How to disable secure boot V2 from esp32s2

ankayca
Posts: 14
Joined: Wed Aug 26, 2020 4:58 pm

How to disable secure boot V2 from esp32s2

Postby ankayca » Sun May 09, 2021 1:05 pm


I activated secure boot v2 from :
https://docs.espressif.com/projects/esp ... re-boot-v2
I bought an esp prog to debug esp32s2. Openocd not working with secure boot so I want to disable secure boot.
I disabled from menuconfig but still when I try to flash program with this:

Code: Select all

idf.py flash 
(without port specification)
I got this

Code: Select all

Executing action: flash
Serial port /dev/ttyUSB0
Connecting....
Detecting chip type...
/dev/ttyUSB0 failed to connect: Unsupported Command Error received. Probably this means Secure Download Mode is enabled, autodetection will not work. Need to manually specify the chip.
No serial ports found. Connect a device, or use '-p PORT' option to set a specific port.
Can someone know how secure boot will disable ?

ankayca
Posts: 14
Joined: Wed Aug 26, 2020 4:58 pm

Re: How to disable secure boot V2 from esp32s2

Postby ankayca » Mon May 10, 2021 7:13 pm

Pump !

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: How to disable secure boot V2 from esp32s2

Postby ESP_Angus » Tue May 11, 2021 12:37 am

Hi ankayca,

I'm afraid that it's not possible to disable Secure Boot V2 once enabled. If it was, then this would provide a way to bypass Secure Boot protection.

It is possible to build a new bootloader and/or app, sign them with the key trusted by the device, and flash them.

Code: Select all

/dev/ttyUSB0 failed to connect: Unsupported Command Error received. Probably this means Secure Download Mode is enabled, autodetection will not work. Need to manually specify the chip.
This is a bug in idf.py when the target chip is in Secure Download Mode, the port detection doesn't work. We'll fix this, sorry for the inconvenience, but for a workaround you should be able to do "idf.py -p /dev/ttyUSB0 flash" instead.

(However, note that the new bootloader will fail to boot unless it's signed correctly for Secure Boot V2.)

Who is online

Users browsing this forum: Google [Bot] and 99 guests