https://devzone.nordicsemi.com/f/nordic-q-a/35312/nrf51-ota-ble-dfu-flash-space-erased-before-init-packet-validationHi! I&#39;m developing on nRF51 with SDK 11 and trying to extend our application with buttonless BLE DFU support. Due to limited flash memory, we could only use single bank ble bootloader. Right now the bootloader works fine but we want to make it more secureen-USTelligent Community 13Wed, 13 Jun 2018 21:33:01 GMThttps://devzone.nordicsemi.com/thread/136015?ContentTypeID=1Wed, 13 Jun 2018 21:33:01 GMT137ad170-7792-4731-bb38-c0d22fbe4515:94e1d9d3-ce8d-429d-acff-2a189cb2e68fdrmd<p>So I managed to make the change that Hung suggested. And it works the way I want it to: if the init packet validation fails, the device can restart and run the original application without problem.</p> <p>All I needed to modify is dfu_single_bank.c and dfu_transport_ble.c (attached).</p> <p><a href="https://devzone.nordicsemi.com/cfs-file/__key/communityserver-discussions-components-files/4/single_5F00_bank_5F00_new_5F00_states.zip">devzone.nordicsemi.com/.../single_5F00_bank_5F00_new_5F00_states.zip</a></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/135947?ContentTypeID=1Wed, 13 Jun 2018 13:27:18 GMT137ad170-7792-4731-bb38-c0d22fbe4515:6cdd1872-c531-4f71-93b6-48d803cd8bcbdrmd<p>Thanks for the reply! I&#39;ll give it a try.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/135852?ContentTypeID=1Wed, 13 Jun 2018 08:35:17 GMT137ad170-7792-4731-bb38-c0d22fbe4515:ad556dd3-9cf9-4c63-aed4-911a7b846a90Hung Bui<p>Hi drmd,&nbsp;</p> <p>&nbsp;</p> <p>My mistake, I was thinking of the start packet not the init packet.&nbsp;</p> <p>You are right that when erasing the old application, the bootloader need to wait for the erasing to be finished (max 90ms/page ). There is a call back called&nbsp;dfu_cb_handler() in dfu_transport_ble.c that you can use. Currently it&#39;s used to send the notification for the START packet after the erasing is done .</p> <p>&nbsp;</p> <p>What you can do is to modify it, so that the notification about the INIT packet complete ( ble_dfu_response_send(p_dfu, BLE_DFU_INIT_PROCEDURE, resp_val);)&nbsp;&nbsp;to be delayed instead of the START packet, until the flash erasing is finished.&nbsp;</p> <p>&nbsp;</p> <p>What you planing to do is also fine,&nbsp;I assume what you do is to verify the DFU master before allowing the bootloader to process the Start packet.&nbsp;</p> <p>Note that, this trick can easily be recorded and replayed. So this approach is not really safe from attacker. It might be used to avoid accidental DFU update.</p> <p>&nbsp;</p> <p>&nbsp;</p> <p>&nbsp;</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/135797?ContentTypeID=1Tue, 12 Jun 2018 16:35:31 GMT137ad170-7792-4731-bb38-c0d22fbe4515:4d073927-bf9b-4dd4-a3e8-7f0b4fbcdfd7drmd<p>Hi Hung,</p> <p>I tried to put the dfu_prepare_func_app_erase() call after dfu_init_prevalidate() in dfu_init_pkt_complete(). I also changed the states correspondingly. My guess is that the clear can take arbitrary amount of time and the state could be messed up between DFU_STATE_RDY ( changed by pstorage_callback_handler() ) and DFU_STATE_RX_DATA_PKT.</p> <p>However, I found a way to only enable communication with DFU service when a certain value has been written to a characteristic and therefore effectively disable DFU functionality to public. So I&#39;ll leave the dfu_single_bank.c as it is.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/135793?ContentTypeID=1Tue, 12 Jun 2018 16:18:20 GMT137ad170-7792-4731-bb38-c0d22fbe4515:38808e79-a785-4566-9981-95608b46e11bHung Bui<p>Hi ,</p> <p>&nbsp;</p> <p>Could you let me know what exactly you modified ?&nbsp;</p> <p>As far as I understand, the flash erasing of the original application only happens after the start packet is received and application version and image size verified. The function dfu_prepare_func_app_erase () is called inside &quot;case DFU_STATE_IDLE: &quot; in&nbsp;dfu_start_pkt_handle() in dfu_single_bank.c</p><div style="clear:both;"></div>