Skip to content

Commit a7d34b6

Browse files
dpgeorgedpgeorge
committed
stm32/mboot: Buffer the correct amount of bytes for a flash write.
Different MCUs have different requirements for the minimum number of bytes that can be written to internal flash. Signed-off-by: Damien George <[email protected]>
1 parent d3fe0a0 commit a7d34b6

File tree

1 file changed

+14
-4
lines changed

1 file changed

+14
-4
lines changed

Diff for: ports/stm32/mboot/pack.c

+14-4
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,17 @@
4242
#define MBOOT_PACK_GZIP_BUFFER_SIZE (2048)
4343
#endif
4444

45+
// Configure the minimum number of bytes that can be written at once to the internal flash.
46+
#if defined(STM32H5)
47+
#define FLASH_MIN_WRITE_BYTES (16)
48+
#elif defined(STM32H7)
49+
#define FLASH_MIN_WRITE_BYTES (4 * FLASH_NB_32BITWORD_IN_FLASHWORD)
50+
#else
51+
// This default is 8 bytes due to STM32WB MCUs requiring that a double-word write
52+
// to flash can only be done once (due to ECC).
53+
#define FLASH_MIN_WRITE_BYTES (8)
54+
#endif
55+
4556
// State to manage automatic flash erasure.
4657
static uint32_t erased_base_addr;
4758
static uint32_t erased_top_addr;
@@ -57,9 +68,8 @@ static uint8_t decrypted_buf[MBOOT_PACK_DFU_CHUNK_BUF_SIZE] __attribute__((align
5768
static uint8_t uncompressed_buf[MBOOT_PACK_GZIP_BUFFER_SIZE] __attribute__((aligned(8)));
5869

5970
// Buffer to hold the start of the firmware, which is only written once the
60-
// entire firmware is validated. This is 8 bytes due to STM32WB MCUs requiring
61-
// that a double-word write to flash can only be done once (due to ECC).
62-
static uint8_t firmware_head[8] __attribute__((aligned(8)));
71+
// entire firmware is validated.
72+
static uint8_t firmware_head[FLASH_MIN_WRITE_BYTES] __attribute__((aligned(FLASH_MIN_WRITE_BYTES)));
6373

6474
// Flag to indicate that firmware_head contains valid data.
6575
static bool firmware_head_valid;
@@ -100,7 +110,7 @@ static int mboot_pack_commit_chunk(uint32_t addr, uint8_t *data, size_t len) {
100110
return ret;
101111
}
102112

103-
if (addr == APPLICATION_ADDR) {
113+
if (addr == APPLICATION_ADDR && len >= sizeof(firmware_head)) {
104114
// Don't write the very start of the firmware, just copy it into a temporary buffer.
105115
// It will be written only if the full firmware passes the checksum/signature.
106116
memcpy(firmware_head, data, sizeof(firmware_head));

0 commit comments

Comments
 (0)