From a88130a71e87acb9cc1a955b0231d0ba5b1a32a3 Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Mon, 27 Mar 2023 16:53:53 +0530 Subject: [PATCH] docs: add flash enc process logs for ESP32-H2 and ESP32-C6 --- docs/docs_not_updated/esp32h2.txt | 1 - docs/en/security/esp32c6_log.inc | 132 +++++++++++++++++++++++++++++- docs/en/security/esp32h2_log.inc | 129 ++++++++++++++++++++++++++++- 3 files changed, 257 insertions(+), 5 deletions(-) diff --git a/docs/docs_not_updated/esp32h2.txt b/docs/docs_not_updated/esp32h2.txt index 1be9bd7095..841d05ac1e 100644 --- a/docs/docs_not_updated/esp32h2.txt +++ b/docs/docs_not_updated/esp32h2.txt @@ -117,7 +117,6 @@ api-reference/protocols/esp_tls api-reference/protocols/mdns api-reference/protocols/index api-reference/protocols/asio -security/esp32h2_log.inc about resources migration-guides/release-5.x/5.1/index diff --git a/docs/en/security/esp32c6_log.inc b/docs/en/security/esp32c6_log.inc index 53eb89084e..32a13c25c8 100644 --- a/docs/en/security/esp32c6_log.inc +++ b/docs/en/security/esp32c6_log.inc @@ -1,13 +1,141 @@ .. first_boot_enc -TO BE UPDATED TODO IDF-5932 +.. code-block:: none + + rst:0x1 (POWERON),boot:0xc (SPI_FAST_FLASH_BOOT) + SPIWP:0xee + mode:DIO, clock div:2 + load:0x4086c410,len:0xd5c + load:0x4086e610,len:0x4584 + load:0x40875888,len:0x2bac + entry 0x4086c410 + I (25) boot: ESP-IDF v5.1-dev-4270-g4bff4ed6e5-dirty 2nd stage bootloader + I (25) boot: compile time Mar 27 2023 16:48:49 + I (27) boot: chip revision: v0.0 + I (30) boot.esp32c6: SPI Speed : 40MHz + I (35) boot.esp32c6: SPI Mode : DIO + I (40) boot.esp32c6: SPI Flash Size : 2MB + I (44) boot: Enabling RNG early entropy source... + W (50) bootloader_random: bootloader_random_enable() has not been implemented yet + I (58) boot: Partition Table: + I (62) boot: ## Label Usage Type ST Offset Length + I (69) boot: 0 nvs WiFi data 01 02 0000a000 00006000 + I (76) boot: 1 storage Unknown data 01 ff 00010000 00001000 + I (84) boot: 2 factory factory app 00 00 00020000 00100000 + I (91) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (99) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (106) boot: End of partition table + I (110) esp_image: segment 0: paddr=00020020 vaddr=42018020 size=090e8h ( 37096) map + I (126) esp_image: segment 1: paddr=00029110 vaddr=40800000 size=06f08h ( 28424) load + I (134) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=12fd8h ( 77784) map + I (151) esp_image: segment 3: paddr=00043000 vaddr=40806f08 size=03c00h ( 15360) load + I (158) boot: Loaded app from partition at offset 0x20000 + I (158) boot: Checking flash encryption... + I (160) efuse: Batch mode of writing fields is enabled + I (165) flash_encrypt: Generating new flash encryption key... + I (174) efuse: Writing EFUSE_BLK_KEY0 with purpose 4 + W (178) flash_encrypt: Not disabling UART bootloader encryption + I (184) flash_encrypt: Disable UART bootloader cache... + I (190) flash_encrypt: Disable JTAG... + I (197) efuse: BURN BLOCK4 + I (204) efuse: BURN BLOCK4 - OK (write block == read block) + I (206) efuse: BURN BLOCK0 + I (212) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (216) efuse: Batch mode. Prepared fields are committed + I (222) esp_image: segment 0: paddr=00000020 vaddr=4086c410 size=00d5ch ( 3420) + I (231) esp_image: segment 1: paddr=00000d84 vaddr=4086e610 size=04584h ( 17796) + I (240) esp_image: segment 2: paddr=00005310 vaddr=40875888 size=02bach ( 11180) + I (632) flash_encrypt: bootloader encrypted successfully + I (679) flash_encrypt: partition table encrypted and loaded successfully + I (680) flash_encrypt: Encrypting partition 1 at offset 0x10000 (length 0x1000)... + I (732) flash_encrypt: Done encrypting + I (732) esp_image: segment 0: paddr=00020020 vaddr=42018020 size=090e8h ( 37096) map + I (741) esp_image: segment 1: paddr=00029110 vaddr=40800000 size=06f08h ( 28424) + I (747) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=12fd8h ( 77784) map + I (765) esp_image: segment 3: paddr=00043000 vaddr=40806f08 size=03c00h ( 15360) + I (769) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... + I (13025) flash_encrypt: Done encrypting + I (13025) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)... + I (13074) flash_encrypt: Done encrypting + I (13075) efuse: BURN BLOCK0 + I (13077) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (13078) flash_encrypt: Flash encryption completed + I (13083) boot: Resetting with flash encryption enabled... + ------ .. already_en_enc +.. code-block:: none + + rst:0x3 (LP_SW_HPSYS),boot:0xc (SPI_FAST_FLASH_BOOT) + Saved PC:0x4001974a + SPIWP:0xee + mode:DIO, clock div:2 + load:0x4086c410,len:0xd5c + load:0x4086e610,len:0x4584 + load:0x40875888,len:0x2bac + entry 0x4086c410 + I (24) boot: ESP-IDF v5.1-dev-4270-g4bff4ed6e5-dirty 2nd stage bootloader + I (24) boot: compile time Mar 27 2023 16:48:49 + I (25) boot: chip revision: v0.0 + I (29) boot.esp32c6: SPI Speed : 40MHz + I (34) boot.esp32c6: SPI Mode : DIO + I (39) boot.esp32c6: SPI Flash Size : 2MB + I (43) boot: Enabling RNG early entropy source... + W (49) bootloader_random: bootloader_random_enable() has not been implemented yet + I (57) boot: Partition Table: + I (60) boot: ## Label Usage Type ST Offset Length + I (68) boot: 0 nvs WiFi data 01 02 0000a000 00006000 + I (75) boot: 1 storage Unknown data 01 ff 00010000 00001000 + I (83) boot: 2 factory factory app 00 00 00020000 00100000 + I (90) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (98) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (105) boot: End of partition table + I (109) esp_image: segment 0: paddr=00020020 vaddr=42018020 size=090e8h ( 37096) map + I (126) esp_image: segment 1: paddr=00029110 vaddr=40800000 size=06f08h ( 28424) load + I (134) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=12fd8h ( 77784) map + I (152) esp_image: segment 3: paddr=00043000 vaddr=40806f08 size=03c00h ( 15360) load + I (159) boot: Loaded app from partition at offset 0x20000 + I (159) boot: Checking flash encryption... + I (160) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) + I (168) boot: Disabling RNG early entropy source... + W (173) bootloader_random: bootloader_random_enable() has not been implemented yet + I (193) cpu_start: Pro cpu up. + W (202) clk: esp_perip_clk_init() has not been implemented yet + I (208) cpu_start: Pro cpu start user code + I (209) cpu_start: cpu freq: 160000000 Hz + I (209) cpu_start: Application information: + I (211) cpu_start: Project name: flash_encryption + I (217) cpu_start: App version: v5.1-dev-4270-g4bff4ed6e5-dirty + I (224) cpu_start: Compile time: Mar 27 2023 16:49:00 + I (230) cpu_start: ELF file SHA256: df1dd35054510e16... + I (236) cpu_start: ESP-IDF: v5.1-dev-4270-g4bff4ed6e5-dirty + I (243) cpu_start: Min chip rev: v0.0 + I (248) cpu_start: Max chip rev: v0.99 + I (253) cpu_start: Chip rev: v0.0 + I (258) heap_init: Initializing. RAM available for dynamic allocation: + I (265) heap_init: At 4080B9E0 len 00070C30 (451 KiB): D/IRAM + I (271) heap_init: At 4087C610 len 00002F54 (11 KiB): STACK/DIRAM + I (278) heap_init: At 50000010 len 00003FF0 (15 KiB): RTCRAM + I (285) spi_flash: detected chip: generic + I (289) spi_flash: flash io: dio + W (293) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header. + W (306) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure) + I (314) sleep: Configure to isolate all GPIO pins in sleep state + I (320) sleep: Enable automatic switching of GPIO sleep configuration + I (327) coexist: coex firmware version: 5315623 + I (333) coexist: coexist rom version 5b8dcfa + I (338) app_start: Starting scheduler on CPU0 + I (342) main_task: Started on CPU0 + I (342) main_task: Calling app_main() + + Example to check Flash Encryption status + This is esp32c6 chip with 1 CPU core(s), WiFi/BLE, silicon revision v0.0, 2MB external flash + FLASH_CRYPT_CNT eFuse value is 1 + Flash encryption feature is enabled in DEVELOPMENT mode -TO BE UPDATED TODO IDF-5932 ------ diff --git a/docs/en/security/esp32h2_log.inc b/docs/en/security/esp32h2_log.inc index d05109d0d9..bb93f6ffc5 100644 --- a/docs/en/security/esp32h2_log.inc +++ b/docs/en/security/esp32h2_log.inc @@ -1,13 +1,138 @@ .. first_boot_enc -TO BE UPDATED +.. code-block:: none + + rst:0x1 (POWERON),boot:0xc (SPI_FAST_FLASH_BOOT) + SPIWP:0xee + mode:DIO, clock div:1 + load:0x4083cfd0,len:0xc0c + load:0x4083efd0,len:0x45c0 + load:0x40846248,len:0x2b48 + entry 0x4083cfd0 + I (25) boot: ESP-IDF v5.1-dev-4270-g4bff4ed6e5 2nd stage bootloader + I (25) boot: compile time Mar 27 2023 16:40:47 + I (26) boot: chip revision: v0.0 + I (29) boot.esp32h2: SPI Speed : 64MHz + I (34) boot.esp32h2: SPI Mode : DIO + I (39) boot.esp32h2: SPI Flash Size : 2MB + I (44) boot: Enabling RNG early entropy source... + W (49) bootloader_random: bootloader_random_enable() has not been implemented yet + I (57) boot: Partition Table: + I (61) boot: ## Label Usage Type ST Offset Length + I (68) boot: 0 nvs WiFi data 01 02 0000a000 00006000 + I (76) boot: 1 storage Unknown data 01 ff 00010000 00001000 + I (83) boot: 2 factory factory app 00 00 00020000 00100000 + I (90) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (98) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (106) boot: End of partition table + I (110) esp_image: segment 0: paddr=00020020 vaddr=42020020 size=096e0h ( 38624) map + I (128) esp_image: segment 1: paddr=00029708 vaddr=40800000 size=06910h ( 26896) load + I (135) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=1b708h (112392) map + I (163) esp_image: segment 3: paddr=0004b730 vaddr=40806910 size=02a08h ( 10760) load + I (167) esp_image: segment 4: paddr=0004e140 vaddr=40809320 size=00e5ch ( 3676) load + I (172) boot: Loaded app from partition at offset 0x20000 + I (175) boot: Checking flash encryption... + I (180) efuse: Batch mode of writing fields is enabled + I (186) flash_encrypt: Generating new flash encryption key... + I (194) efuse: Writing EFUSE_BLK_KEY0 with purpose 4 + W (198) flash_encrypt: Not disabling UART bootloader encryption + I (204) flash_encrypt: Disable JTAG... + I (212) efuse: BURN BLOCK4 + I (219) efuse: BURN BLOCK4 - OK (write block == read block) + I (221) efuse: BURN BLOCK0 + I (227) efuse: BURN BLOCK0 - OK (write block == read block) + I (231) efuse: Batch mode. Prepared fields are committed + I (236) esp_image: segment 0: paddr=00000020 vaddr=4083cfd0 size=00c0ch ( 3084) + I (245) esp_image: segment 1: paddr=00000c34 vaddr=4083efd0 size=045c0h ( 17856) + I (255) esp_image: segment 2: paddr=000051fc vaddr=40846248 size=02b48h ( 11080) + I (381) flash_encrypt: bootloader encrypted successfully + I (396) flash_encrypt: partition table encrypted and loaded successfully + I (397) flash_encrypt: Encrypting partition 1 at offset 0x10000 (length 0x1000)... + I (411) flash_encrypt: Done encrypting + I (412) esp_image: segment 0: paddr=00020020 vaddr=42020020 size=096e0h ( 38624) map + I (423) esp_image: segment 1: paddr=00029708 vaddr=40800000 size=06910h ( 26896) + I (430) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=1b708h (112392) map + I (458) esp_image: segment 3: paddr=0004b730 vaddr=40806910 size=02a08h ( 10760) + I (461) esp_image: segment 4: paddr=0004e140 vaddr=40809320 size=00e5ch ( 3676) + I (464) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)... + I (3600) flash_encrypt: Done encrypting + I (3600) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)... + I (3612) flash_encrypt: Done encrypting + I (3613) efuse: BURN BLOCK0 + I (3616) efuse: BURN BLOCK0 - OK (all write block bits are set) + I (3617) flash_encrypt: Flash encryption completed + I (3622) boot: Resetting with flash encryption enabled... + ------ .. already_en_enc +.. code-block:: none + + rst:0x3 (LP_SW_HPSYS),boot:0xc (SPI_FAST_FLASH_BOOT) + Saved PC:0x400031a6 + SPIWP:0xee + mode:DIO, clock div:1 + load:0x4083cfd0,len:0xc0c + load:0x4083efd0,len:0x45c0 + load:0x40846248,len:0x2b48 + entry 0x4083cfd0 + I (27) boot: ESP-IDF v5.1-dev-4270-g4bff4ed6e5 2nd stage bootloader + I (28) boot: compile time Mar 27 2023 16:40:47 + I (28) boot: chip revision: v0.0 + I (32) boot.esp32h2: SPI Speed : 64MHz + I (37) boot.esp32h2: SPI Mode : DIO + I (41) boot.esp32h2: SPI Flash Size : 2MB + I (46) boot: Enabling RNG early entropy source... + W (51) bootloader_random: bootloader_random_enable() has not been implemented yet + I (60) boot: Partition Table: + I (63) boot: ## Label Usage Type ST Offset Length + I (71) boot: 0 nvs WiFi data 01 02 0000a000 00006000 + I (78) boot: 1 storage Unknown data 01 ff 00010000 00001000 + I (86) boot: 2 factory factory app 00 00 00020000 00100000 + I (93) boot: 3 nvs_key NVS keys 01 04 00120000 00001000 + I (100) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000 + I (108) boot: End of partition table + I (112) esp_image: segment 0: paddr=00020020 vaddr=42020020 size=096e0h ( 38624) map + I (131) esp_image: segment 1: paddr=00029708 vaddr=40800000 size=06910h ( 26896) load + I (140) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=1b708h (112392) map + I (171) esp_image: segment 3: paddr=0004b730 vaddr=40806910 size=02a08h ( 10760) load + I (175) esp_image: segment 4: paddr=0004e140 vaddr=40809320 size=00e5ch ( 3676) load + I (180) boot: Loaded app from partition at offset 0x20000 + I (183) boot: Checking flash encryption... + I (188) flash_encrypt: flash encryption is enabled (1 plaintext flashes left) + I (195) boot: Disabling RNG early entropy source... + W (201) bootloader_random: bootloader_random_disable() has not been implemented yet + I (221) cpu_start: Pro cpu up. + W (229) clk: esp_perip_clk_init() has not been implemented yet + I (236) cpu_start: Pro cpu start user code + I (236) cpu_start: cpu freq: 96000000 Hz + I (237) cpu_start: Application information: + I (239) cpu_start: Project name: flash_encryption + I (245) cpu_start: App version: v5.1-dev-4270-g4bff4ed6e5 + I (251) cpu_start: Compile time: Mar 27 2023 16:40:56 + I (257) cpu_start: ELF file SHA256: 42c8d825941d8050... + I (263) cpu_start: ESP-IDF: v5.1-dev-4270-g4bff4ed6e5 + I (270) cpu_start: Min chip rev: v0.0 + I (274) cpu_start: Max chip rev: v0.99 + I (279) cpu_start: Chip rev: v0.0 + I (284) heap_init: Initializing. RAM available for dynamic allocation: + I (291) heap_init: At 4080B010 len 00042370 (264 KiB): D/IRAM + I (298) heap_init: At 4084D380 len 00002B60 (10 KiB): STACK/DIRAM + I (305) spi_flash: detected chip: generic + I (309) spi_flash: flash io: dio + W (313) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header. + W (326) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure) + I (334) app_start: Starting scheduler on CPU0 + I (339) main_task: Started on CPU0 + I (339) main_task: Calling app_main() + + Example to check Flash Encryption status + This is esp32h2 chip with 1 CPU core(s), WiFi/BLE, silicon revision v0.0, 2MB external flash + FLASH_CRYPT_CNT eFuse value is 1 + Flash encryption feature is enabled in DEVELOPMENT mode -TO BE UPDATED ------