flash_encryption: return more clear error codes when bootloader encryption fails
This commit is contained in:
parent
b3d8847406
commit
6f27992430
3 changed files with 3 additions and 4 deletions
|
@ -601,7 +601,7 @@ menu "Security features"
|
||||||
|
|
||||||
config SECURE_BOOT_ALLOW_ROM_BASIC
|
config SECURE_BOOT_ALLOW_ROM_BASIC
|
||||||
bool "Leave ROM BASIC Interpreter available on reset"
|
bool "Leave ROM BASIC Interpreter available on reset"
|
||||||
depends on SECURE_BOOT_INSECURE || SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT && IDF_TARGET_ESP32
|
depends on (SECURE_BOOT_INSECURE || SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT) && IDF_TARGET_ESP32
|
||||||
default N
|
default N
|
||||||
help
|
help
|
||||||
By default, the BASIC ROM Console starts on reset if no valid bootloader is
|
By default, the BASIC ROM Console starts on reset if no valid bootloader is
|
||||||
|
|
|
@ -233,7 +233,7 @@ static esp_err_t encrypt_bootloader(void)
|
||||||
image_length += FLASH_SECTOR_SIZE;
|
image_length += FLASH_SECTOR_SIZE;
|
||||||
if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
|
if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) {
|
||||||
ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
|
ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET);
|
||||||
return ESP_ERR_INVALID_STATE;
|
return ESP_ERR_INVALID_SIZE;
|
||||||
}
|
}
|
||||||
#endif // CONFIG_SECURE_BOOT_V2_ENABLED
|
#endif // CONFIG_SECURE_BOOT_V2_ENABLED
|
||||||
|
|
||||||
|
@ -248,7 +248,7 @@ static esp_err_t encrypt_bootloader(void)
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
ESP_LOGW(TAG, "no valid bootloader was found");
|
ESP_LOGW(TAG, "no valid bootloader was found");
|
||||||
return ESP_ERR_INVALID_STATE;
|
return ESP_ERR_NOT_FOUND;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,5 @@
|
||||||
# CMakeLists in this exact order for cmake to work correctly
|
# CMakeLists in this exact order for cmake to work correctly
|
||||||
cmake_minimum_required(VERSION 3.5)
|
cmake_minimum_required(VERSION 3.5)
|
||||||
|
|
||||||
# Flash encryption not currently supported for ESP32-S2
|
|
||||||
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
|
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
|
||||||
project(flash_encryption)
|
project(flash_encryption)
|
||||||
|
|
Loading…
Reference in a new issue