From d7615df61699631efcada9bad9c8c302e7875bf5 Mon Sep 17 00:00:00 2001
From: Angus Gratton <angus@espressif.com>
Date: Wed, 26 Sep 2018 16:57:44 +1000
Subject: [PATCH 1/2] bootloader: Don't enable secure boot or flash encryption
 for 3/4 Coding Scheme

---
 components/bootloader_support/src/flash_encrypt.c | 5 +++++
 components/bootloader_support/src/secure_boot.c   | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/components/bootloader_support/src/flash_encrypt.c b/components/bootloader_support/src/flash_encrypt.c
index a9e8f8f9b..9f02adcbe 100644
--- a/components/bootloader_support/src/flash_encrypt.c
+++ b/components/bootloader_support/src/flash_encrypt.c
@@ -62,6 +62,11 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
 
 static esp_err_t initialise_flash_encryption(void)
 {
+    if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
+        ESP_LOGE(TAG, "Flash Encryption is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
+        return ESP_ERR_NOT_SUPPORTED;
+    }
+
     /* Before first flash encryption pass, need to initialise key & crypto config */
 
     /* Generate key */
diff --git a/components/bootloader_support/src/secure_boot.c b/components/bootloader_support/src/secure_boot.c
index 6d8bc6107..36f9ea8c6 100644
--- a/components/bootloader_support/src/secure_boot.c
+++ b/components/bootloader_support/src/secure_boot.c
@@ -110,6 +110,11 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
         return ESP_OK;
     }
 
+    if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
+        ESP_LOGE(TAG, "Secure Boot is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
+        return ESP_ERR_NOT_SUPPORTED;
+    }
+
     /* Verify the bootloader */
     esp_image_metadata_t bootloader_data = { 0 };
     err = esp_image_verify_bootloader_data(&bootloader_data);

From 1755fba8dc0e135ec8a78948afe8bc21c2b09d1c Mon Sep 17 00:00:00 2001
From: Angus Gratton <angus@espressif.com>
Date: Thu, 27 Sep 2018 10:12:00 +1000
Subject: [PATCH 2/2] esptool: Update to v2.5.1

Release notes: https://github.com/espressif/esptool/releases/tag/v2.5.1

Needed to no longer burn keys if 3/4 Coding Scheme is enabled.
---
 components/esptool_py/esptool | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/esptool_py/esptool b/components/esptool_py/esptool
index fd8c25d21..59b8dd8bf 160000
--- a/components/esptool_py/esptool
+++ b/components/esptool_py/esptool
@@ -1 +1 @@
-Subproject commit fd8c25d2160505fb9d5abbe56f85116a136afb05
+Subproject commit 59b8dd8bfe3927dc11ffc06603fa082cb0f523bb