mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
spi_flash: add config option to enable encrypted partition read/write
This feature can be disabled to save some IRAM (approx 1KB) for cases where flash encryption feature is not required.
This commit is contained in:
parent
0715c86211
commit
e032384c7f
@ -539,6 +539,7 @@ menu "Security features"
|
||||
config SECURE_FLASH_ENC_ENABLED
|
||||
bool "Enable flash encryption on boot (READ DOCS FIRST)"
|
||||
default N
|
||||
select SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
help
|
||||
If this option is set, flash contents will be encrypted by the bootloader on first boot.
|
||||
|
||||
|
@ -139,4 +139,13 @@ menu "SPI Flash driver"
|
||||
|
||||
endmenu #auto detect flash chips
|
||||
|
||||
config SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
bool "Enable encrypted partition read/write operations"
|
||||
default y
|
||||
help
|
||||
This option enables flash read/write operations to encrypted partition/s. This option
|
||||
is kept enabled irrespective of state of flash encryption feature. However, in case
|
||||
application is not using flash encryption feature and is in need of some additional
|
||||
memory from IRAM region (~1KB) then this config can be disabled.
|
||||
|
||||
endmenu
|
||||
|
@ -349,6 +349,7 @@ esp_err_t esp_partition_read(const esp_partition_t* partition,
|
||||
return spi_flash_read(partition->address + src_offset, dst, size);
|
||||
#endif // CONFIG_SPI_FLASH_USE_LEGACY_IMPL
|
||||
} else {
|
||||
#if CONFIG_SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
if (partition->flash_chip != esp_flash_default_chip) {
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
@ -366,6 +367,9 @@ esp_err_t esp_partition_read(const esp_partition_t* partition,
|
||||
memcpy(dst, buf, size);
|
||||
spi_flash_munmap(handle);
|
||||
return ESP_OK;
|
||||
#else
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
#endif // CONFIG_SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
}
|
||||
}
|
||||
|
||||
@ -387,10 +391,14 @@ esp_err_t esp_partition_write(const esp_partition_t* partition,
|
||||
return spi_flash_write(dst_offset, src, size);
|
||||
#endif // CONFIG_SPI_FLASH_USE_LEGACY_IMPL
|
||||
} else {
|
||||
#if CONFIG_SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
if (partition->flash_chip != esp_flash_default_chip) {
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
return spi_flash_write_encrypted(dst_offset, src, size);
|
||||
#else
|
||||
return ESP_ERR_NOT_SUPPORTED;
|
||||
#endif // CONFIG_SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user