bootloader: add a config to enable flashing of bootloader using

the command `idf.py flash` when secure boot v2 is enabled.

components/bootloader/CMakeLists.txt

@@ -7,8 +7,9 @@ endif()
 
 add_dependencies(bootloader partition_table_bin)
 
-# When secure boot is enabled, do not flash bootloader along with invocation of `idf.py flash`
-if(NOT CONFIG_SECURE_BOOT)
+# When secure boot is enabled and CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT is not enabled
+# do not flash the bootloader along with the other artifacts using the command `idf.py flash`
+if(NOT CONFIG_SECURE_BOOT OR CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT)
     set(flash_bootloader FLASH_IN_PROJECT)
 endif()
 
@@ -18,7 +19,7 @@ esptool_py_flash_target_image(bootloader-flash bootloader
     "${BOOTLOADER_BUILD_DIR}/bootloader.bin")
 
 # Also attach an image to the project flash target
-if(NOT CONFIG_SECURE_BOOT)
+if(NOT CONFIG_SECURE_BOOT OR CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT)
     esptool_py_flash_target_image(flash bootloader
         ${CONFIG_BOOTLOADER_OFFSET_IN_FLASH}
         "${BOOTLOADER_BUILD_DIR}/bootloader.bin")

components/bootloader/Kconfig.projbuild

@@ -737,6 +737,23 @@ menu "Security features"
             This can lead to permanent bricking of the device, in case all keys are revoked
             because of signature verification failure.
 
+    config SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT
+        bool "Flash bootloader along with other artifacts when using the default flash command"
+        depends on SECURE_BOOT_V2_ENABLED && SECURE_BOOT_BUILD_SIGNED_BINARIES
+        default N
+        help
+            When Secure Boot V2 is enabled, by default the bootloader is not flashed along with other artifacts
+            like the application and the partition table images, i.e. bootloader has to be seperately flashed
+            using the command `idf.py bootloader flash`, whereas, the application and partition table can be flashed
+            using the command `idf.py flash` itself.
+            Enabling this option allows flashing the bootloader along with the other artifacts
+            by invocation of the command `idf.py flash`.
+
+            If this option is enabled make sure that even the bootloader is signed using the correct secure boot key,
+            otherwise the bootloader signature verification would fail, as hash of the public key which is present in
+            the bootloader signature would not match with the digest stored into the efuses
+            and thus the device will not be able to boot up.
+
     choice SECURE_BOOTLOADER_KEY_ENCODING
         bool "Hardware Key Encoding"
         depends on SECURE_BOOTLOADER_REFLASHABLE

components/bootloader/subproject/CMakeLists.txt

@@ -202,7 +202,11 @@ elseif(CONFIG_SECURE_BOOTLOADER_REFLASHABLE)
             "* Not recommended to re-use the same secure boot keyfile on multiple production devices."
         DEPENDS gen_secure_bootloader_key gen_bootloader_digest_bin
         VERBATIM)
-elseif(CONFIG_SECURE_BOOT_V2_ENABLED AND (CONFIG_IDF_TARGET_ESP32S2 OR CONFIG_IDF_TARGET_ESP32C3))
+elseif(
+        CONFIG_SECURE_BOOT_V2_ENABLED AND
+        (CONFIG_SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS GREATER 1) AND
+        NOT CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT
+    )
     add_custom_command(TARGET bootloader.elf POST_BUILD
     COMMAND ${CMAKE_COMMAND} -E echo
         "=============================================================================="
@@ -221,7 +225,7 @@ elseif(CONFIG_SECURE_BOOT_V2_ENABLED AND (CONFIG_IDF_TARGET_ESP32S2 OR CONFIG_ID
         "=============================================================================="
     DEPENDS gen_signed_bootloader
     VERBATIM)
-elseif(CONFIG_SECURE_BOOT_V2_ENABLED)
+elseif(CONFIG_SECURE_BOOT_V2_ENABLED AND NOT CONFIG_SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT)
     add_custom_command(TARGET bootloader.elf POST_BUILD
     COMMAND ${CMAKE_COMMAND} -E echo
         "=============================================================================="