From: Tilman Sauerbeck <tilman@code-monkey.de>
Date: Sun, 7 Jul 2019 20:05:03 +0000 (+0200)
Subject: bootloader: Refuse to erase the second flash sector.
X-Git-Url: http://git.code-monkey.de/?a=commitdiff_plain;h=1b1fe0d53c04d6e7d7ff81387399813fb8147161;p=gps-watch.git

bootloader: Refuse to erase the second flash sector.

The second flash sector (address 0x400) stores the flash configuration
field -- resetting the MCU with 0xff stored in there bricks the device.
---

diff --git a/src/bootloader/bootloader.rs b/src/bootloader/bootloader.rs
index 311b1a6..d4a686b 100644
--- a/src/bootloader/bootloader.rs
+++ b/src/bootloader/bootloader.rs
@@ -46,6 +46,7 @@ enum Error {
     UnknownCommand = 1,
     InvalidArgument,
     ChecksumMismatch,
+    PermissionDenied,
 }
 
 extern {
@@ -191,6 +192,11 @@ impl Bootloader {
 
         if sector > 0xff {
             Err(Error::InvalidArgument)
+        } else if sector == 0x01 {
+            // The second sector contains the flash configuration field,
+            // and keeping it in the erased state has the potential
+            // to brick the device.
+            Err(Error::PermissionDenied)
         } else {
             flash::erase(sector);