Flashing secure boot bootloader with --no-stub will fail, causing invalid header (ESPTOOL-796)

[law-ko]

Operating System

macOS

Esptool Version

esptool.py v4.7.0

Python Version

Python 3.9.7

Chip Description

ESP32-PICO-MINI-02

Device Description

Custom PCB with only EN pin.

Hardware Configuration

No response

How is Esptool Run

macOS

Full Esptool Command Line that Was Run

No response

Esptool Output

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73
invalid header: 0x50203a73

### More Information

<img width="743" alt="Screenshot 2024-01-20 at 11 33 00 AM" src="https://github.com/espressif/esptool/assets/105698389/086ebf97-5b8c-4852-8cbe-923c7800933a">


### Other Steps to Reproduce

1. `idf.py bootloader`
2. `esptool.py --chip esp32 -p /dev/ttyUSB0 -b 460800 --before default_reset --after
no_reset write_flash --flash_mode dio --flash_freq 80m --flash_size 8MB
0x0000 build/bootloader/bootloader.bin` (`--no-stub` option is removed to flash correctly or else would fail)
3. `idf.py build`
4. `idf.py -p /dev/ttyUSB0 flash monitor`

### I Have Read the Troubleshooting Guide

- [X] I confirm I have read the troubleshooting guide.

[dobairoland]

Hi @law-ko! Yes, it is possible to damage your chip by running random esptool commands, especially enabling security features and burning eFuses.

Please follow the guide at https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html in order to avoid issues. We don't support steps different to those presented in the official guide.

You can find more guides here: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/index.html

[radimkarnis]

Hi @law-ko,
I can't reproduce this issue, can you please provide more info:

1. Is the failure visible during flashing (e.g. esptool.py failing to verify MD5 of the flashed file), or only after you start monitoring the app? (invalid header: 0x50203a73 is the only sign of the failure?)
2. You manually remove the --no-stub flag. Is your serial flasher configured in menuconfig to not use the flasher stub?
3. Does the same issue happen if the bootloader is not securely signed?
4. What if you skip the second step? What if bootloader gets flashed during the fourth command? (idf.py -p /dev/ttyUSB0 flash monitor)

Thank you.

[law-ko]

Hi @radimkarnis ,

1. The failure only happens when start monitoring the app
2. I am unable to flash in correctly with the --no-stub command
3. No
4. If the bootloader is already in secure boot configuration, then idf.py flash monitor would not flash the bootloader.

Using idf.py -p /dev/ttyUSB0 bootloader-flash results success in this, what is the difference between using idf.py bootloader-flash and esptool.py write_flash? Does idf.py bootloader-flash includes --no-stub command?

Thank you.

[radimkarnis]

Hello @law-ko,
sorry for the delay.

I just noticed you are trying to flash the bootloader to 0x0 (0x0000 build/bootloader/bootloader.bin).
When using idf.py bootloader-flash, it flashes the bootloader to a pre-defined bootloader offset, which is 0x1000 for the ESP32.

Can you try the correct offset please?

[radimkarnis]

I believe this is a result of a wrong bootloader offset. Closing this issue due to inactivity.