sketch self-delete in runtime

skylight

Member
Hi guys

I am working with teensy 4.0 and I programmed it with my sketch. A functionality of my project, is to detect tamper on a specific signal and then take action after that. Basically I want my current sketch (that is programmed on the board), to get deleted (or overwritten with dummy data or new empty sketch, etc) due to security reasons. Maybe like a self program, and of course the result would be a crash.
All I know is that my current programmed sketch is written somewhere in the flash memory of the board, but don't know where it is, if I have access to it, or how I can modify it this way.
Is there any way I can implement this in runtime?
I must also mention that lockable teensy is being used for the sketch.


Thank you.
 
for having more security. In general I am wondering if it's possible. If not, why and if so, how.

Thanks Paul
Yes, I think it is possible. Your programs have access to the program flash, which begins at address 0x6000'0000. If you look in cores\Teensy4\eeprom.c, you will find a function to erase a sector. If you erase the sector at the base address and then do a soft reboot, I think that would hang the Teensy, with the only way to recover to reprogram via the bootloader.
 
Yes, I think it is possible. Your programs have access to the program flash, which begins at address 0x6000'0000. If you look in cores\Teensy4\eeprom.c, you will find a function to erase a sector. If you erase the sector at the base address and then do a soft reboot, I think that would hang the Teensy, with the only way to recover to reprogram via the bootloader.
I'll see what I can do. Thanks a lot!
 
Use FASTRUN on your erase function, so it's allocated in RAM. Hopefully that can prevent the inevitable crash long enough to allow accomplishing all the memory erase you want.

After erasing, remember the CPU caches will still hold some info. You can do special low level stuff to delete the cache, or just soft reboot (which will fail to boot up). If you erase the flash so no valid program is found, keep in mind you will need to press the pushbutton on Teensy to recover. Automatic upload only works if a previously loaded program is still successfully implementing USB communication. Without USB working, your PC can't ask Teensy to go into programming mode. You will need to press the pushbutton.
 
When calling an erase function from eeprom.c located in teensy4 folder, I face the error of multiple definition of different functions for example 'epprom_initialize', 'epprom_read_byte', etc. Since I'm kinda not sure what I'm doing, I would really appreciate if you guys would help me with the code as well : )
 
multiple definition of different functions
Perhaps the build folder is compromised - close the IDE and restart or find and remove the TEMP directory where the build products reside.
Or perhaps some odd coding/build changes made for access are in place? Any prototypes brought in for use must be 'extern' and likely 'extern "C" '

Those are random guesses given no posted code or list of exact error details from a VERBOSE build console.
 
Perhaps the build folder is compromised - close the IDE and restart or find and remove the TEMP directory where the build products reside.
Or perhaps some odd coding/build changes made for access are in place? Any prototypes brought in for use must be 'extern' and likely 'extern "C" '

Those are random guesses given no posted code or list of exact error details from a VERBOSE build console.
First, I include these in my code:
#include <Arduino.h>
#include <FS.h>
#include <LittleFS.h>
#include <eeprom.c>
...
... some code...
...


Then I call the function "eepromemu_flash_erase_64K_block(void *addr)" to erase the flash memory:

void flashErase(){
void *address = reinterpret_cast<void *>(0x60000000);
eepromemu_flash_erase_64K_block(address);
...
}

I include eeprom.c directly (located in Arduino\hardware\teensy\avr\cores\teensy4) because the function that I need to call, is not defined anywhere else, and I doubt if I'm doing this correctly.


Finally, I fail to compile my sketch (I attach the error file).
 

Attachments

  • flashErase_err.txt
    4.8 KB · Views: 16
You don’t need to (and should not) include a copy of eeprom.c in your sketch, but at the top of your INO file you do need to add a declaration of the erase function and declare it extern “C”, as shown below. There is no need to call the 64K version of erase. A single 4K sector will be sufficient, and is much faster.

Code:
// copy declarations of flash erase/write function declarations from eeprom.c to use here
extern "C" {
// To be called from LittleFS_Program, any other use at your own risk!
void eepromemu_flash_write(void *addr, const void *data, uint32_t len);
void eepromemu_flash_erase_sector(void *addr);
void eepromemu_flash_erase_32K_block(void *addr);
void eepromemu_flash_erase_64K_block(void *addr);
}
 
Last edited:
You don’t need to (and should not) include a copy of eeprom.c in your sketch, but at the top of your INO file you do need to add a declaration of the erase function and declare it extern “C”, as shown below. There is no need to call the 64K version of erase. A single 4K sector will be sufficient, and is much faster.

Code:
// copy declarations of flash erase/write function declarations from eeprom.c to use here
extern "C" {
// To be called from LittleFS_Program, any other use at your own risk!
void eepromemu_flash_write(void *addr, const void *data, uint32_t len);
void eepromemu_flash_erase_sector(void *addr);
void eepromemu_flash_erase_32K_block(void *addr);
void eepromemu_flash_erase_64K_block(void *addr);
}
Seems like it worked. Thanks a lot!
 
Oh I didn't really know about it. I actually thought there's no way to delete flash memory directly and manually inside a code!
It works very similar to what was suggested above
Runs an erase function from RAM1, clearing the flash memory, but it can also write a new program (stored in a buffer - RAM, SD, PSRAM etc) to flash, then reboot and run the nee program.
 
Back
Top