[GitHub] mkiiskila commented on issue #1323: Allow flash devices to specify erase value
mkiiskila commented on issue #1323: Allow flash devices to specify erase value URL: https://github.com/apache/mynewt-core/pull/1323#issuecomment-413244097 Yeah, the sample inclusion within BSP does not set the key. It does mangle the data without setting it already, so you can see try out how that flash driver behaves :) Actual use case would be to use encrypted flash over external SPI flash, and keep the key within internal flash (could also be STM32 OTP area or NRF52 user area). And then set it within hal_bsp_init(). That way encrypted flash could even be used from within bootloader. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] mkiiskila commented on issue #1323: Allow flash devices to specify erase value
mkiiskila commented on issue #1323: Allow flash devices to specify erase value URL: https://github.com/apache/mynewt-core/pull/1323#issuecomment-413188259 The changes do not address encrypted flash scenario still. Check with the following target: ``` [marko@IsMyLaptop:~/src2/incubator-mynewt-blinky]$ newt target show slinky_nrf52 targets/slinky_nrf52 app=@apache-mynewt-core/apps/slinky bsp=@apache-mynewt-core/hw/bsp/nrf52dk build_profile=debug syscfg=BOOTUTIL_USE_MBED_TLS=1:BOOT_SERIAL_NVREG_INDEX=0:CONSOLE_HISTORY_SIZE=16:ENC_FLASH_DEV=1:IMGMGR_CLI=0:IMGMGR_COREDUMP=1:OS_COREDUMP=1:SHELL_OS_SERIAL_BOOT_NVREG=1 ``` Now the encrypted flash overlay is over internal flash. You can test from within gdb ``` (gdb) call hal_flash_isempty(0, 0x7c000, 32) $1 = 1 (gdb) call hal_flash_isempty(1, 0x7c000, 32) $2 = 0 ``` Return code from both calls should be 1. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] mkiiskila commented on issue #1323: Allow flash devices to specify erase value
mkiiskila commented on issue #1323: Allow flash devices to specify erase value URL: https://github.com/apache/mynewt-core/pull/1323#issuecomment-412000228 This will not work for encrypted flash. Here's dump of data from erased sector of flash through encrypting driver. 000734 compat> flash read 0x7c000 32 1 001319 Read 0x7c000 + 20 001319 0x7c000: 0xa4 0xac 0x2e 0x6f 0xb7 0x11 0xbb 0x98 001321 0x7c008: 0xd3 0xac 0x3d 0x28 0x74 0x5d 0x3e 0x71 001322 0x7c010: 0x85 0x40 0x7c 0x18 0xfe 0x83 0x65 0x83 001324 0x7c018: 0x9e 0x67 0xe5 0x83 0xa4 0x09 0xbc 0xa8 This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
