mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
Merge branch 'bugfix/nvs_partition_encrypted_flag_compatibility_v4.4' into 'release/v4.4'
nvs: add config to ignore "encrypted" flag of nvs partitions (v4.4) See merge request espressif/esp-idf!15920
This commit is contained in:
commit
81e0c7f662
@ -9,4 +9,15 @@ menu "NVS"
|
||||
the complete NVS data, except the page headers. It requires XTS encryption keys
|
||||
to be stored in an encrypted partition. This means enabling flash encryption is
|
||||
a pre-requisite for this feature.
|
||||
|
||||
config NVS_COMPATIBLE_PRE_V4_3_ENCRYPTION_FLAG
|
||||
bool "NVS partition encrypted flag compatible with ESP-IDF before v4.3"
|
||||
depends on SECURE_FLASH_ENC_ENABLED
|
||||
help
|
||||
Enabling this will ignore "encrypted" flag for NVS partitions. NVS encryption
|
||||
scheme is different than hardware flash encryption and hence it is not recommended
|
||||
to have "encrypted" flag for NVS partitions. This was not being checked in pre v4.3
|
||||
IDF. Hence, if you have any devices where this flag is kept enabled in partition
|
||||
table then enabling this config will allow to have same behavior as pre v4.3 IDF.
|
||||
|
||||
endmenu
|
||||
|
@ -227,14 +227,23 @@ static esp_err_t load_partitions(void)
|
||||
if (!esp_flash_encryption_enabled()) {
|
||||
/* If flash encryption is not turned on, no partitions should be treated as encrypted */
|
||||
item->info.encrypted = false;
|
||||
} else if (entry.type == PART_TYPE_APP
|
||||
|| (entry.type == PART_TYPE_DATA && entry.subtype == PART_SUBTYPE_DATA_OTA)
|
||||
|| (entry.type == PART_TYPE_DATA && entry.subtype == PART_SUBTYPE_DATA_NVS_KEYS)) {
|
||||
} else if (entry.type == ESP_PARTITION_TYPE_APP
|
||||
|| (entry.type == ESP_PARTITION_TYPE_DATA && entry.subtype == ESP_PARTITION_SUBTYPE_DATA_OTA)
|
||||
|| (entry.type == ESP_PARTITION_TYPE_DATA && entry.subtype == ESP_PARTITION_SUBTYPE_DATA_NVS_KEYS)) {
|
||||
/* If encryption is turned on, all app partitions and OTA data
|
||||
are always encrypted */
|
||||
item->info.encrypted = true;
|
||||
}
|
||||
|
||||
#if CONFIG_NVS_COMPATIBLE_PRE_V4_3_ENCRYPTION_FLAG
|
||||
if (entry.type == ESP_PARTITION_TYPE_DATA &&
|
||||
entry.subtype == ESP_PARTITION_SUBTYPE_DATA_NVS &&
|
||||
(entry.flags & PART_FLAG_ENCRYPTED)) {
|
||||
ESP_LOGI(TAG, "Ignoring encrypted flag for \"%s\" partition", entry.label);
|
||||
item->info.encrypted = false;
|
||||
}
|
||||
#endif
|
||||
|
||||
// item->info.label is initialized by calloc, so resulting string will be null terminated
|
||||
strncpy(item->info.label, (const char*) entry.label, sizeof(item->info.label) - 1);
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user