- When NVS encryption is enabled on SoCs with the HMAC peripheral that have flash encryption
enabled, the HMAC-based NVS encryption scheme is now selected as default instead of the
flash encryption-based scheme.
- If your application previously used the flash encryption-based scheme, you need to manually
configure the NVS encryption scheme to flash encryption from HMAC through ``menuconfig``
or your project's ``sdkconfig`` (i.e., setting ``CONFIG_NVS_SEC_KEY_PROTECT_USING_FLASH_ENC=y``).
This commit global variables such as ESPTOOLPY, ESPSECUREPY, ESPEFUSEPY,
ESPMONITOR and ESPTOOLPY_CHIP from the project_include.cmake file of
esptool_py component. All other components which use these variables
have been updated to fetch the same from esptool_py component's
properties.
Removed
- target markers. Now must use target as parametrization in esp-idf
- host test markers. Now will be automatically added with linux target and qemu marker
- Secure boot V2 verification failed when multiple keys are used to sign the bootloader
and the application is signed with a key other than the first key that is used to
sign the bootloader.
- The issue was introduced as a regression from the commit `ff16ce43`.
- Added a QEMU test for recreating the issue.
- Made SECURE_BOOT_FLASH_BOOTLOADER_DEFAULT independent of SECURE_BOOT_BUILD_SIGNED_BINARIES.
The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/
* Removed bootloader_reset_reason.h and
bootloader_common_get_reset_reason() completely.
Alternative in ROM component is available.
* made esp_efuse.h independent of target-specific rom header
This updates the minimal supported version of CMake to 3.16, which in turn enables us to use more CMake features and have a cleaner build system.
This is the version that provides most new features and also the one we use in our latest docker image for CI.
This commit updates the visibility of various header files and cleans up
some unnecessary inclusions. Also, this commit removes certain header
include paths which were maintained for backward compatibility.
