nvs: add config to ignore "encrypted" flag of nvs partitions

This is to allow having pre IDF v4.3 behavior where "encrypted" flag was not being checked for NVS partitions. It is recommended to enable this new config only if you have production devices where NVS partition was being set with "encrypted" flag by mistake. Please see commit aca9ec28b3 which introduced check to not allow NVS partitions with "encrypted" flag set. More discussion on this at: https://github.com/espressif/esp-idf/issues/5747#issuecomment-956223024 https://github.com/espressif/esp-idf/issues/7839#issuecomment-961477667 Closes https://github.com/espressif/esp-idf/issues/7839 Closes IDFGH-6162
2025-11-02 21:48:13 +00:00 · 2021-11-11 12:16:24 +05:30
parent 98d34e5f6d
commit 893342794f
2 changed files with 20 additions and 0 deletions
--- a/components/spi_flash/partition.c
+++ b/components/spi_flash/partition.c
@@ -230,6 +230,15 @@ static esp_err_t load_partitions(void)
            item->info.encrypted = true;
        }

+#if CONFIG_NVS_COMPATIBLE_PRE_V4_3_ENCRYPTION_FLAG
+        if (entry.type == ESP_PARTITION_TYPE_DATA &&
+                    entry.subtype == ESP_PARTITION_SUBTYPE_DATA_NVS &&
+                    (entry.flags & PART_FLAG_ENCRYPTED)) {
+            ESP_LOGI(TAG, "Ignoring encrypted flag for \"%s\" partition", entry.label);
+            item->info.encrypted = false;
+        }
+#endif
+
        // item->info.label is initialized by calloc, so resulting string will be null terminated
        strncpy(item->info.label, (const char*) entry.label, sizeof(item->info.label) - 1);