Expand NVRAM trait with integrity validation helpers #11
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
madeleyneVaca
requested review from
gjpmsft,
jerrysxie,
tullom and
williampMSFT
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the Nvram trait with two helper methods to support integrity validation workflows: dump_storage for obtaining a read-only snapshot of NVRAM contents, and clear_storage for resetting storage to a default state when validation fails.
- Added
dump_storage()method to obtain a snapshot of all storage cells for validation - Added
clear_storage()method to reset storage cells to their default state
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
williampMSFT
previously approved these changes
Jan 9, 2026
Contributor
williampMSFT
left a comment
williampMSFT
left a comment
There was a problem hiding this comment.
May want to check if copilot is right on the copy thing, I'm not 100% sure, but other than that, looks good to me
williampMSFT
approved these changes
Jan 9, 2026
kurtjd
approved these changes
Jan 9, 2026
madeleyneVaca
added a commit
to OpenDevicePartnership/embassy-imxrt
that referenced
this pull request
Jan 9, 2026
…by OEMs (#538) In the event that an OEM is using the RTC NVRAM table for something more complicated than a few flags, integrity validation becomes necessary. The `storage()` API in the `Nvram` trait returns a mutable reference and ensures we can't double borrow. Great for safety but makes it difficult to get the values for validation (and potential erasure if invalid) and then also deconstruct the NVRAM table, so that they can be passed off the values to whichever service needs them, as that would constitute a double borrow. This PR introduces two helper functions which 1) dumps the current u32 values of the registers, rather than allowing for another handle to the RTC peripheral. The OEM can then perform their validation logic and if something is iffy, they can 2) erase the contents of the table through the object that has the handle before splitting up the entries as the OEM desires. Related PRs: OpenDevicePartnership/embedded-mcu#11
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related to OpenDevicePartnership/embassy-imxrt#538. This PR adds two helper functions to the NVRAM trait which makes it easy for a user to obtain the contents of an NVRAM table for validation and then clear them if found to be invalid