Closed jrahlf closed 2 months ago
Hi @jrahlf We have the API for enabling secure ROM DL mode through the application. https://github.com/espressif/esp-idf/blob/8760e6d2a7e19913bc40675dd71f374bcd51b0ae/components/efuse/include/esp_efuse.h#L360 You can call this API at start to enable the Secure ROM DL mode irrespective of the status of security features.
Closing, hope that API based approach as suggested above works for your case.
Answers checklist.
General issue report
Target: esp32s3, but possibly others Currently one cannot activate SECURE_ENABLE_SECURE_ROM_DL_MODE without also enabling secure boot or flash encryption. This might make sense for devices with external flash, but there are chips like ESP32-S3FN8, which have internal flash. For these, one might just want to prevent firmware readout by enabling
SECURE_ENABLE_SECURE_ROM_DL_MODE=y
, without the disadvantages of secure boot and flash encryption.Suggestion: Remove
SECURE_BOOT_V2_ENABLED || SECURE_FLASH_ENC_ENABLED
dependency. Instead give a textual warning that the option should normally be used in conjunction with secure boot or flash encryption.