Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is it possible for the ESP to simulatneously have both encrypted and unencrypted app partitions? (IDFGH-14388) #15172

Open
Dazza0 opened this issue Jan 9, 2025 · 1 comment
Open

Is it possible for the ESP to simulatneously have both encrypted and unencrypted app partitions? (IDFGH-14388) #15172

Dazza0 opened this issue Jan 9, 2025 · 1 comment
Labels
Status: Opened Issue is new Type: Feature Request Feature request for IDF

Comments

@Dazza0
Copy link
Contributor

Dazza0 commented Jan 9, 2025

Is your feature request related to a problem?

Does the ESP support having both encrypted and unencrypted app partitions at the same time?

According to the Flash Encryption documentation, it is possible to have both encrypted and non-encrypted partitions in flash at the same time via the use of the encrypted flash in partitions.csv.

However, the docs also says that "all flash content accessed via the MMU's flash cache is transparently decrypted". Therefore, does this mean that it is not possible to XIP from flash when there are two or more app partitions in flash, where one is encrypted and the other isn't? In other words, does the MMU flash cache have a setting where it only transparently decrypts certain flash address ranges.

Describe the solution you'd like.

Would be handy if there was some sort of hardware setting to let the MMU flash cache know to only transparently decrypt certain flash address ranges.

Describe alternatives you've considered.

If the MMU flash cache cannot decrypted only specific address ranges, the other possibility is just to read the unencrypted app partition using esp_partition_read(), and writing it into IRAM for execution.

Additional context.

The use case I have in mind is having a factory app which is encrypted and acts as a fallback/default app, and another "user app" which is unencrypted, thus can be easily reprogrammed/OTA'd by the user without needing to share the flash encryption key.
@Dazza0 Dazza0 added the Type: Feature Request Feature request for IDF label Jan 9, 2025
@github-actions github-actions bot changed the title Is it possible for the ESP to simulatneously have both encrypted and unencrypted app partitions? Is it possible for the ESP to simulatneously have both encrypted and unencrypted app partitions? (IDFGH-14388) Jan 9, 2025
@espressif-bot espressif-bot added the Status: Opened Issue is new label Jan 9, 2025
@igrr
Copy link
Member

igrr commented Jan 9, 2025

Therefore, does this mean that it is not possible to XIP from flash when there are two or more app partitions in flash, where one is encrypted and the other isn't?

That's correct, on the existing SoCs this is not possible.

The use case I have in mind is having a factory app which is encrypted and acts as a fallback/default app, and another "user app" which is unencrypted, thus can be easily reprogrammed/OTA'd by the user without needing to share the flash encryption key.

I would recommend adding some sort of "OTA" functionality to the fallback/default app. It doesn't have to be over the air, for example you could support uploading the user application from an SD card or over UART — depending on your hardware. The fallback/default app will then write the user application into an app partition, transparently encrypting it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Opened Issue is new Type: Feature Request Feature request for IDF
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@igrr @Dazza0 @espressif-bot