Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ESP32] Support flash encryption and nvs encryption #20530

Merged
merged 1 commit into from
Jul 9, 2022
Merged

[ESP32] Support flash encryption and nvs encryption #20530

merged 1 commit into from
Jul 9, 2022

Conversation

woody-apple
Copy link
Contributor

Problem

Change overview

  • Added an option to encrypt the factory partition.
  • Securely initialize the NVS partition if NVS encryption is enabled
  • Added user guide for flash encryption in lighting-app/esp32

Testing

  • Manually tested: Generated the encrypted factory partition and flashed it and performed commissioning

@shubhamdp @web-flow
[ESP32] Support flash encryption and nvs encryption (#20414)
de9bb55 
- Added an option to encrypt the factory partition.
- Securely initialize the NVS partition if NVS encryption is enabled
- Added user guide for flash encryption in lighting-app/esp32
@github-actions
Copy link

github-actions bot commented Jul 9, 2022
edited
Loading

PR #20530: Size comparison from 9bf15ff to de9bb55

Increases (2 builds for cyw30739, telink)
platform target config section 9bf15ff de9bb55 change % change
cyw30739 lock cyw930739m2evb_01 (read/write) 585294 585302 8 0.0
.app_xip_area 459328 459336 8 0.0
telink lighting-app tlsr9518adk80d (read/write) 816664 816672 8 0.0
text 581672 581674 2 0.0
Full report (41 builds for cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
platform target config section 9bf15ff de9bb55 change % change
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 665899 665899 0 0.0
(read/write) 185324 185324 0 0.0
.bss 74116 74116 0 0.0
.data 3356 3356 0 0.0
.rodata 88067 88067 0 0.0
.text 577516 577516 0 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 631691 631691 0 0.0
(read/write) 157684 157684 0 0.0
.bss 73412 73412 0 0.0
.data 3356 3356 0 0.0
.rodata 77307 77307 0 0.0
.text 554060 554060 0 0.0
lock-ftd LP_CC2652R7 (read only) 668799 668799 0 0.0
(read/write) 172568 172568 0 0.0
.bss 71148 71148 0 0.0
.data 3280 3280 0 0.0
.rodata 76207 76207 0 0.0
.text 592112 592112 0 0.0
lock-mtd LP_CC2652R7 (read only) 618207 618207 0 0.0
(read/write) 144264 144264 0 0.0
.bss 66868 66868 0 0.0
.data 3280 3280 0 0.0
.rodata 76087 76087 0 0.0
.text 541632 541632 0 0.0
pump-app LP_CC2652R7 (read only) 677951 677951 0 0.0
(read/write) 164264 164264 0 0.0
.bss 71228 71228 0 0.0
.data 3280 3280 0 0.0
.rodata 88431 88431 0 0.0
.text 589036 589036 0 0.0
pump-controller-app LP_CC2652R7 (read only) 663775 663775 0 0.0
(read/write) 178560 178560 0 0.0
.bss 71348 71348 0 0.0
.data 3276 3276 0 0.0
.rodata 84295 84295 0 0.0
.text 579000 579000 0 0.0
shell LP_CC2652R7 (read only) 658382 658382 0 0.0
(read/write) 188344 188344 0 0.0
.bss 76420 76420 0 0.0
.data 3360 3360 0 0.0
.rodata 84846 84846 0 0.0
.text 573220 573220 0 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 579374 579374 0 0.0
.app_xip_area 458144 458144 0 0.0
.bss 64184 64184 0 0.0
.data 716 716 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 585294 585302 8 0.0
.app_xip_area 459328 459336 8 0.0
.bss 68912 68912 0 0.0
.data 720 720 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 582470 582470 0 0.0
.app_xip_area 462088 462088 0 0.0
.bss 63392 63392 0 0.0
.data 660 660 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A (read/write) 1080884 1080884 0 0.0
.bss 132996 132996 0 0.0
.data 2048 2048 0 0.0
.text 945820 945820 0 0.0
BRD4161A+rpc (read/write) 1135196 1135196 0 0.0
.bss 149676 149676 0 0.0
.data 2260 2260 0 0.0
.text 983240 983240 0 0.0
BRD4161A+rs911x (read/write) 947396 947396 0 0.0
.bss 140768 140768 0 0.0
.data 2048 2048 0 0.0
.text 804560 804560 0 0.0
lock-app BRD4161A+wf200 (read/write) 1128280 1128280 0 0.0
.bss 144184 144184 0 0.0
.data 2060 2060 0 0.0
.text 982012 982012 0 0.0
window-app BRD4161A (read/write) 1074668 1074668 0 0.0
.bss 134468 134468 0 0.0
.data 2076 2076 0 0.0
.text 938100 938100 0 0.0
esp32 all-clusters-app c3devkit (read only) 1019724 1019724 0 0.0
(read/write) 1485458 1485458 0 0.0
.dram0.bss 70080 70080 0 0.0
.dram0.data 14600 14600 0 0.0
.flash.rodata 215344 215344 0 0.0
.flash.text 1019724 1019724 0 0.0
.iram0.text 62902 62902 0 0.0
m5stack (read only) 1073651 1073651 0 0.0
(read/write) 487536 487536 0 0.0
.dram0.bss 75600 75600 0 0.0
.dram0.data 34144 34144 0 0.0
.flash.rodata 245796 245796 0 0.0
.flash.text 1068267 1068267 0 0.0
.iram0.text 123267 123267 0 0.0
k32w light k32w061+release (read/write) 658432 658432 0 0.0
.bss 69516 69516 0 0.0
.data 1992 1992 0 0.0
.text 581124 581124 0 0.0
lock k32w061+release (read/write) 685188 685188 0 0.0
.bss 69980 69980 0 0.0
.data 2004 2004 0 0.0
.text 607404 607404 0 0.0
linux all-clusters-app debug (read only) 2959521 2959521 0 0.0
(read/write) 154744 154744 0 0.0
.bss 61536 61536 0 0.0
.data 2048 2048 0 0.0
.data.rel.ro 84968 84968 0 0.0
.dynamic 608 608 0 0.0
.got 4536 4536 0 0.0
.init 27 27 0 0.0
.init_array 1040 1040 0 0.0
.rodata 263549 263549 0 0.0
.text 2518786 2518786 0 0.0
all-clusters-minimal-app debug (read only) 2812065 2812065 0 0.0
(read/write) 146680 146680 0 0.0
.bss 60864 60864 0 0.0
.data 2048 2048 0 0.0
.data.rel.ro 77608 77608 0 0.0
.dynamic 608 608 0 0.0
.got 4488 4488 0 0.0
.init 27 27 0 0.0
.init_array 1040 1040 0 0.0
.rodata 265245 265245 0 0.0
.text 2371810 2371810 0 0.0
bridge-app debug+rpc (read only) 2314473 2314473 0 0.0
(read/write) 125504 125504 0 0.0
.bss 48928 48928 0 0.0
.data 3824 3824 0 0.0
.data.rel.ro 66984 66984 0 0.0
.dynamic 608 608 0 0.0
.got 4392 4392 0 0.0
.init 27 27 0 0.0
.init_array 728 728 0 0.0
.rodata 197952 197952 0 0.0
.text 1954786 1954786 0 0.0
chip-tool debug (read only) 10296457 10296457 0 0.0
(read/write) 621312 621312 0 0.0
.bss 24728 24728 0 0.0
.data 3234 3234 0 0.0
.data.rel.ro 586944 586944 0 0.0
.dynamic 608 608 0 0.0
.got 5096 5096 0 0.0
.init 27 27 0 0.0
.init_array 640 640 0 0.0
.rodata 514197 514197 0 0.0
.text 8352804 8352804 0 0.0
chip-tool-no-interactive-ipv6only arm64 (read only) 9990004 9990004 0 0.0
(read/write) 683569 683569 0 0.0
.bss 42609 42609 0 0.0
.data 1152 1152 0 0.0
.data.rel.ro 622480 622480 0 0.0
.dynamic 528 528 0 0.0
.got 13512 13512 0 0.0
.init 24 24 0 0.0
.init_array 192 192 0 0.0
.rodata 476340 476340 0 0.0
.text 7955316 7955316 0 0.0
lighting-app debug+rpc (read only) 2549961 2549961 0 0.0
(read/write) 129528 129528 0 0.0
.bss 49440 49440 0 0.0
.data 2096 2096 0 0.0
.data.rel.ro 72136 72136 0 0.0
.dynamic 608 608 0 0.0
.got 4392 4392 0 0.0
.init 27 27 0 0.0
.init_array 816 816 0 0.0
.rodata 213608 213608 0 0.0
.text 2166386 2166386 0 0.0
lock-app debug (read only) 2514577 2514577 0 0.0
(read/write) 124504 124504 0 0.0
.bss 47840 47840 0 0.0
.data 1712 1712 0 0.0
.data.rel.ro 69096 69096 0 0.0
.dynamic 608 608 0 0.0
.got 4424 4424 0 0.0
.init 27 27 0 0.0
.init_array 784 784 0 0.0
.rodata 228648 228648 0 0.0
.text 2120786 2120786 0 0.0
ota-provider-app debug (read only) 2321297 2321297 0 0.0
(read/write) 118312 118312 0 0.0
.bss 47488 47488 0 0.0
.data 1944 1944 0 0.0
.data.rel.ro 63096 63096 0 0.0
.dynamic 608 608 0 0.0
.got 4488 4488 0 0.0
.init 27 27 0 0.0
.init_array 672 672 0 0.0
.rodata 203416 203416 0 0.0
.text 1955106 1955106 0 0.0
ota-requestor-app debug (read only) 2438449 2438449 0 0.0
(read/write) 125216 125216 0 0.0
.bss 49856 49856 0 0.0
.data 2232 2232 0 0.0
.data.rel.ro 67288 67288 0 0.0
.dynamic 608 608 0 0.0
.got 4480 4480 0 0.0
.init 27 27 0 0.0
.init_array 728 728 0 0.0
.rodata 207232 207232 0 0.0
.text 2060066 2060066 0 0.0
shell debug (read only) 2549833 2549833 0 0.0
(read/write) 141096 141096 0 0.0
.bss 57448 57448 0 0.0
.data 1264 1264 0 0.0
.data.rel.ro 76688 76688 0 0.0
.dynamic 608 608 0 0.0
.got 4136 4136 0 0.0
.init 27 27 0 0.0
.init_array 920 920 0 0.0
.rodata 227666 227666 0 0.0
.text 2165090 2165090 0 0.0
thermostat-no-ble arm64 (read only) 2594100 2594100 0 0.0
(read/write) 158289 158289 0 0.0
.bss 65249 65249 0 0.0
.data 1704 1704 0 0.0
.data.rel.ro 83240 83240 0 0.0
.dynamic 528 528 0 0.0
.got 5072 5072 0 0.0
.init 24 24 0 0.0
.init_array 400 400 0 0.0
.rodata 165380 165380 0 0.0
.text 2188944 2188944 0 0.0
tv-app debug (read only) 3101169 3101169 0 0.0
(read/write) 257704 257704 0 0.0
.bss 167016 167016 0 0.0
.data 4848 4848 0 0.0
.data.rel.ro 79392 79392 0 0.0
.dynamic 608 608 0 0.0
.got 4848 4848 0 0.0
.init 27 27 0 0.0
.init_array 952 952 0 0.0
.rodata 248928 248928 0 0.0
.text 2664338 2664338 0 0.0
tv-casting-app debug (read only) 5564545 5564545 0 0.0
(read/write) 161968 161968 0 0.0
.bss 50248 50248 0 0.0
.data 2416 2416 0 0.0
.data.rel.ro 103048 103048 0 0.0
.dynamic 608 608 0 0.0
.got 4736 4736 0 0.0
.init 27 27 0 0.0
.init_array 864 864 0 0.0
.rodata 343209 343209 0 0.0
.text 4943474 4943474 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2447680 2447680 0 0.0
.bss 213940 213940 0 0.0
.data 5872 5872 0 0.0
.text 1410324 1410324 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1174727 1174727 0 0.0
bss 142900 142900 0 0.0
rodata 141776 141776 0 0.0
text 811164 811164 0 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1154919 1154919 0 0.0
bss 142136 142136 0 0.0
rodata 133304 133304 0 0.0
text 800608 800608 0 0.0
p6 all-clusters-app default (read/write) 2564864 2564864 0 0.0
.bss 149120 149120 0 0.0
.data 2776 2776 0 0.0
.text 1523128 1523128 0 0.0
all-clusters-minimal-app default (read/write) 2509904 2509904 0 0.0
.bss 148400 148400 0 0.0
.data 2776 2776 0 0.0
.text 1468168 1468168 0 0.0
light-app default (read/write) 2440208 2440208 0 0.0
.bss 140456 140456 0 0.0
.data 2592 2592 0 0.0
.text 1398472 1398472 0 0.0
lock-app default (read/write) 2467448 2467448 0 0.0
.bss 140304 140304 0 0.0
.data 2600 2600 0 0.0
.text 1425712 1425712 0 0.0
telink light-switch-app tlsr9518adk80d (read/write) 796840 796840 0 0.0
bss 70576 70576 0 0.0
noinit 40416 40416 0 0.0
text 565348 565348 0 0.0
lighting-app tlsr9518adk80d (read/write) 816664 816672 8 0.0
bss 71420 71420 0 0.0
noinit 40416 40416 0 0.0
text 581672 581674 2 0.0

@woody-apple woody-apple merged commit 563de1f into sve Jul 9, 2022
@woody-apple woody-apple deleted the cherry-pick-776c06d5bbda9ea59f8eb28a8d328251fe619d61 branch July 9, 2022 18:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
esp32 examples platform scripts sve cherry pick
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@woody-apple @shubhamdp