pbio/sys/storage: Fix user read area.

Adapt it so that it is correct even as we add new fields in between going forward.
pybricks · Jun 7, 2024 · 83e372a · 83e372a
1 parent 31c36c6
commit 83e372a
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/lib/pbio/include/pbsys/storage.h b/lib/pbio/include/pbsys/storage.h
@@ -49,7 +49,8 @@ typedef struct _pbsys_storage_data_map_t {
      */
     uint32_t stored_firmware_version;
     /**
-     * End-user read-write accessible data.
+     * End-user read-write accessible data. Everything after this is also
+     * user-readable but not writable.
      */
     uint8_t user_data[PBSYS_CONFIG_STORAGE_USER_DATA_SIZE];
     /**

diff --git a/lib/pbio/sys/storage.c b/lib/pbio/sys/storage.c
@@ -72,7 +72,7 @@ pbio_error_t pbsys_storage_set_user_data(uint32_t offset, const uint8_t *data, u
 }
 
 /**
- * Gets pointer to user data or user program.
+ * Gets pointer to user data, settings, or program.
  *
  * @param [in]  offset  Offset from the base address.
  * @param [in]  data    The data reference.
@@ -81,8 +81,9 @@ pbio_error_t pbsys_storage_set_user_data(uint32_t offset, const uint8_t *data, u
  *                      Otherwise, ::PBIO_SUCCESS.
  */
 pbio_error_t pbsys_storage_get_user_data(uint32_t offset, uint8_t **data, uint32_t size) {
-    // User is allowed to read beyond user storage to include program data.
-    if (offset + size > sizeof(map->user_data) + sizeof(map->program_size) + map->program_size) {
+    // User is allowed to read beyond user storage to include settings and
+    // program data.
+    if (offset + size > (map->program_data - map->user_data) + map->program_size) {
         return PBIO_ERROR_INVALID_ARG;
     }
     *data = map->user_data + offset;
@@ -112,7 +113,8 @@ static void pbsys_storage_update_checksum(void) {
     // Add checksum for each word in the written data and empty checked size.
     for (uint32_t offset = 0; offset < checksize; offset += sizeof(uint32_t)) {
         uint32_t *word = (uint32_t *)((uint8_t *)map + offset);
-        // Assume that everything after written data is erased.
+        // Assume that everything after written data is erased by the block
+        // device driver prior to writing.
         checksum += offset < map->write_size ? *word : 0xFFFFFFFF;
     }