bootloader: Refuse to erase the second flash sector.

The second flash sector (address 0x400) stores the flash configuration
field -- resetting the MCU with 0xff stored in there bricks the device.

diff --git a/src/bootloader/bootloader.rs b/src/bootloader/bootloader.rs
index 311b1a60e6a2ed491474eecf0d986c10d58d54a3..d4a686b5ea83a290f16f4518f251c71a5f3fc03f 100644 (file)
--- a/src/bootloader/bootloader.rs
+++ b/src/bootloader/bootloader.rs
@@ -46,6 +46,7 @@ enum Error {
     UnknownCommand = 1,
     InvalidArgument,
     ChecksumMismatch,
+    PermissionDenied,
 }
 
 extern {
@@ -191,6 +192,11 @@ impl Bootloader {
 
         if sector > 0xff {
             Err(Error::InvalidArgument)
+        } else if sector == 0x01 {
+            // The second sector contains the flash configuration field,
+            // and keeping it in the erased state has the potential
+            // to brick the device.
+            Err(Error::PermissionDenied)
         } else {
             flash::erase(sector);