From f2a34298120e4f2df7d05a0e56857d292fe2a7c3 Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Wed, 1 Aug 2018 17:54:05 +1000 Subject: [PATCH] partition table: Document 'flags' properly --- docs/en/api-guides/partition-tables.rst | 43 ++++++++++++++----------- docs/en/security/flash-encryption.rst | 2 +- 2 files changed, 26 insertions(+), 19 deletions(-) diff --git a/docs/en/api-guides/partition-tables.rst b/docs/en/api-guides/partition-tables.rst index 67539a8221..eb397f389d 100644 --- a/docs/en/api-guides/partition-tables.rst +++ b/docs/en/api-guides/partition-tables.rst @@ -23,10 +23,10 @@ Built-in Partition Tables Here is the summary printed for the "Single factory app, no OTA" configuration:: # Espressif ESP32 Partition Table - # Name, Type, SubType, Offset, Size - nvs, data, nvs, 0x9000, 0x6000 - phy_init, data, phy, 0xf000, 0x1000 - factory, app, factory, 0x10000, 1M + # Name, Type, SubType, Offset, Size, Flags + nvs, data, nvs, 0x9000, 0x6000, + phy_init, data, phy, 0xf000, 0x1000, + factory, app, factory, 0x10000, 1M, * At a 0x10000 (64KB) offset in the flash is the app labelled "factory". The bootloader will run this app by default. * There are also two data regions defined in the partition table for storing NVS library partition and PHY init data. @@ -34,13 +34,13 @@ Here is the summary printed for the "Single factory app, no OTA" configuration:: Here is the summary printed for the "Factory app, two OTA definitions" configuration:: # Espressif ESP32 Partition Table - # Name, Type, SubType, Offset, Size - nvs, data, nvs, 0x9000, 0x4000 - otadata, data, ota, 0xd000, 0x2000 - phy_init, data, phy, 0xf000, 0x1000 - factory, 0, 0, 0x10000, 1M - ota_0, 0, ota_0, , 1M - ota_1, 0, ota_1, , 1M + # Name, Type, SubType, Offset, Size, Flags + nvs, data, nvs, 0x9000, 0x4000, + otadata, data, ota, 0xd000, 0x2000, + phy_init, data, phy, 0xf000, 0x1000, + factory, 0, 0, 0x10000, 1M, + ota_0, 0, ota_0, 0x110000, 1M, + ota_1, 0, ota_1, 0x210000, 1M, * There are now three app partition definitions. * The type of all three are set as "app", but the subtype varies between the factory app at 0x10000 and the next two "OTA" apps. @@ -53,13 +53,13 @@ If you choose "Custom partition table CSV" in menuconfig then you can also enter The CSV format is the same format as printed in the summaries shown above. However, not all fields are required in the CSV. For example, here is the "input" CSV for the OTA partition table:: - # Name, Type, SubType, Offset, Size - nvs, data, nvs, 0x9000, 0x4000 - otadata, data, ota, 0xd000, 0x2000 - phy_init, data, phy, 0xf000, 0x1000 - factory, app, factory, 0x10000, 1M - ota_0, app, ota_0, , 1M - ota_1, app, ota_1, , 1M + # Name, Type, SubType, Offset, Size, Flags + nvs, data, nvs, , 0x4000, + otadata, data, ota, , 0x2000, + phy_init, data, phy, , 0x1000, + factory, app, factory, , 1M, + ota_0, app, ota_0, , 1M, + ota_1, app, ota_1, , 1M, * Whitespace between fields is ignored, and so is any line starting with # (comments). * Each non-comment line in the CSV file is a partition definition. @@ -129,6 +129,13 @@ Sizes and offsets can be specified as decimal numbers, hex numbers with the pref If you want the partitions in the partition table to work with any starting offset (:envvar:`CONFIG_PARTITION_TABLE_OFFSET`) of the table itself, leave the offset field (in CSV file) for all partitions blank. Similarly, if changing the partition table offset then be aware that all blank partition offsets may change to match, and that any fixed offsets may now collide with the partition table (causing an error). +Flags +~~~~~ + +Only one flag is currently supported, ``encrypted``. If this field is set to ``encrypted``, this partition will be encrypted if :doc:`/security/flash-encryption` is enabled. + +(Note that ``app`` type partitions will always be encrypted, regardless of whether this flag is set or not.) + Generating Binary Partition Table --------------------------------- diff --git a/docs/en/security/flash-encryption.rst b/docs/en/security/flash-encryption.rst index 6981976a6a..acc4b6b164 100644 --- a/docs/en/security/flash-encryption.rst +++ b/docs/en/security/flash-encryption.rst @@ -23,7 +23,7 @@ Background - Secure boot bootloader digest (if secure boot is enabled) - Partition Table - All "app" type partitions - - Any partition marked with the "encrypt" flag in the partition table + - Any partition marked with the "encrypted" flag in the partition table It may be desirable for some data partitions to remain unencrypted for ease of access, or to use flash-friendly update algorithms that are ineffective if the data is encrypted. "NVS" partitions for non-volatile storage cannot be encrypted. -- 2.40.0