flash encryption not happening at first boot

[bs-eng]

Hello!
Lately I released a new version of my project and as always enabled secure boot and flash encryption for final build.
When flashing the firmware (using flash download tool, as I always did) I notice that on first boot the flash encryption is not happening. On subsequent boots also nothing happens. Interestingly the log shows that flash encryption is in RELEASE mode (as is configured). Also the app works as intended.
When reading out the contents of the flash to check encryption I find several plain text strings, which mean indeed nothing got encrypted.

Code: Select all

esptool.py -p COM93 -b 460800 read_flash 0 0x400000 u:\flash_contents.bin

v<y5ï9ê=v<y5ï9ê½ àþB.æ? àþB.æ¿ à? à¿ ÐÏCëýL> @¸â? ð? ø? 0C 0ë«««««««xV4ïÍ« esp_task_wdt_init(CONFIG_TASK_WDT_TIMEOUT_S, false) /workshop/audio/audio_idf/esp-idf-audio-3.0/components/esp32/./cpu_start.c esp_task_wdt_add(idle_0) esp_task_wdt_add(idle_1) cpu_start [0;31mE (%d) %s: External RAM could not be added to heap![0m
[0;31mE (%d) %s: Could not reserve internal/DMA pool![0m
/dev/uart/0 err == ESP_OK && "Failed to init pthread module!" main res == pdTRUE [0;31mE (%d) %s: Failed to init external RAM![0m
[0;31mE (%d) %s: External RAM failed memory test![0m
main_task start_cpu0_default cpuid == xPortGetCoreID() /workshop/audio/audio_idf/esp-idf-audio-3.0/components/esp32/./ipc.c ipc%d ipc_task esp_ipc_init /workshop/audio/audio_idf/esp-idf-audio-3.0/components/esp32/./esp_timer.c esp_timer timer@%p %12lld %12lld
timer_task /workshop/audio/audio_idf/esp-idf-audio-3.0/components/esp32/./dport_access.c dport esp_dport_access_int_init esp_dport_access_stall_other_cpu_end "(Cannot use REG_GET_FIELD for DPORT registers use DPORT_REG_GET_FIELD)" && (!((((((0x3ff40000 + (uart_no) * 0x10000 + ( (uart_no) > 1 ? 0xe000 : 0 ) ) + 0x1C))) >= 0x3ff00000) && ((((0x3ff40000 + (uart_no) * 0x10000 + ( (uart_no) > 1 ? 0xe000 : 0 ) ) + 0x1C))) <= 0x3ff13FFC)) /workshop/audio/audio_idf/esp-idf-audio-3.0/components/esp32/include/rom/uart.h system_api [0;31mE (%d) %s: Base MAC address is NULL[0m
[0;31mE (%d) %s: Base MAC address from BLK3 of EFUSE version error, version = %d[0m
[0;31mE (%d) %s: Base MAC address from BLK3 of EFUSE CRC error, efuse_crc = 0x%02x; calc_crc = 0x%02x[0m
[0;31mE (%d) %s: Base MAC address from BLK0 of EFUSE CRC error, efuse_crc = 0x%02x; calc_crc = 0x%02x[0m
[0;31mE (%d) %s: mac address param is NULL[0m
[0;31mE (%d) %s: mac type is incorrect[0m

So I checked the efuses and got the following result:

Code: Select all

espefuse.py --port COM93 summary

Code: Untitled.txt Select all

espefuse.py v2.9-dev

Connecting....

EFUSE_NAME             Description = [Meaningful Value] [Readable/Writeable] (Hex Value)

----------------------------------------------------------------------------------------

Security fuses:

FLASH_CRYPT_CNT        Flash encryption mode counter                     = 127 R/W (0x7f)

UART_DOWNLOAD_DIS      Disable UART download mode (ESP32 rev3 only)      = 0 R/W (0x0)

FLASH_CRYPT_CONFIG     Flash encryption config (key tweak bits)          = 15 R/W (0xf)

CONSOLE_DEBUG_DISABLE  Disable ROM BASIC interpreter fallback            = 1 R/W (0x1)

ABS_DONE_0             secure boot enabled for bootloader                = 1 R/W (0x1)

ABS_DONE_1             secure boot abstract 1 locked                     = 0 R/W (0x0)

JTAG_DISABLE           Disable JTAG                                      = 1 R/W (0x1)

DISABLE_DL_ENCRYPT     Disable flash encryption in UART bootloader       = 1 R/W (0x1)

DISABLE_DL_DECRYPT     Disable flash decryption in UART bootloader       = 1 R/W (0x1)

DISABLE_DL_CACHE       Disable flash cache in UART bootloader            = 1 R/W (0x1)

BLK1                   Flash encryption key

  = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-

BLK2                   Secure boot key

  = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-

BLK3                   Variable Block 3

  = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W



Efuse fuses:

WR_DIS                 Efuse write disable mask                          = 384 R/W (0x180)

RD_DIS                 Efuse read disablemask                            = 3 R/W (0x3)

CODING_SCHEME          Efuse variable block length scheme                = 0 R/W (0x0)

KEY_STATUS             Usage of efuse block 3 (reserved)                 = 0 R/W (0x0)



Config fuses:

XPD_SDIO_FORCE         Ignore MTDI pin (GPIO12) for VDD_SDIO on reset    = 0 R/W (0x0)

XPD_SDIO_REG           If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset   = 0 R/W (0x0)

XPD_SDIO_TIEH          If XPD_SDIO_FORCE & XPD_SDIO_REG, 1=3.3V 0=1.8V   = 0 R/W (0x0)

CLK8M_FREQ             8MHz clock freq override                          = 50 R/W (0x32)

SPI_PAD_CONFIG_CLK     Override SD_CLK pad (GPIO6/SPICLK)                = 0 R/W (0x0)

SPI_PAD_CONFIG_Q       Override SD_DATA_0 pad (GPIO7/SPIQ)               = 0 R/W (0x0)

SPI_PAD_CONFIG_D       Override SD_DATA_1 pad (GPIO8/SPID)               = 0 R/W (0x0)

SPI_PAD_CONFIG_HD      Override SD_DATA_2 pad (GPIO9/SPIHD)              = 0 R/W (0x0)

SPI_PAD_CONFIG_CS0     Override SD_CMD pad (GPIO11/SPICS0)               = 0 R/W (0x0)

DISABLE_SDIO_HOST      Disable SDIO host                                 = 0 R/W (0x0)



Identity fuses:

MAC                    Factory MAC Address

  = 44:17:93:e6:47:b8 (CRC 0xfe OK) R/W

CHIP_VER_REV1          Silicon Revision 1                                = 1 R/W (0x1)

CHIP_VER_REV2          Silicon Revision 2                                = 1 R/W (0x1)

CHIP_VERSION           Reserved for future chip versions                 = 2 R/W (0x2)

CHIP_PACKAGE           Chip package identifier                           = 1 R/W (0x1)



Calibration fuses:

BLK3_PART_RESERVE      BLOCK3 partially served for ADC calibration data  = 0 R/W (0x0)

ADC_VREF               Voltage reference calibration                     = 1100 R/W (0x10)



Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).

To my understanding this looks like secure boot and flash encryption got enabled, but the encryption did not start (FLASH_CRYPT_CNT = 127/0x7F).
Is that correct?
What went wrong?
What other helpful info can one get out of the efuses summary? Yes, I did read the docs - I guess I dont understand much of the meanings.

Why does the flash doesn't get encrypted?
What can I do to solve that?

Thanks a lot!
Cheers
JR

[rpiloverbd]

Not sure but you may get some idea from this thread: viewtopic.php?t=26616

[bs-eng]

Yes, I read that thread before, but dont see how it relates to my issue.
The firmware used to be correctly flashed and then encryprting.
From the efuse summary in the other post I see hardly any similarities.

Am I missing the point?
Did you see something I didn't?

Thx!

[WiFive]

Nothing wrong with those efuses. Encryption and secure boot are enabled. What does bootloader log say? Are you sure those plaintext aren't leftover from a previous flash because you didn't do a full flash erase?

[bs-eng]

Thx for checking the efuse summary! I also thought that everything looked ok - but I am not an expert on that.

So it turned out that the path to the pem-file was misspelled. Interestingly the Build still continues in spite of such error.
Thanks for your pointers!
Cheer
JR

[bs-eng]

I still need help on this issueas it turned out that the misspelling is not the cause.
Flash memory is still plain text without any encryption.

Things I observe:
- there is no message on first boot that flash is getting encrypted
- readout from flash shows plainntext data in flash (just like described in above post)
- compile process goes through without any error
- fuse report is identical as above

I am clueless by now.
Any pointers?
Thx!
JR

[WiFive]

Post the boot log

[bs-eng]

I digged in more until I realized, that the encrypted parts in the flash are indeed left overs of previous programs. Miscalculation of program size on my side.
Thanks for looking into my issue anyways!!
Cheers
JR