mirror of
https://github.com/espressif/esp-idf.git
synced 2026-07-14 23:13:00 +03:00
Previously the bootloader unconditionally revoked unused secure boot key digest slots while permanently enabling secure boot on the first boot, ignoring CONFIG_SECURE_BOOT_ALLOW_UNUSED_DIGEST_SLOTS. Now the config is honored on this path too: when set, the unused digest slots are left un-revoked. This is safe as long as the debug and download interfaces are disabled. Update the Kconfig help and the Secure Boot v2 guide (en and zh_CN) accordingly.