Oneline fix to smp_bt.c smp transport register.
smp_client_transport_register() is a void function and
has no return value, so it should be ignored.
Signed-off-by: Alexander Stark <alexander.t.stark@gmail.com>
Handles return values from settings handlers which were missing
and would return "Unknown error" to clients instead of the read
error
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes the error code being returned when trying to perform a
hash/checksum on an empty file to show it is because the file is
empty, not because a paramter (which was not provided) was too
large.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
rand32.h does not make much sense, since the random subsystem
provides more APIs than just getting a random 32 bits value.
Rename it to random.h and get consistently with other
subsystems.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
`smp_send_pos` is 16 bits wide but it was being
passed as uint8_t, thus truncating.
This made it impossible to receive packets
larger than 256 bytes.
Signed-off-by: Stasys Aužbikas <stasysau@gmail.com>
This commit adds support for finding registered mcumgr command groups.
By default, supported command groups are local to the namespace where
they're registered. This api addition allows applications to get
reference to these supported command groups to deregister & re-register
them.
This adds scope for applications to support multiple implementations
of a command group alongside the default.
Signed-off-by: Chandler Keep <chandlersamkeep@gmail.com>
Adds command allowing to query information on bootloader.
In this case support is provided to query MCUboot information.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for uploading image to board with MCUboot
configured with DirectXIP with revert.
It allows to set uploaded image either for test or as permanent
boot application, until newer image gets confirmed.
Note that in DirectXIP with revert MCUboot will remove image
that has not been set for test nor confirmed and MCUmgr does not
set either mode unless image has the mode set within uploaded
binary.
The commit adds Kconfig option
CONFIG_MCUBOOT_BOOTLOADER_MODE_DIRECT_XIP_WITH_REVERT
that enabled the new mode of operation within MCUmgr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Updates possible return errors for fs mgmt file upload, to clarify
when a provided path is on a read-only filesystem or if the mount
point does not exist.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
If autoinit is not enebled, it is allowed to build a few backends and
initialize a proper one in runtime.
Check number of backends only if autoinit is enabled.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Modify the signature of the k_mem_slab_free() function with a new one,
replacing the old void **mem with void *mem as a parameter.
The following function:
void k_mem_slab_free(struct k_mem_slab *slab, void **mem);
has the wrong signature. mem is only used as a regular pointer, so there
is no need to use a double-pointer. The correct signature should be:
void k_mem_slab_free(struct k_mem_slab *slab, void *mem);
The issue with the current signature, although functional, is that it is
extremely confusing. I myself, a veteran Zephyr developer, was confused
by this parameter when looking at it recently.
All in-tree uses of the function have been adapted.
Fixes#61888.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Makes img_mgmt_slot_to_image image number independent and moves
it to header file as static inline.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The erase logic has been switched to using img_mgmt_get_opposite_slot
and the img_mgmt_get_other_slot has been removed.
The commit adds CONFIG_MCUMGR_GRP_IMG_ALLOW_ERASE_PENDING Kconfig
options, default set to n, that allows to make pending slot
erasable. The option only allows erase on pending slot that
is not revert slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Make img_mgmt_active_slot independent from
CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER for MCUboot swap type
algorithms.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit modifies image list command operations to use
img_mgmt_get_next_boot_slot instead of directly relying of
MCUboot flags.
The function is now used, also, by img_mgmt_slot_in_use to
figure out whether queried slot is in use.
The commit introduces two new Kconfig options
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_ANY
that allow users to enable confirming non-active images slots.
The MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY is y
by default to keep original behavior of logic that accidentally
allowed confirming secondary slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds functions:
img_mgmt_get_next_boot_slot
img_mgmt_get_opposite_slot
to simplify obtaining information on next boot slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The connectivity monitoring subfeature of conn_mgr is currently also
named conn_mgr, which is confusing.
This commit renames it to conn_mgr_monitor, or conn_mgr_mon for short,
for clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Drop few redeclared variables, fixes some:
settings_mgmt.c:454:30: error: declaration of ok shadows a previous
local [-Werror=shadow]
454 | bool ok;
| ^~
settings_mgmt.c:436:14: note: shadowed declaration is here
436 | bool ok = true;
| ^~
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix few instances of delayable work handlers using the k_work pointer
directly in a CONTAINER_OF pointing to a k_work_delayable.
This is harmless since the k_work is the first element in
k_work_delayable, but using k_work_delayable_from_work is the right way
of handling it.
Change a couple of explicit CONTAINER_OF doing the same work as the
macro in the process.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Adds a settings management group to MCUmgr which allows for
manipulation of the zephyr settings from a remote device.
Includes callback hooks to secure access from an application.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
MCUmgr client upload max data payload length was missing
Transport layer CRC + 16bit lenght. Full net buf packet was
possible to send but receiver side it was blocked because there
was not space for calculate CRC and length.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
Add support for SPI host command backend for STM32 chips family.
Unfortunately, the current SPI API can't be used to handle the host
commands communication. The main issues are unknown command size sent
by the host(the SPI transaction sends/receives specific number of bytes)
and need to constant sending status byte(the SPI module is enabled and
disabled per transaction). Thus the SPI backend includes basic SPI STM32
driver adjusted to host command specification.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
This is a stable API treewide change changing the newly introduced
"ret" response to "err" as it was overlooked that the shell_mgmt
group already used "ret" to return the exit code of the command
and this created a collision. Since SMP version 2 was only recently
introduced, there should not be any public implementations of it
as of yet, but the original function has been kept and marked as
deprecated.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes a stray ifdef which causes a build failure if the automatic
UDP start Kconfig is not enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds the force parameter to the reset command which is now
provided to the callback hook (if enabled).
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Uses the zcbor decode bulk function instead of manually parsing the
array in the function to reduce duplicated code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Uses the zcbor decode bulk function instead of manually parsing the
array in the function to reduce duplicated code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby the data packets were not checked to ensure
that the client has not attempted to write more data than the size
that was provided in the original upload packet.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby upload image size would not be checked in
the first packet of an upload, which would allow an image to be
uploaded until it reached the point of it being too large to
fit anymore.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
MCUmgr client basic implementation for support Image and OS grpup
commands.
Image Group:
* Image state read/write
* Image Upload secondary slot
* Image Erase secondary slot
OS group:
* Reset
* Echo service, disabled by default
Opeartion's are blocked call and cant't call inside worker queue.
IMG and OS need to be SMP client object for transport.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
SMP client support for generate request and handling
response message.
Updated SMP transport for send request.
Added API for register SMP transport.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
Uses the MCUboot bootutil image.h file directly instead of an
outdated copy which resides in the zephyr tree.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds an optional callback upon image data being written, can be
used for syncing or timeout purposes.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Replaces the manual lookup function with a lookup function which
is provided when registering MCUmgr handlers which can be used to
find the function to translate error codes, allowing out of tree
MCUmgr handlers to provide error translation handlers.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit fixes build issue when building for two application
images in board that does not have slot0_ns_partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fix conditional compilation within img_mgmt_get_other_slot,
where CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER has been
incorrectly checked and #endif incorrectly placed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Add a feature to suppress commands. The suppressed commands are not
logged on the command reception.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a user possibility to set a callback for receiving a new function.
It allows instant performing some actions, that need to be done before
context switch.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Verify validity of a received command before passing it to the general
handler.
It allows performing some actions, right after receiving the command.
The context switch is not needed. Such feature may be needed for
overloaded system, where instant reboot is required.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a function to signal a new host command by a backend.
Use a function instead of giving semaphore, because it allows more
actions on rx event, common for all backends.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a config to save the final result of a last host command that has
sent EC_HOST_CMD_IN_PROGRESS response. To get the final result use the
ec_host_cmd_send_in_progress_status function.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Fixes an issue where a variable was used without being correctly
set by other parts of the code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The sizeof is used in a wrong way which causes incorrect checking a
version of a command. Use NUM_BITS instead.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
The response buffer has to be cleared every command not to pass
unintended content e.g. response from a previous command, or stack
content.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Update the response buffer size, passed to a command handler, every
command, since a backend could change it in runtime.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Currently, it is not possible to use hawkbit with code that requires
POSIX_API to be set due to the dependency on NET_SOCKETS_POSIX_NAMES.
Since a lot of other code has already been moved to `zsock_`, this
commit does the same for hawkbit.
Co-authored-by: rojedag <r.ojeda@vogl-electronic.com>
Signed-off-by: Matthias Breithaupt <m.breithaupt@vogl-electronic.com>
Add a native way to log Host Command communication.
Use Zephyr logging system to do it. Use debug and normal levels.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Use one common function to send Host Command response. It allows
handling all response types within one function.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Adds status checking to the command status hook which allows an
application to inspect a request and, optionally, reject it.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds an optional Kconfig that adds mutex locks to image management
group functions, this prevents collision between multiple threads
and/or transports.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This adds a few line use zephyr_syscall_header() to include
headers containing syscall function prototypes.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Fixes wrongly declaring duplicate local variables that already
exist and hiding the previous variables definitions.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The IN_PROGRESS status is a specital status that can be sent during
handling a host command. Synchronous backends don't support it, so
an additional check is required.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
A function to send Host Command response is needed for commands that
that sends IN_PROGRESS status or doesn't return e.g. perform reboot.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
OS management's reset is optional, therefore only imply reset
instead of selecting it, so it can optionally disabled if not
needed.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Expands a bitfield name from nh_ver to nh_version so it is more
obvious what it is. Also changes the version that goes into the
response to indicate what the maximum supported version of the
protocol is for a device
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This reworks the UDP transport to resolve some issues with object
interactions and streamlines the code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
No reason to continue zcbor encoding of slot information for image
list when already failed at encoding version.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Image list should also flag pending slot as permanent.
This follows the image list for swap configuration where slot
confirmed for next boot is marked as permanent.
The difference is that in DirectXIP mode it is still possible
to erase slot marked as pending and permanent, before restart
happens.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds callback checks to other fs_mgmt group file access functions
which allows for file access control, and moves where the callback
is triggered for uploads and downloads to prevent getting the
callback multiple times for the same file. The callback struct has
been modified so applications using the previous signature will
need to be updated.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Changes the warning from being text in Kconfig for filesystem
management as a whole to being a cmake warning which is displayed
if the user has not enabled file access hooks with a link to the
documentation on how to set them up.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Add a config to decide if a new dedicated thread for Host Command is
created during initialization.
If not, the ec_host_cmd_task has to be called by another thread to
handle host commands.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Uses the new error system to report an error if the user provides
an invalid format for the OS info command.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The general handler may provide buffers for a backend. Use ranges to
check if the provided buffer is used, because the backend may shift the
beginning of the buffer to make space for preamble.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a separate config to enable autoinitialization of the host command
subsystem, called by the chosen backend.
It allows setting the chosen backend without autoinit.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
