Loaded app from partition at offset 0x20000 + I (249) boot: Checking flash encryption... + I (250) efuse: Batch mode of writing fields is enabled + I (251) flash_encrypt: Using pre-loaded flash encryption key in efuse + W (257) flash_encrypt: Not disabling UART bootloader encryption + I (263) flash_encrypt: Disable JTAG... + I (266) efuse: BURN BLOCK0 + I (271) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (274) efuse: Batch mode. Prepared fields are committed + I (279) esp_image: segment 0: paddr=00000020 vaddr=40842cf0 size=027a4h ( 10148) + I (289) esp_image: segment 1: paddr=000027cc vaddr=40839580 size=00944h ( 2372) + I (294) esp_image: segment 2: paddr=00003118 vaddr=4083ba78 size=03f44h ( 16196) + I (924) flash_encrypt: bootloader encrypted successfully + I (1003) flash_encrypt: partition table encrypted and loaded successfully + I (1004) flash_encrypt: Encrypting partition 1 at offset 0x14000 (length 0x1000)... + I (1082) flash_encrypt: Done encrypting + I (1083) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (1103) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) + I (1115) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (1182) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) + I (1188) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) + I (1192) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x389a0)... + I (5680) flash_encrypt: Done encrypting + I (5681) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)... + I (5755) flash_encrypt: Done encrypting + I (5756) flash_encrypt: Encrypting partition 5 at offset 0x127000 (length 0x96000)... + I (14753) flash_encrypt: Done encrypting + I (14754) efuse: BURN BLOCK0 + I (14757) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (14759) flash_encrypt: Flash encryption completed + I (14760) boot: Resetting with flash encryption enabled... ------ @@ -11,7 +71,58 @@ .. code-block:: none - To be updated - + rst:0x3 (LP_SW_HPSYS),boot:0x1f (SPI_FAST_FLASH_BOOT) + Saved PC:0x4000321c + SPIWP:0xee + mode:DIO, clock div:2 + load:0x40842cf0,len:0x27a4 + load:0x40839580,len:0x944 + load:0x4083ba78,len:0x3f44 + entry 0x408395ee + I (36) boot: ESP-IDF v5.5-dev-1478-gc15e6e1fb66-dirt 2nd stage bootloader + I (37) boot: compile time Jan 16 2025 12:04:40 + I (38) boot: chip revision: v0.0 + I (39) boot: efuse block revision: v0.0 + I (42) boot.esp32h21: SPI Speed : 32MHz + I (46) boot.esp32h21: SPI Mode : DIO + I (50) boot.esp32h21: SPI Flash Size : 4MB + I (53) boot: Enabling RNG early entropy source... + I (66) boot: Partition Table: + I (68) boot: ## Label Usage Type ST Offset Length + I (74) boot: 0 nvs WiFi data 01 02 0000e000 00006000 + I (81) boot: 1 storage Unknown data 01 ff 00014000 00001000 + I (87) boot: 2 factory factory app 00 00 00020000 00100000 + I (94) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (101) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (107) boot: 5 fat_encrypted Unknown data 01 81 00127000 00096000 + I (114) boot: 6 fat_not_encr Unknown data 01 81 001bd000 00096000 + I (121) boot: End of partition table + I (124) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (160) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) load + I (173) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (249) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) load + I (257) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) load + I (266) boot: Loaded app from partition at offset 0x20000 + I (267) boot: Checking flash encryption... + I (268) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) + I (271) boot: Disabling RNG early entropy source... + I (295) cpu_start: Unicore app + I (300) cpu_start: Pro cpu start user code + I (304) cpu_start: cpu freq: 32000000 Hz + I (307) app_init: Application information: + I (311) app_init: Project name: flash_encryption + I (316) app_init: App version: v5.5-dev-1478-gc15e6e1fb66-dirt + I (322) app_init: Compile time: Jan 16 2025 12:04:30 + I (327) app_init: ELF file SHA256: ba86ca637... + I (331) app_init: ESP-IDF: v5.5-dev-1478-gc15e6e1fb66-dirt + I (337) efuse_init: Min chip rev: v0.0 + I (341) efuse_init: Max chip rev: v0.99 + I (345) efuse_init: Chip rev: v0.0 + I (349) heap_init: Initializing. RAM available for dynamic allocation: + I (355) heap_init: At 40809F70 len 00043410 (269 KiB): RAM + I (360) heap_init: At 4084D380 len 00002B60 (10 KiB): RAM + I (377) spi_flash: detected chip: generic + I (379) spi_flash: flash io: dio + W (382) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure) ------ diff --git a/docs/en/security/esp32s2_log.inc b/docs/en/security/esp32s2_log.inc index 5a006d79bd..0fa77c0d91 100644 --- a/docs/en/security/esp32s2_log.inc +++ b/docs/en/security/esp32s2_log.inc @@ -29,8 +29,6 @@ I (109) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (124) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) load I (129) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) load - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (136) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) load 0x40022404: _coredump_iram_end at ??:? @@ -38,9 +36,6 @@ 0x40080020: _stext at ??:? I (171) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) load - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (181) boot: Loaded app from partition at offset 0x20000 I (181) boot: Checking flash encryption... I (181) efuse: Batch mode of writing fields is enabled @@ -60,8 +55,6 @@ I (766) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (773) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) I (778) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (785) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) 0x40022404: _coredump_iram_end at ??:? @@ -69,9 +62,6 @@ 0x40080020: _stext at ??:? I (820) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (823) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... I (13869) flash_encrypt: Done encrypting I (13870) flash_encrypt: Flash encryption completed @@ -111,8 +101,6 @@ I (117) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (132) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) load I (137) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) load - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (144) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) load 0x40022404: _coredump_iram_end at ??:? @@ -120,9 +108,6 @@ 0x40080020: _stext at ??:? I (180) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) load - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (190) boot: Loaded app from partition at offset 0x20000 I (191) boot: Checking flash encryption... I (191) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) diff --git a/docs/en/security/esp32s3_log.inc b/docs/en/security/esp32s3_log.inc index 5dce4d5b33..1dbc433cb2 100644 --- a/docs/en/security/esp32s3_log.inc +++ b/docs/en/security/esp32s3_log.inc @@ -103,8 +103,6 @@ I (190) boot: Disabling RNG early entropy source... I (214) cpu_start: Pro cpu up. I (214) cpu_start: Starting app cpu, entry point is 0x40374fa8 - 0x40374fa8: call_start_cpu1 at /home/marius/esp-idf_3/components/esp_system/port/cpu_start.c:160 - I (0) cpu_start: App cpu up. I (228) cpu_start: Pro cpu start user code I (228) cpu_start: cpu freq: 160000000 diff --git a/docs/en/security/security.rst b/docs/en/security/security.rst index bc0a5f71ae..cb3c1a8667 100644 --- a/docs/en/security/security.rst +++ b/docs/en/security/security.rst @@ -1,7 +1,7 @@ Security Overview ================= -{IDF_TARGET_CIPHER_SCHEME:default="RSA", esp32h2="RSA or ECDSA", esp32p4="RSA or ECDSA", esp32c5="RSA or ECDSA", esp32c61="ECDSA"} +{IDF_TARGET_CIPHER_SCHEME:default="RSA", esp32h2="RSA or ECDSA", esp32p4="RSA or ECDSA", esp32c5="RSA or ECDSA", esp32c61="ECDSA", esp32h21="RSA or ECDSA"} {IDF_TARGET_SIG_PERI:default="DS", esp32h2="DS or ECDSA", esp32p4="DS or ECDSA", esp32c5="DS or ECDSA"} diff --git a/docs/zh_CN/security/esp32c3_log.inc b/docs/zh_CN/security/esp32c3_log.inc index a93d64472e..a4ce786ab6 100644 --- a/docs/zh_CN/security/esp32c3_log.inc +++ b/docs/zh_CN/security/esp32c3_log.inc @@ -31,8 +31,6 @@ I (81) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (84) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (132) boot: Loaded app from partition at offset 0x20000 I (133) boot: Checking flash encryption... I (137) efuse: Batch mode of writing fields is enabled @@ -57,8 +55,6 @@ I (715) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (717) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (760) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... I (14797) flash_encrypt: Done encrypting I (14801) flash_encrypt: Flash encryption completed @@ -100,8 +96,6 @@ I (86) esp_image: segment 3: paddr=0x0002f18c vaddr=0x00000000 size=0x00e8c ( 3724) I (88) esp_image: segment 4: paddr=0x00030020 vaddr=0x42000020 size=0x171a8 ( 94632) map - 0x42000020: esp_ota_get_app_description at /home/marius/clean/esp-idf_2/components/app_update/esp_app_desc.c:63 - I (139) boot: Loaded app from partition at offset 0x20000 I (139) boot: Checking flash encryption... I (144) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) diff --git a/docs/zh_CN/security/esp32h21_log.inc b/docs/zh_CN/security/esp32h21_log.inc index 61dd838690..89c793aba9 100644 --- a/docs/zh_CN/security/esp32h21_log.inc +++ b/docs/zh_CN/security/esp32h21_log.inc @@ -3,7 +3,67 @@ .. code-block:: none - To be updated + rst:0x1 (POWERON),boot:0x1f (SPI_FAST_FLASH_BOOT) + SPIWP:0xee + mode:DIO, clock div:2 + load:0x40842cf0,len:0x27a4 + load:0x40839580,len:0x944 + load:0x4083ba78,len:0x3f44 + entry 0x408395ee + I (31) boot: ESP-IDF v5.5-dev-1478-gc15e6e1fb66-dirt 2nd stage bootloader + I (32) boot: compile time Jan 16 2025 12:04:40 + I (34) boot: chip revision: v0.0 + I (34) boot: efuse block revision: v0.0 + I (37) boot.esp32h21: SPI Speed : 32MHz + I (41) boot.esp32h21: SPI Mode : DIO + I (45) boot.esp32h21: SPI Flash Size : 4MB + I (49) boot: Enabling RNG early entropy source... + I (61) boot: Partition Table: + I (64) boot: ## Label Usage Type ST Offset Length + I (70) boot: 0 nvs WiFi data 01 02 0000e000 00006000 + I (77) boot: 1 storage Unknown data 01 ff 00014000 00001000 + I (83) boot: 2 factory factory app 00 00 00020000 00100000 + I (90) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (96) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (103) boot: 5 fat_encrypted Unknown data 01 81 00127000 00096000 + I (109) boot: 6 fat_not_encr Unknown data 01 81 001bd000 00096000 + I (116) boot: End of partition table + I (119) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (153) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) load + I (165) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (232) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) load + I (239) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) load + I (248) boot: Loaded app from partition at offset 0x20000 + I (249) boot: Checking flash encryption... + I (250) efuse: Batch mode of writing fields is enabled + I (251) flash_encrypt: Using pre-loaded flash encryption key in efuse + W (257) flash_encrypt: Not disabling UART bootloader encryption + I (263) flash_encrypt: Disable JTAG... + I (266) efuse: BURN BLOCK0 + I (271) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (274) efuse: Batch mode. Prepared fields are committed + I (279) esp_image: segment 0: paddr=00000020 vaddr=40842cf0 size=027a4h ( 10148) + I (289) esp_image: segment 1: paddr=000027cc vaddr=40839580 size=00944h ( 2372) + I (294) esp_image: segment 2: paddr=00003118 vaddr=4083ba78 size=03f44h ( 16196) + I (924) flash_encrypt: bootloader encrypted successfully + I (1003) flash_encrypt: partition table encrypted and loaded successfully + I (1004) flash_encrypt: Encrypting partition 1 at offset 0x14000 (length 0x1000)... + I (1082) flash_encrypt: Done encrypting + I (1083) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (1103) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) + I (1115) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (1182) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) + I (1188) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) + I (1192) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x389a0)... + I (5680) flash_encrypt: Done encrypting + I (5681) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)... + I (5755) flash_encrypt: Done encrypting + I (5756) flash_encrypt: Encrypting partition 5 at offset 0x127000 (length 0x96000)... + I (14753) flash_encrypt: Done encrypting + I (14754) efuse: BURN BLOCK0 + I (14757) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (14759) flash_encrypt: Flash encryption completed + I (14760) boot: Resetting with flash encryption enabled... ------ @@ -11,7 +71,58 @@ .. code-block:: none - To be updated - + rst:0x3 (LP_SW_HPSYS),boot:0x1f (SPI_FAST_FLASH_BOOT) + Saved PC:0x4000321c + SPIWP:0xee + mode:DIO, clock div:2 + load:0x40842cf0,len:0x27a4 + load:0x40839580,len:0x944 + load:0x4083ba78,len:0x3f44 + entry 0x408395ee + I (36) boot: ESP-IDF v5.5-dev-1478-gc15e6e1fb66-dirt 2nd stage bootloader + I (37) boot: compile time Jan 16 2025 12:04:40 + I (38) boot: chip revision: v0.0 + I (39) boot: efuse block revision: v0.0 + I (42) boot.esp32h21: SPI Speed : 32MHz + I (46) boot.esp32h21: SPI Mode : DIO + I (50) boot.esp32h21: SPI Flash Size : 4MB + I (53) boot: Enabling RNG early entropy source... + I (66) boot: Partition Table: + I (68) boot: ## Label Usage Type ST Offset Length + I (74) boot: 0 nvs WiFi data 01 02 0000e000 00006000 + I (81) boot: 1 storage Unknown data 01 ff 00014000 00001000 + I (87) boot: 2 factory factory app 00 00 00020000 00100000 + I (94) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (101) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (107) boot: 5 fat_encrypted Unknown data 01 81 00127000 00096000 + I (114) boot: 6 fat_not_encr Unknown data 01 81 001bd000 00096000 + I (121) boot: End of partition table + I (124) esp_image: segment 0: paddr=00020020 vaddr=42030020 size=0a6e0h ( 42720) map + I (160) esp_image: segment 1: paddr=0002a708 vaddr=40800000 size=05910h ( 22800) load + I (173) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=2525ch (152156) map + I (249) esp_image: segment 3: paddr=00055284 vaddr=40805910 size=0282ch ( 10284) load + I (257) esp_image: segment 4: paddr=00057ab8 vaddr=40808140 size=00eb8h ( 3768) load + I (266) boot: Loaded app from partition at offset 0x20000 + I (267) boot: Checking flash encryption... + I (268) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) + I (271) boot: Disabling RNG early entropy source... + I (295) cpu_start: Unicore app + I (300) cpu_start: Pro cpu start user code + I (304) cpu_start: cpu freq: 32000000 Hz + I (307) app_init: Application information: + I (311) app_init: Project name: flash_encryption + I (316) app_init: App version: v5.5-dev-1478-gc15e6e1fb66-dirt + I (322) app_init: Compile time: Jan 16 2025 12:04:30 + I (327) app_init: ELF file SHA256: ba86ca637... + I (331) app_init: ESP-IDF: v5.5-dev-1478-gc15e6e1fb66-dirt + I (337) efuse_init: Min chip rev: v0.0 + I (341) efuse_init: Max chip rev: v0.99 + I (345) efuse_init: Chip rev: v0.0 + I (349) heap_init: Initializing. RAM available for dynamic allocation: + I (355) heap_init: At 40809F70 len 00043410 (269 KiB): RAM + I (360) heap_init: At 4084D380 len 00002B60 (10 KiB): RAM + I (377) spi_flash: detected chip: generic + I (379) spi_flash: flash io: dio + W (382) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure) ------ diff --git a/docs/zh_CN/security/esp32s2_log.inc b/docs/zh_CN/security/esp32s2_log.inc index bff49f521d..ea32491b41 100644 --- a/docs/zh_CN/security/esp32s2_log.inc +++ b/docs/zh_CN/security/esp32s2_log.inc @@ -29,8 +29,6 @@ I (109) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (124) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) load I (129) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) load - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (136) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) load 0x40022404: _coredump_iram_end at ??:? @@ -38,9 +36,6 @@ 0x40080020: _stext at ??:? I (171) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) load - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (181) boot: Loaded app from partition at offset 0x20000 I (181) boot: Checking flash encryption... I (181) efuse: Batch mode of writing fields is enabled @@ -60,8 +55,6 @@ I (766) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (773) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) I (778) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (785) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) 0x40022404: _coredump_iram_end at ??:? @@ -69,9 +62,6 @@ 0x40080020: _stext at ??:? I (820) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (823) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... I (13869) flash_encrypt: Done encrypting I (13870) flash_encrypt: Flash encryption completed @@ -111,8 +101,6 @@ I (117) esp_image: segment 0: paddr=0x00020020 vaddr=0x3f000020 size=0x0618c ( 24972) map I (132) esp_image: segment 1: paddr=0x000261b4 vaddr=0x3ffbcae0 size=0x02624 ( 9764) load I (137) esp_image: segment 2: paddr=0x000287e0 vaddr=0x40022000 size=0x00404 ( 1028) load - 0x40022000: _WindowOverflow4 at /home/marius/esp-idf/components/freertos/port/xtensa/xtensa_vectors.S:1730 - I (144) esp_image: segment 3: paddr=0x00028bec vaddr=0x40022404 size=0x0742c ( 29740) load 0x40022404: _coredump_iram_end at ??:? @@ -120,9 +108,6 @@ 0x40080020: _stext at ??:? I (180) esp_image: segment 5: paddr=0x000445a4 vaddr=0x40029830 size=0x032ac ( 12972) load - 0x40029830: gpspi_flash_ll_set_miso_bitlen at /home/marius/esp-idf/examples/security/flash_encryption/build/../../../../components/hal/esp32s2/include/hal/gpspi_flash_ll.h:261 - (inlined by) spi_flash_hal_gpspi_common_command at /home/marius/esp-idf/components/hal/spi_flash_hal_common.inc:161 - I (190) boot: Loaded app from partition at offset 0x20000 I (191) boot: Checking flash encryption... I (191) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) diff --git a/docs/zh_CN/security/esp32s3_log.inc b/docs/zh_CN/security/esp32s3_log.inc index 5dce4d5b33..1dbc433cb2 100644 --- a/docs/zh_CN/security/esp32s3_log.inc +++ b/docs/zh_CN/security/esp32s3_log.inc @@ -103,8 +103,6 @@ I (190) boot: Disabling RNG early entropy source... I (214) cpu_start: Pro cpu up. I (214) cpu_start: Starting app cpu, entry point is 0x40374fa8 - 0x40374fa8: call_start_cpu1 at /home/marius/esp-idf_3/components/esp_system/port/cpu_start.c:160 - I (0) cpu_start: App cpu up. I (228) cpu_start: Pro cpu start user code I (228) cpu_start: cpu freq: 160000000 diff --git a/docs/zh_CN/security/security.rst b/docs/zh_CN/security/security.rst index 6bdbfcec1b..eb7d349ecf 100644 --- a/docs/zh_CN/security/security.rst +++ b/docs/zh_CN/security/security.rst @@ -1,7 +1,7 @@ 安全概述 ======== -{IDF_TARGET_CIPHER_SCHEME:default="RSA", esp32h2="RSA 或 ECDSA", esp32p4="RSA 或 ECDSA", esp32c5="RSA 或 ECDSA"} +{IDF_TARGET_CIPHER_SCHEME:default="RSA", esp32h2="RSA 或 ECDSA", esp32p4="RSA 或 ECDSA", esp32c5="RSA 或 ECDSA", esp32c61="ECDSA", esp32h21="RSA 或 ECDSA"} {IDF_TARGET_SIG_PERI:default="DS", esp32h2="DS 或 ECDSA", esp32p4="DS 或 ECDSA", esp32c5="DS 或 ECDSA", esp32c61="ECDSA"}