On enabling flash encryption, OTA fails with magic byte error in the second chunk
if the http data is split into two or more chunks and first chunk is less than 16.
Routine `spi_flash_cache2phys` sometimes return incorrect value,
resulting in failure in getting currently running ota partition.
This in turn aborts firmware update process.This issue was more
prominent with SPIRAM enabled cases.
Fix ensures proper cache guards during `spi_flash_cache2phys`, and
also for few other similar APIs.
In addition, `esp_ota_get_running_partition` has also been optimized
to save currently running partition for subsequent invocations.
Fixes https://github.com/espressif/esp-idf/issues/2451
Allows OTA updates to be secured via signature checks, without requiring the overhead or complexity
of a full secure boot implementation.
Uses same signing mechanisms (build system and/or espsecure.py as Secure Boot).
Requires:
* [ ] More testing
* [ ] Documentation
Makes app image booting more reliable (256-bit rather than 8-bit verification.)
Some measurements, time to boot a 655KB app.bin file and run to app_main() execution.
(All for rev 1 silicon, ie no 340ms spurious WDT delay.)
80MHz QIO mode:
before = 300ms
after = 140ms
40MHz DIO mode:
before = 712ms
after = 577ms
40MHz DIO mode, secure boot enabled
before = 1380ms
after = 934ms
(Secure boot involves two ECC signature verifications (partition table, app) that take approx 300ms each with 80MHz CPU.)
Even if firmware is compiled without CONFIG_FLASH_ENCRYPTION_ENABLED
Rayionale: CONFIG_FLASH_ENCRYPTION_ENABLED controls whether boot loader
generates keys for encryption or not, but flash encryption can be
configured externally. With this change, it's possible to have boot
loader not generate keys but still have encryption working.
Also fix use of it->part
Verify 0xE9 magic byte on first write, verify entire image before
switching.
Enable verification for secure boot signature (was using invalid ifdef
guard)
