1# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD 2# 3# SPDX-License-Identifier: Apache-2.0 4 5CONFIG_ESP_FLASH_SIZE=4MB 6CONFIG_ESP_BOOTLOADER_SIZE=0xF000 7CONFIG_ESP_BOOTLOADER_OFFSET=0x0000 8CONFIG_ESP_IMAGE0_PRIMARY_START_ADDRESS=0x10000 9CONFIG_ESP_APPLICATION_SIZE=0x100000 10CONFIG_ESP_IMAGE0_SECONDARY_START_ADDRESS=0x110000 11CONFIG_ESP_MCUBOOT_WDT_ENABLE=y 12CONFIG_ESP_SCRATCH_OFFSET=0x210000 13CONFIG_ESP_SCRATCH_SIZE=0x40000 14 15# When enabled, prevents updating image to an older version 16# CONFIG_ESP_DOWNGRADE_PREVENTION=y 17# This option makes downgrade prevention rely also on security 18# counter (defined using imgtool) instead of only image version 19# CONFIG_ESP_DOWNGRADE_PREVENTION_SECURITY_COUNTER=y 20 21# Enables the MCUboot Serial Recovery, that allows the use of 22# MCUMGR to upload a firmware through the serial port 23# CONFIG_ESP_MCUBOOT_SERIAL=y 24# Use sector erasing (recommended) instead of entire image size 25# erasing when uploading through Serial Recovery 26# CONFIG_ESP_MCUBOOT_ERASE_PROGRESSIVELY=y 27 28# GPIO used to boot on Serial Recovery 29# CONFIG_ESP_SERIAL_BOOT_GPIO_DETECT=18 30# GPIO input type (0 for Pull-down, 1 for Pull-up) 31# CONFIG_ESP_SERIAL_BOOT_GPIO_INPUT_TYPE=0 32# GPIO signal value 33# CONFIG_ESP_SERIAL_BOOT_GPIO_DETECT_VAL=1 34# Delay time for identify the GPIO signal 35# CONFIG_ESP_SERIAL_BOOT_DETECT_DELAY_S=5 36# UART port used for serial communication (not needed when using USB) 37# CONFIG_ESP_SERIAL_BOOT_UART_NUM=1 38# GPIO for Serial RX signal 39# CONFIG_ESP_SERIAL_BOOT_GPIO_RX=2 40# GPIO for Serial TX signal 41# CONFIG_ESP_SERIAL_BOOT_GPIO_TX=3 42 43# Use UART0 for console printing (use either UART or USB alone) 44CONFIG_ESP_CONSOLE_UART=y 45CONFIG_ESP_CONSOLE_UART_NUM=0 46# Configures alternative UART port for console printing 47# (UART_NUM=0 must not be changed) 48# CONFIG_ESP_CONSOLE_UART_CUSTOM=y 49# CONFIG_ESP_CONSOLE_UART_TX_GPIO=3 50# CONFIG_ESP_CONSOLE_UART_RX_GPIO=2 51 52# CONFIG_ESP_SIGN_EC256=y 53# CONFIG_ESP_SIGN_ED25519=n 54# CONFIG_ESP_SIGN_RSA=n 55# CONFIG_ESP_SIGN_RSA_LEN=2048 56 57# Use Tinycrypt lib for EC256 or ED25519 signing 58# CONFIG_ESP_USE_TINYCRYPT=y 59# Use Mbed TLS lib for RSA image signing 60# CONFIG_ESP_USE_MBEDTLS=n 61 62# It is strongly recommended to generate a new signing key 63# using imgtool instead of use the existent sample 64# CONFIG_ESP_SIGN_KEY_FILE=root-ec-p256.pem 65 66# Hardware Secure Boot related options 67# CONFIG_SECURE_SIGNED_ON_BOOT=1 68# CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME=1 69# CONFIG_SECURE_BOOT=1 70# CONFIG_SECURE_BOOT_V2_ENABLED=1 71 72# Hardware Flash Encryption related options 73# CONFIG_SECURE_FLASH_ENC_ENABLED=1 74# CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=1 75# CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=1 76# CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=1 77# CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=1 78# CONFIG_SECURE_BOOT_ALLOW_JTAG=1 79# CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=1 80 81# This option must be also enabled when enabling both Secure Boot 82# and Flash Encryption at same time 83# CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER=1 84 85# Options for enabling eFuse emulation in Flash 86# CONFIG_EFUSE_VIRTUAL=1 87# CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH=1 88
