dfu: boot: mcuboot_shell: Prevent erasing MCUboot/app flash areas

Prevents the user from potentially bricking a device by erasing
the MCUboot or currently running application flash areas with the
mcuboot erase command

Signed-off-by: Jamie McCrae <[email protected]>

Author: nordicjm

subsys/dfu/boot/mcuboot_shell.c

@@ -1,5 +1,6 @@
 /*
  * Copyright (c) 2020 Grinn
+ * Copyright (c) 2023 Nordic Semiconductor ASA
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -91,6 +92,21 @@ static int cmd_mcuboot_erase(const struct shell *sh, size_t argc,
 
 	id = strtoul(argv[1], NULL, 0);
 
+	/* Check if this is the parent (MCUboot) or own slot and if so, deny the request */
+#if FIXED_PARTITION_EXISTS(boot_partition)
+	if (id == FIXED_PARTITION_ID(boot_partition)) {
+		shell_error(sh, "Cannot erase boot partition");
+		return -EACCES;
+	}
+#endif
+
+#if DT_FIXED_PARTITION_EXISTS(DT_CHOSEN(zephyr_code_partition))
+	if (id == DT_FIXED_PARTITION_ID(DT_CHOSEN(zephyr_code_partition))) {
+		shell_error(sh, "Cannot erase active partitions");
+		return -EACCES;
+	}
+#endif
+
 	err = boot_erase_img_bank(id);
 	if (err) {
 		shell_error(sh, "failed to erase bank %u", id);