From f377b051b6c916e140c32d0edd3793ee7ccec74a Mon Sep 17 00:00:00 2001
From: Artur Hadasz <artur.hadasz@nordicsemi.no>
Date: Thu, 20 Mar 2025 10:08:04 +0100
Subject: [PATCH] suit: Do not erase on IPUC write setup

Erasing of the IPUC took about 500ms of time, which
led to many issues.

The erasing was removed, instead different security
measures were introduced, erasing parts when the
seek offset is greater than the write peek offset.

Signed-off-by: Artur Hadasz <artur.hadasz@nordicsemi.no>
---
 subsys/suit/ipuc/src/suit_ipuc_sdfw.c | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/subsys/suit/ipuc/src/suit_ipuc_sdfw.c b/subsys/suit/ipuc/src/suit_ipuc_sdfw.c
index ebc6a0eec6ad..7ce45c004306 100644
--- a/subsys/suit/ipuc/src/suit_ipuc_sdfw.c
+++ b/subsys/suit/ipuc/src/suit_ipuc_sdfw.c
@@ -297,15 +297,6 @@ suit_plat_err_t suit_ipuc_sdfw_write_setup(int ipc_client_id, struct zcbor_strin
 		suit_plat_digest_cache_remove(component_id);
 #endif /* CONFIG_SUIT_DIGEST_CACHE */
 
-		if (ipuc_sink.erase == NULL ||
-		    ipuc_sink.erase(ipuc_sink.ctx) != SUIT_PLAT_SUCCESS) {
-			LOG_ERR("Erase operation not supported or failed");
-			if (ipuc_sink.release) {
-				ipuc_sink.release(ipuc_sink.ctx);
-			}
-			k_mutex_unlock(&ipuc_mutex);
-			return SUIT_PLAT_ERR_IO;
-		}
 
 		if (ipuc_sink.release) {
 			ipuc_sink.release(ipuc_sink.ctx);
@@ -371,6 +362,22 @@ suit_plat_err_t suit_ipuc_sdfw_write(int ipc_client_id, struct zcbor_string *com
 			return SUIT_PLAT_ERR_IO;
 		}
 
+		if ((ipuc_sink.write != NULL) && (ipuc_sink.seek != NULL)
+		    && (offset > ipuc_entry->write_peek_offset)) {
+			/* Erasing if necessary
+			 */
+			uint8_t erase_buffer[READ_CHUNK_MAX_SIZE] = {
+					[0 ... READ_CHUNK_MAX_SIZE - 1] = 0xFF
+			};
+
+			ipuc_sink.seek(ipuc_sink.ctx, ipuc_entry->write_peek_offset);
+			for (size_t off = ipuc_entry->write_peek_offset; off < offset;
+			     off += READ_CHUNK_MAX_SIZE) {
+				ipuc_sink.write(ipuc_sink.ctx, (uint8_t *)erase_buffer,
+				MIN(sizeof(erase_buffer), slot_size - off));
+			}
+		}
+
 		if (ipuc_sink.seek == NULL ||
 		    ipuc_sink.seek(ipuc_sink.ctx, offset) != SUIT_PLAT_SUCCESS) {
 			LOG_ERR("Seek operation not supported or failed");