Right now, the configuration storage support in
lotus/src/flash_storage.c claims overship of the top 0x1000 bytes of flash and stores non-volatile configuration data in it.
However, the last 0x20 bytes of flash contain the RW_FWID (RW version) section. In addition, RW_FW is specified as covering the entire top 0x40000 bytes of flash.
In short, flash looks roughly like this (not to scale)
flash_storage can, if it grows large enough, corrupt the RW version ID. If the RW firmware also grows large enough, flash_storage can overwrite part of it (!).
If the RW section grows too large for SPI flags, it will result in a hard build break.
That's probably much better than runtime corruption of its .text. :)
Right now, the configuration storage support in lotus/src/flash_storage.c claims overship of the top 0x1000 bytes of flash and stores non-volatile configuration data in it.
However, the last 0x20 bytes of flash contain the RW_FWID (RW version) section. In addition, RW_FW is specified as covering the entire top 0x40000 bytes of flash.
In short, flash looks roughly like this (not to scale)
flash_storage can, if it grows large enough, corrupt the RW version ID. If the RW firmware also grows large enough, flash_storage can overwrite part of it (!).
This change moves RW_FWID down to 0x7EFE0 and indicates in the FMAP that the RW section can only occupy the top 0x3F000 bytes of flash.
The final layout looks more like this:
If the RW section grows too large for SPI flags, it will result in a hard build break. That's probably much better than runtime corruption of its .text. :)