Skip to content

Commit 3c6083c

Browse files
nitrousnrgnitrousnrg
committed
Keep the flash memory locked during normal operation
Only unlock when it is necessary to write it. This prevents memory corruptions caused by software or EMI glitches. Signed-off-by: Marcos Chaparro <[email protected]>
1 parent 1ae0593 commit 3c6083c

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

conf_general.c

+5
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ void conf_general_init(void) {
6565
FLASH_ClearFlag(FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR |
6666
FLASH_FLAG_PGPERR | FLASH_FLAG_PGSERR);
6767
EE_Init();
68+
FLASH_Lock();
6869
}
6970

7071
/**
@@ -113,6 +114,7 @@ bool conf_general_store_app_configuration(app_configuration *conf) {
113114
uint8_t *conf_addr = (uint8_t*)conf;
114115
uint16_t var;
115116

117+
FLASH_Unlock();
116118
FLASH_ClearFlag(FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR |
117119
FLASH_FLAG_PGPERR | FLASH_FLAG_PGSERR);
118120

@@ -125,6 +127,7 @@ bool conf_general_store_app_configuration(app_configuration *conf) {
125127
break;
126128
}
127129
}
130+
FLASH_Lock();
128131

129132
timeout_configure_IWDT();
130133

@@ -179,6 +182,7 @@ bool conf_general_store_mc_configuration(mc_configuration *conf) {
179182
bool is_ok = true;
180183
uint8_t *conf_addr = (uint8_t*)conf;
181184

185+
FLASH_Unlock();
182186
FLASH_ClearFlag(FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR |
183187
FLASH_FLAG_PGPERR | FLASH_FLAG_PGSERR);
184188

@@ -191,6 +195,7 @@ bool conf_general_store_mc_configuration(mc_configuration *conf) {
191195
break;
192196
}
193197
}
198+
FLASH_Lock();
194199

195200
timeout_configure_IWDT();
196201

flash_helper.c

+8
Original file line numberDiff line numberDiff line change
@@ -102,12 +102,14 @@ uint16_t flash_helper_erase_new_app(uint32_t new_app_size) {
102102
if (new_app_size > flash_addr[NEW_APP_BASE + i]) {
103103
uint16_t res = FLASH_EraseSector(flash_sector[NEW_APP_BASE + i], VoltageRange_3);
104104
if (res != FLASH_COMPLETE) {
105+
FLASH_Lock();
105106
return res;
106107
}
107108
} else {
108109
break;
109110
}
110111
}
112+
FLASH_Lock();
111113

112114
timeout_configure_IWDT();
113115
utils_sys_unlock_cnt();
@@ -116,6 +118,7 @@ uint16_t flash_helper_erase_new_app(uint32_t new_app_size) {
116118
}
117119

118120
uint16_t flash_helper_write_new_app_data(uint32_t offset, uint8_t *data, uint32_t len) {
121+
FLASH_Unlock();
119122
FLASH_ClearFlag(FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR |
120123
FLASH_FLAG_PGPERR | FLASH_FLAG_PGSERR);
121124

@@ -127,9 +130,11 @@ uint16_t flash_helper_write_new_app_data(uint32_t offset, uint8_t *data, uint32_
127130
for (uint32_t i = 0;i < len;i++) {
128131
uint16_t res = FLASH_ProgramByte(flash_addr[NEW_APP_BASE] + offset + i, data[i]);
129132
if (res != FLASH_COMPLETE) {
133+
FLASH_Lock();
130134
return res;
131135
}
132136
}
137+
FLASH_Lock();
133138

134139
timeout_configure_IWDT();
135140

@@ -228,6 +233,7 @@ uint32_t flash_helper_verify_flash_memory(void) {
228233
//Write the flag to indicate CRC has been computed.
229234
uint16_t res = FLASH_ProgramWord((uint32_t)APP_CRC_WAS_CALCULATED_FLAG_ADDRESS, APP_CRC_WAS_CALCULATED_FLAG);
230235
if (res != FLASH_COMPLETE) {
236+
FLASH_Lock();
231237
return FAULT_CODE_FLASH_CORRUPTION;
232238
}
233239

@@ -241,8 +247,10 @@ uint32_t flash_helper_verify_flash_memory(void) {
241247
//Store CRC
242248
res = FLASH_ProgramWord(APP_MAX_SIZE - 4, crc);
243249
if (res != FLASH_COMPLETE) {
250+
FLASH_Lock();
244251
return FAULT_CODE_FLASH_CORRUPTION;
245252
}
253+
FLASH_Lock();
246254

247255
// reboot
248256
NVIC_SystemReset();

0 commit comments

Comments
 (0)