From f7d1bb71b29d2b1b865f6095b31c2bde486b2516 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 27 Sep 2016 16:11:08 -0400 Subject: "keystore erase" now clears entire keystore flash. Now that we're using more than just the first few sectors of the keystore flash, we need a command to clear the whole thing. This is not quite right yet, because it doesn't yet notify libhal's ks_flash driver that the entire content of the flash has been yanked out from under it. In theory, we should be able to erase the entire flash in a single operation using the bulk erase command command (0xC7), but I couldn't get that to do anything (no error reported, no visible effect), so, for now, we erase by sectors. --- projects/cli-test/mgmt-keystore.c | 13 +++++++------ projects/hsm/mgmt-keystore.c | 13 +++++++------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/projects/cli-test/mgmt-keystore.c b/projects/cli-test/mgmt-keystore.c index 108b447..ec2c96a 100644 --- a/projects/cli-test/mgmt-keystore.c +++ b/projects/cli-test/mgmt-keystore.c @@ -281,17 +281,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar { int status; - if (argc != 1) { + if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) { cli_print(cli, "Syntax: keystore erase YesIAmSure"); return CLI_ERROR; } - if (strcmp(argv[0], "YesIAmSure") != 0) - cli_print(cli, "Keystore NOT erased"); - else if ((status = keystore_erase_sectors(0, 1)) != 1) - cli_print(cli, "Failed erasing keystore: %i", status); + cli_print(cli, "OK, erasing keystore, this might take a while..."); + if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1) + cli_print(cli, "Failed erasing keystore: %i", status); else - cli_print(cli, "Keystore erased (first two sectors at least)"); + cli_print(cli, "Keystore erased"); + +#warning Should notify libhal/ks_flash that we whacked the keystore return CLI_OK; } diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c index 3355082..4c1029a 100644 --- a/projects/hsm/mgmt-keystore.c +++ b/projects/hsm/mgmt-keystore.c @@ -237,17 +237,18 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar { int status; - if (argc != 1) { + if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) { cli_print(cli, "Syntax: keystore erase YesIAmSure"); return CLI_ERROR; } - if (strcmp(argv[0], "YesIAmSure") != 0) - cli_print(cli, "Keystore NOT erased"); - else if ((status = keystore_erase_sectors(0, 1)) != 1) - cli_print(cli, "Failed erasing keystore: %i", status); + cli_print(cli, "OK, erasing keystore, this might take a while..."); + if ((status = keystore_erase_sectors(0, KEYSTORE_NUM_SECTORS - 1)) != 1) + cli_print(cli, "Failed erasing keystore: %i", status); else - cli_print(cli, "Keystore erased (first two sectors at least)"); + cli_print(cli, "Keystore erased"); + +#warning Should notify libhal/ks_flash that we whacked the keystore return CLI_OK; } -- cgit v1.2.3