When a PD is set online, we need to do other actions along with it. To
make this easier in future, move cp_set_state(pd, OSDP_CP_STATE_ONLINE)
to it's own method cp_set_online(pd).
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Select in Kconfig causes many issues with dependency loops, this
resolves the issue by replacing most select with depends on for
MCUmgr, including updates to the sample smp_svr application and
tests.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This patch replaces many instances where raw loops were used to copy bytes
with memcpy calls.
No functional change intended.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Do not check or send the first entry in the pd->cp[] device capability
table which is for function code 0 which is not a defined function code.
Signed-off-by: David Vucich <dave@alcatraz.ai>
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
By default, on errors, pd_decode_command replies with osdp_NAK with
sub-error code set to OSDP_PD_NAK_CMD_LEN (achieved using the ret ==
OSDP_PD_ERR_GENERIC check before return). This is works for all packet
framing errors; but when a more specific error code needs to be sent, ret
has to be set to something other than OSDP_PD_ERR_GENERIC (a suitable error
code happens to be OSDP_PD_ERR_REPLY) to prevent the tail check from
overwriting the error info.
In CMD_KEYSET, we fill a more specific error code but do not set the ret to
OSDP_PD_ERR_REPLY. It causes this error to be reported as a framing
error hence loosing some extended info about the error. Fix this issue by
reordering the checks a bit.
Fixes: 7f4d2c741b "mgmt/osdp: Add support for Secure Channel"
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Initially, subsys/mgmt had its own STR() macro for string pasting which was
replaced with the zephry provided STRINGIFY(). The definition of this macro
seems to have lingered on so remove it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
During handshake, only certain types of secure block types (<= SCS_14)
are allowed. A rouge CP/PD can try to bypass the handshake by directly
sending a secure block type ahead of the sequence and gain a secure
channel. Fix this by adding a check in packet decode time.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
OSDP specification section 5.7 states that a transmitting device has to
drive the transmission line to a marking state for a period of one char
in the current baud rate. This can be achieved by sending 0xFF. Since
this is not mentioned in the packet structure definition, many commercial
implementations of OSDP out in the wild do not send/expect this byte.
To work with such non-conforming devices, we will try to be as flexible
as possible in the PD: send mark byte only if the other side sent one. In
case of CP, we have no option but to send the mark byte to be as close
to the specification as possible. If a particular use case needs the CP
to not send it, we will provide a Kconfig option to disable it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Now that we have the necessary infrastructure to collect events from PD
apps, we can use them to translate it to OSDP packet sequence for card
reads and key press events.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
OSDP compliant devices communicate their capabilities and discover what
their peer can and cannot do. Right now, PD advertises these capabilities
and expects CP to honor them. Although this is not known to cause any
issues, it is not desirable to allow such accesses.
Add a check of incoming commands to to validate that the corresponding
capability was enabled and advertised.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Since cmd_data member is used by both commands and events to store the
contents of current transaction, rename it to ephemeral_data which
better reflects the purpose of the variable.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Bluetooth does not need to be enabled to register services,
therefore the newly introduced automatic bluetooth SMP transport
registration system can be simplified by returning enabling of
bluetooth back to the application.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The updatehub shell cmd_info allocate memory but not checks function
return. This add missing checks and proper error handle.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The current updatehub version forces user application to run in kernel
mode. This add necessary api syscalls to isolate userspace from kernel.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The img_mgmt_flash_area_id would add processing of
slot2_partition and slot3_partition if they only exist, even if
not used at all.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This changes some of the MCUmgr transport CMake select statements
to depends on, this is to align with other in-tree symbols that
do not pull in whole subsystems and instead only allow selection
if those subsystems are already enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
BOOT_MAGIC_SZ and BOOT_MAX_ALIGN were used in the header without
including bootutil/bootutil_public.h. This change remove the need of
the inclusion by making the dependency private.
Fixes#52095
Signed-off-by: Guillaume Lager <g.lager@innoseis.com>
This add storage abstraction to allow switch between different flash
APIs. This remove the erase command at updatehub core and move it to
storage init phase.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Currently MCUboot and system reset are invoked directly in the sample
applicatiion. This introduce 2 new methods to isolate system from
application.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Move header includes to source file. Currently firmware source files
have a hardcode partition identificator. This moves identificators
to updatehub core.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The CP app sends PD a "command" and the PD responds to it. Some times,
the PD has something that it wants to tell the PD which it does so in
response to POLL command. Both CP and PD apps need a way to exchange
these info over the OSDP bus. To archive this we will introduce what are
called "events" that allow the PD app to enqueue and CP app to get
notified.
This is analogous to the incumbent "commands" abstraction where, the CP
app enqueues a command and the PD app gets notified of it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
For all commands and replies, the buffer length needed to build or the
length of data needed to decode needs to be checked and asserted. Right now
we do this by ad-hoc if-s. Add macros that do this at a common location.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
The raw, flags check has become a bit excessive and has begun to affect
code readability. Provide inline functions for those accesses that are
frequent. Also, get rid of `struct osdp_cp` as it can be fully represented
by `struct osdp` itself.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
CP has an array of PDs and pd->offset was the position of the PD in CP's
list. Since offset has many meanings, rename it to pd->idx.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Partial packets in the RX buffers cause the subsequent packet to be
treated as malformed. The RX buffer can have partial data if the sender
is too slow in sending the packet of if there is an interruption in
transmission mid-way.
To avoid any issues due to such partials, flush the uart channel before
sending the command/response.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
The log lines in CP and PD had a prefix such as "CP: " and "PD: " that
does not add too much value as a given device an either be CP or PD
only. This patch removes those and enhances some other log lines while
at it.
It also adds a enum for return values throughout the module to improve
code quality.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
This commit adds the support for host commands being transported
by the Serial Host Interface on the NPCX SoC.
Signed-off-by: Michał Barnaś <mb@semihalf.com>
This prevents a configuration error by selecting the console if
the UART MCUmgr transport is used, which is actually a dependency
for this transport.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby event ID was not checked properly, meaning
that OR'd events would not work as one would expect.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The TinyCrypt is the current library used by UpdateHub to perform
SHA-256 integrity check. This refactor code and add support to
mbedTLS library. It changes default library to mbedTLS to use
hardware accelerator when available.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Fixes an issue with a missing variable when
CONFIG_IMG_MGMT_REJECT_DIRECT_XIP_MISMATCHED_SLOT is enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
After Kconfig options got renamed, some of the no longer fit
to files they have been defined in.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Will check an uploaded image's hash against the hash that was
originally supplied before the upload began and return the result to
the client to know if the upload was successful or if there was an
error during upload. Requires CONFIG_IMG_ENABLE_IMAGE_CHECK be
enabled for functionality to be available.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This moves the UDP and Bluetooth initialisation for MCUmgr to be
performed automatically with the new hander registration feature.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Makes group registration functions for MCUmgr handlers static as
they are registered automatically at startup.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This replaces the requirement for applications to manually
register MCUmgr handlers by having an iterable section which
then automatically registers the handlers at boot time.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This change changes the previous mcumgr behaviour of return result
codes when the status is 0 (OK) to being legacy behaviour, instead
it will skip the rc field for these responses. If there is only an
rc field with status 0 to return, then mcumgr will now instead just
return an empty map.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This fixes an issue whilst investigating using iterable sections,
which cannot be used when the non-zephyr prefixed functions are
used. It also resolves a possible critical bug intoduced with the
MCUmgr rework whereby functions or elements seem to have silently
dropped.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The CBOR encoding allows strings to have white spaces, and as string
may be used as key it should also be allowed to use space in key.
The commit provides ZCBOR_MAP_DECODE_KEY_DECODER macro, which is
intended to replace ZCBOR_MAP_DECODE_KEY_VAL macro, that allows
to use string keys with spaces in it.
Both macros are available for now.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes an issue with large packets being received, these packets are
chunked into 127-byte frames for the serial transport but this system
is not needed for the dummy transport as it has a fixed size buffer.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The device information handler can be used to retrieve information about
the configuration of the configured device such as board name, board
revision, firmware version and build date.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The shell_mgmt_config.h and stat_mgmt_config.h as they have been only
providing alternative identifiers for Kconfig options.
Now the Kconfig options are directly used in code and the headers
have been removed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Add CONFIG_CRC for building CRC related routines.
CRC routines are now being built for each application, whether used or
not and are add in the build system unconditionally.
Keep CONFIG_CRC enabled by default for now and until all users have
converted to use the new option.
Partial fix for #50654
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Fixes accesses a renamed variable when a specific Kconfig is
active that would cause a compile error.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Moves the zephyr group ID defines to the mgmt header file as it is
with other group IDs and moves the zephyr basic group command IDs
to the the same header-location style as other groups.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This aligns the naming of files in fs_mgmt so that files and
functions relating to hash/checksum are prefixed with fs_mgmt.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Add missing fields in structure containing the arguments used by
the host commands handlers and change the order of parameters
in macro used for defining the handlers.
Signed-off-by: Michał Barnaś <mb@semihalf.com>
This commit increases the stack size for thread handling the host
commands requests. It was required due to the stack being
corrupted using earlier default size. The thread priority is now
configurable using the Kconfig.
It also adds alignment to the tx_buffer since the npcx MCU requires it
to work correctly and removes clearing the buffer before use due to
the hard time requirements. Tests checking if buffers are cleared
are also removed.
Signed-off-by: Michał Barnaś <mb@semihalf.com>
Move the header file to corresponding directory which refers to
submodule name instead of root of drivers directory.
Signed-off-by: Michał Barnaś <mb@semihalf.com>
The commit moves MCUmgr SMP transport documentation from
subsys/mgmt/mcumgr/lib to doc/services/device_mgmt.
Documentation have been rewritten for that purpose.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit reworks mgmt/mcumgr subsystem source code to remove
lib subdirectory and make it a little bit more flat.
It also moves all API interface files, which are supposed to be
visible by applications using MCUMgr, to interface sub-directories,
and exposes them with full paths; for example to include general
MCUMgr support, group registration and so on, user would now include:
<mgmt/mcumgr/mgmt/mgmt.h>
to additionally have control on File System group management
registration user would need:
<mgmt/mcumgr/mgmt/grp/fs_mgmt.h>
All internal headers have been removed from interface.
CMAkeLists.txt get significant rework and various MCUMgr subsystems
have been divided into separate sub-libraries.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Incorrectly hash_checksum_mgmt_handler_fn has been referenced
in documentation for hash_checksum_mgmt_list_cb, causing
documentation generation error, because parameter list does
not match.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Rounded up struct smp_bt_user_data takes 8 bytes; this fixes
static assert failing with message:
CONFIG_MCUMGR_BUF_USER_DATA_SIZE not large enough to fit Bluetooth
user data
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Switches to the new event callback system for the os_mgmt
functionality and removes the old code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Switches to the new event callback system for the img_mgmt
functionality and removes the old code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Switches to the new event callback system for the fs_mgmt
functionality and removes the old code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds an access denied error code that can be used to signal to the
mcumgr client that the requested access to a specific resource or
command/functionality has been denied.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Reworks the event callback system to use a linked list to allow for
chained handlers and support passing a status back to the handler to
indicate if the request should be rejected or allowed. This also
removes the old base callback functionality.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds a new mcumgr command for returning information on all supported
hash/checksum types that the firmware supports.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This fixes issues with the Bluetooth SMP transport whereby deadlocks
could arise from connection references being held in long-lasting
mcumgr command processing functions.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This replaces an intermediatory structure with a different one which
allows command functions to access the full contents of the streamer
structure that would be otherwise unavailable. This is a foundation
for allowing asynchronous mcumgr messages from the server.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue introduced with a recent change that wrongly uses the
source packet header size for the output instead of the supplied
size.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
It is only needed to be known by SMP protocol processing
and in some cases by transport, for example reassembly.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
These two-liners have been only used by SMP protocol processing,
and there is no reason to have them available as public functions.
Code from these functions have been moved directly where they
have been used and they have been removed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
zephyr_ prefix is now redundant as there are no other OSes supported.
The commit also moves functions, after renaming them, and makes
them static, as they no longer have to be shared between compilation
units.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
It is no longer needed to have "system specific" API for FS management.
The commit removes fs_mgmt_impl.h and moves Zephyr specific
functions that implement the fs_mgmt_impl.h declared functions
into fs_mgmt.c
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This fixes an issue whereby the image state of an upload is present
even after an image erase command, which would instruct a client to
continue uploading at an offset that has no preceeding data.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
In order to avoid using multiple sources of truth for the platfom's
endianness, convert the in-tree code to use the (BIG|LITTLE)_ENDIAN
Kconfig variables exclusively, instead of the compiler's
__BYTE_ORDER__.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
buf.c have been providing net_buf pool allocator and dealocator
for SMP packets: mcumgr_buf_alloc and mcumgr_buf_free.
The functions have been moved to smp.c and renamed
smp_packet_alloc and smp_packet_free, respectively.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
SMP buffer allocation functions have been moved to smp/smp.h,
and buf.h has been removed.
Definitions of cbor_nb_reader and cbor_nb_writer have also been moved.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit moves functions used for initialization of CBOR encoding
and decoding to the only unit that is supposed to use them.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This fixes an issue with the bluetooth transport whereby if a device
drops the connection prior to receiving all the output data it could
cause a deadlock.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit removes zephyr_ and _impl_ from function names in image
management group, and renames img_mgmt_impl.* source files to
img_mgmt_priv and merges img_mgmt_priv.h headers.
The zephyr_ and _impl_ have been removed because they no longer make
sense, as the mcugr is internal part of Zephyr, and removal makes
function names shorter.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit removes some leftover code from feature that has been
supposed to log image upload events with use of SMP, but has never
been actually implemented.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Cosmetic change: the zst was short for zephyr_smp_transport,
now it is just smp_transport so smpt makes more sense.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The MCUMgr library is now part of Zephyr, so there is no point
to prefix SMP functions with Zephyr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Some minor housekeeping prior to adding an http server
implementation. There are already a number of http headers
and that number will likely increase with subsequent work.
Moving them into a common directory cleans up the
`include/net` directory a bit.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
If a file write was attempted with a file that does not exist, over
the shell/UART when logging was enabled, it would output a fs_unlink
error, this works around the issue by checking if the file exists and
needs truncating before performing that action. It also imrproves
flash endurance slightly by performing a truncate operation instead
of a delete, but will fall back to a delete if the truncation
operation fails. This issue can be also be mitigated by altering
logging settings or adjusting the SMP thread priority.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
No longer needed, since smp_streamer has smpt pointer to
zephyr_smp_transport, it can directly call smpt->zst_output.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
There are no more functions directly using the type, so it
has been removed and its contents have been moved to
smp_streamer.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit removes declaration of functions
mgmt_streamer_trim_front and mgmt_streamer_init_reader
as they no longer have definitions.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit drops empty parameter from img_mgmt_flash_check_empty
and img_mgmt_flash_check_empty_inner and uses the return code
instead.
Both functions now use negative errno codes instead of MGMT_ERR_
type codes.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This adds a hash check when the CONFIG_IMG_ENABLE_IMAGE_CHECK Kconfig
option is enabled that will check the underlying image hash to see if
it is the same as the one provided by the mcumgr client, and if so,
will prevent erasure/uploading the same image data.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This adds the dummy shell buffer size to the shell_mgmt
configuration to allow ease of changing it.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The img_mgmt_erase could return MGMT_ERR_EOK even when
img_mgmt_impl_erase_slot failed.
Fixes#50522
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes an issue with img_mgmt whereby the if check for a slot3
partition is using the wrong case for the partition name.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Moves a .h file added outside of the zephyr include folder to be
within the zephyr include folder.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This header provides original BOOT_MAX_ALIGN definition.
This definition is used indirectly by the code this
patch modifies.
Let's use it instead of copy from mcuboot.h
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The options should enable verbose responses in error responses
to SMP command processing, but has been broen when the code
has been ported to zcbor.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
If the is no update from the server, the _links will be NULL.
Check if it is NULL before trying to LOG these strings.
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
There are warnings when building fs_mgmt with hash/checksum
functionality enabled due to array access and a wrong variable type
being used.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
zcbor supports native zcbor_size_ functions for some time now,
so there is no need to have local zcbor_size_ definitions.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes an issue with outgoing mcumgr frames that are larger than the
transport MTU size whereby they would wrongly be split up into multiple
frames with multiple start frame headers, which affected SMP over
console transports.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The lib/transport directory has been moved up, directly under the
subsys/mgmt/mcumgr, and all transport files have been moved to
that directory.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes an issue introduced when the mcumgr code was simplified whereby
the newer compressed free function call wrongly passes a pointer to a
pointer instead of the pointer itself.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue with the connection reference not being decremented
at the end of the outgoing notification function resulting in an
ever-increasing connection count.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The static function img_mgmt_flash_check_empty is only used if
CONFIG_IMG_ERASE_PROGRESSIVELY isn't set.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
This adds a dummy SMP backend which can be used for unit testing or
virtual interface purposes.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
Adds the runtime tick count of threads to mcumgr's taskstat response,
if CONFIG_SCHED_THREAD_USAGE is enabled, which reports the number of
execution cycles that each thread has been running for.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue with Bluetooth notification sending whereby it does
not wait for buffers to become available and can error out if
unable to get a buffer once.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issues where the system work queue can become a source of
contention and cause a deadlock by moving MCUMGR SMP processing to its
own dedicated work queue.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The Kconfig for MCUMgr management source code (service registration,
group registration, and so on) has been moved to the sub-dir with
the code.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
By default, thread priorities in mcumgr task stat responses are
unsigned, whilst in zephyr, thread priorities are signed. This means
that clients get obscenely large numbers for priorities that make no
sense. The fork of mcumgr has been in zephyr long enough now that
this should be changed to use signed thread priorities by default
instead of sticking with the old mcumgr default.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit removes declarations of:
zephyr_smp_rx_req, zephyr_smp_alloc_rsp, zephyr_smp_free_buf
from include/zephyr/mgmt/mcumgr/smp.h, as these are MCUMgr internal
functions used in SMP processing and should be not exposed
from header file that provides interface for SMP transports.
The declarations have been moved to smp_internal.h, which is
visible within MCUMgr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Use c99 format specifier macros to remove build warnings when building
for `native_posix[_64]`.
Signed-off-by: Marc Lasch <marc.lasch@husqvarnagroup.com>
The commit switches flash area access from FLASH_AREA_ macros
to FIXED_PARTITION_ macros and to usage of DTS node labels,
to identify partitions, instead of label property.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit switches flash area access from FLASH_AREA_ macros
to FIXED_PARTITION_ macros and to usage of DTS node labels,
to identify partitions, instead of label property.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The conditional block linking mbedTLS for checksum calculation
in FS commands have been moved to CMakeLists.txt responsible
for compiling these commands.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Fix include order to avoid redefinition of `ARRAY_SIZE`, because
`sys/util.h` and `zcbor_common.h` both define it, but `sys/util.h` does
not protect against redefinition.
Signed-off-by: Fabio Utzig <utzig@tumenibits.com>
Allows selecting which slot will be erased, will default back to
slot 1 as it would do in previous versions if the optional parameter
is not provided
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This prevents the shell command response code conflicting with the
mcumgr response code, which are 2 distinct variable types
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes a race condition when listing task status using mcumgr whereby
if a thread status changes, it could cause unpredictable output for
the command.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Reduces the level of indirection for functions by calling the zephyr
functions directly as support for multiple operating systems is no
longer required with mcumgr being forked and placed into the zephyr
tree. Saves 60 bytes flash when compiling smp_svr on an ARM Cortex
M4 board.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Switches to using Zephyr's single linked list implementation for
group management objects instead of duplicating functionality for
mcumgr only.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Resolves an issue with processors that do not support unaligned memory
access when using img_mgmt functions, e.g. ARM Cortex M0, by marking
structures as packed.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Many device pointers are initialized at compile and never changed. This
means that the device pointer can be constified (immutable).
Automated using:
```
perl -i -pe 's/const struct device \*(?!const)(.*)= DEVICE/const struct
device *const $1= DEVICE/g' **/*.c
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Initialize the `hints` struct to a known value so that it won't
cause undetermined behavior when used in `getaddrinfo()`.
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
Move from using Kconfig OSDP_UART_DEV_NAME to a devicetree
chosen property ("zephyr,osdp-uart"). This is similar to a number
of other functions like "zephyr,shell-uart" or "zephyr,bt-uart".
Changed the integration platform for the osdp samples to
stm32_min_dev_black as it already has zephyr,osdp-uart set.
Signed-off-by: Kumar Gala <galak@kernel.org>
We noticed that in the master branch, updatehub fails to start.
That is because of the behaviour change in bin2hex caused by
commit f2affbd ("os: lib: bin2hex: fix memory overwrite").
Fixes: f2affbd973 ("os: lib: bin2hex: fix memory overwrite")
Signed-off-by: Yudong Zhang <mtwget@gmail.com>
We are working on phasing out use of the devicetree 'label'
property. We can use DEVICE_DT_GET and drop use of DT_LABEL.
Signed-off-by: Kumar Gala <galak@kernel.org>
If the POSIX API is selected via the POSIX_API option, don't also select
the conflicting NET_SOCKETS_POSIX_NAMES and use the POSIX headers instead.
Signed-off-by: Berend Ozceri <berend@recogni.com>
Logging v1 has been removed and log_strdup wrapper function is no
longer needed. Removing the function and its use in the tree.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The img_mgmt_impl_erase_if_needed was only called when
CONFIG_IMG_ERASE_PROGRESSIVELY is y, and it does nothing anyway;
because the function always returns 0, and does nothing,
neither the function no result processing, from a call to the
function, is needed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The function is no longer needed with fix provided by commit
aa5d20aaef (storage/flash_map: Return -ENODEV from flash_area_open).
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Image management state, struct img_mgmt_state, has been defining
sector_id and sector_end variables, supposed to be used by
progressive erase feature, that have no use in code.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The img_mgmt_upload has been overriding return codes of several
utility function calls with MGMT_ERR_EUNKNOWN, even though
these utility functions would be returning MGMT_ERR_* type codes
already, overshadowing real reason of failure.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit changes types of image, size and offset elements of
img_mgmt_upload_req structure from unsigned long long to size_t.
This commit also fixes comments and conditional statements, where
these identifiers have been compared against -1, although they have
been clearly defined as unsigned.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Files including <zephyr/kernel.h> do not have to include
<zephyr/zephyr.h>, a shim to <zephyr/kernel.h>.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The img_mgmt_upload was getting into loop with requesting
offset 0 from mcumgr, when requested to re-try upload after
write fails.
Because it is not really possible to recover from write fail,
at least currently, the commit changes code to reset upload
state in a case of write error and return an error code.
Now, when write fails, an error will be returned and upload
process will be stopped and reset; upload re-try will behave
as a new upload has been requested.
Fixes#44219
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The offset is checked, for correctness, before the function
img_mgmt_impl_write_image_data is called, so it is redundant to
do the same check within it.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Special function for supporting various types of buffers,
via provided callbacks, is no longer needed when net_buf is the
only type of transport buffer used by mcumgr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The additional logic of zephyr_smp_trim_front is no longer needed
and net_buf_pul can be directly used to trim front of net_buf
response when fragmenting.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit fixes issue where image management would switch to using
heap, whether developer wanted or not, when CONFIG_HEAP_MEM_POOL
gets value greater than zero.
Now when heap is enabled the user can select whether image management
will keep on using static variable, taking static RAM, or will use
heap to allocate the flash image context only when needed.
For this purpose CONFIG_IMG_MGMT_USE_HEAP_FOR_FLASH_IMG_CONTEXT
has been added, which is available when CONFIG_HEAP_MEM_POOL is enabled.
Fixes#44214
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit replaces direct access to flash_img_context, for the
purpose of checking how much data has been written, with call
to the flash_img_bytes_written.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Somehow two files in subsys/mgmt/mcumgr/lib/cmd/img_mgmt/src ended up
using STRINGIFY but nothing in their include path ended up pulling in
zephyr/toolchain/common.h. Include that via zephyr/toolchain.h.
v2:
Use non-internal zephyr/toolchain.h header
Signed-off-by: Keith Packard <keithp@keithp.com>
The description suggested logging information while it never
was the case: it was about adding additional "rsn":value pair
to an SMP response.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds few missing zephyr/ prefixes to leftover #include statements that
either got added recently or were using double quote format.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
It is possible, in case of two application images, to have no access
to one of devices of the secondary image.
When asserts are enabled, such situation causes crash even though the
image list command can handle it with no problem.
The commit removes the assert and adds additional swap type:
IMG_MGMT_SWAP_TYPE_UNKNOWN to indicate situations where it was
not possible to obtain swap type from boot_util.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit replaces MGMT_ERR_ENOMEM with MGMT_ERR_EMSGSIZE where it
was used to indicate that SMP response does not fit in response
buffer.
Fixes#44535
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit fixes incorrect value being passed as used stack
information and also prevents compilation error when
CONFIG_INIT_STACKS is n.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
In other places, img_mgmt_dfu_stopped() is called when
a failure occurs and the DFU cannot be continued. In this
place, however, the function is called on success which
does not seem to be correct.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
By default the newlib does not compile with %hhu processing,
to avoid turning on additional options for newlib compilation
this commit changes formatting string to use %hu instead.
The commit fixes problem with malformed version string being
returned, by smp_svr, when CONFIG_NEWLIB_LIBC=y is set together
with CONFIG_NEWLIB_LIBC_NANO=y.
Fixes#45261
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This allows an application to inspect a mcumgr img upload command to
provide additional information for acceptance or rejection of it, and
makes the previous private version compare function public so that
application code can call it.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
This allows an application to inspect a mcumgr file access command and
either allow it or deny it with a result code.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The commit adds change to image management list where "<???>"
will be returned as version string in case when version to string
conversion fails.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The ull_to_s, which is used to covert ints to string, has been
replaced with snprintf.
Above also fixes a bug where ull_to_s has been given INT_MAX as allowed
output string, while it should be given maiximum allowed buffer size.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Commit removes mgmt_streamer_reset_buf from mcumgr lib,
and supporting Zephyr function zephyr_smp_reset_buf.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This allows an application to inspect a mcumgr os reset command and
either allow it or deny it with a result code.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
The zcbor_bulk_priv.h uses STRINGIFY for some of definitions
and, due to lack of inclusion of the toolchain.h, that was causing
compilation errors when NEWLIB would be selected.
Fixes#44811.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This adds a hash/checksum mcumgr handler to the file management commands
which can be used to get a hask or checksum of a file, and includes
handler implementations for IEEE CRC32 and SHA256.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
This adds a command handler to the file management mcumgr system to get
the status of a file without needing to return file data (currently
reporting the file size).
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
The zephyr_grp log module name was incorrectly named
MGMT_SETTINGS and module registration has been using module name
mgmt_zephyr_basic, which is also incorrect.
Both have been changed to mcumgr_zephyr_grp.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds transport dedicated menu and gathers all transport
options under that menu; each transport gets its own menu, witch
gathers options specific for that transport
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Adds new command that allows to retrieve MCUMGR parameters.
Currently the command returns MCUMGR buffer size and count.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The IMG_MGMT_UL_CHUNK_SIZE is no longer used to control size of
intermediate buffer used for application image chunk processing,
instead directly request trasport buffer is used.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The echo sentence is now directly copied from request transport
buffer to response buffer, without use of intermediate buffer.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Now the chunk of uploaded file is directly read from the transport
buffer, net_buf, and is no longer copied into intermediate buffer
so the real size of chunk is actually how much the sender could
fit into MCUMGR_BUF_SIZE, less the other fields.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds private, for internal mcumgr use only, utility
function for bulk processing of CBOR map entries.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit switches OS group commands to use zcbor instead
of TinyCBOR for processing SMP requests.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Removes no longer needed elements of struct mgmt_ctxt.
Removes mgmt_ctxt_init, mgmt_streamer_init_reader and init_reader
from struct mgmt_streamer_cfg as they are no longer needed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit removes cbor_decoder_reader from cbo_nb_reader and
adds zcbor state variable to the structure.
All the code that has been supporting the cbor_decder_reader
has been removed and/or replaced with zcbor/net_buf specific.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Replaces TinyCBOR cbor_decoder_reader with cbor_nb_reader in
SMP processing code.
The SMP source code has been relying on internal elements of the
cbor_decoder_reader and had to be rewritten to use net_buf
structures, that are part of cbor_nb_reader, instead.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
With transition to zcbor, the cbor_encoder_writer structure of
TinyCBOR is no longer used.
This commit replaces the structure with cbor_nb_writer, which
gathers zcbor processing structure with netbuf into one object.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit modifies cbor_nb_writer to handle zcbor.
Proper initialization code has been added to cbor_nb_writer_init.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Add a name for the choice of authentication modes so that it
can be default to a certain type in project's Kconfig.
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
The commit splits the main mcumgr Kconfigs into primary Kconfig
that collect general mcumgr options for Zephyr (Zephyr specific
commands, transports, and so on), into lib/Kconfig
that collects library options and command groups' Kconfigs.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Previously, the hash of the firmware is checked while we are
downloading the firmware. This isn't ideal as the validity of
the firmware written into the flash is not verified and can be
corrupted. Furthermore, checking while downloading will have an
negative impact to the download speed as the CPU need to do
more work during the data transfer.
This PR removes the previous verify-hash-while-download
implementation and use the flash_img_check API instead.
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
After the firmware is downloaded in hawkbit_probe, a series of
operations are done by using the fact that the conditions of
an if-else statement will be ran until a match.
This patches separate these condition into individual
if-condition for better readability
Signed-off-by: Yong Cong Sin <yongcong.sin@gmail.com>
The commit add checks whether frame received from BT transport
will really fit into allocated net_buf form mcumgr.
Fixes: #44271
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit moves shell command buffer to stack and changes
initialization to just just put null at the beginning, before calling
a function that will fill in the buffer, and at the end, after the call.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Moves Zephyr specific code to common source file and removes
no longer needed interface headers.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit makes stats collection conditional so in case when
CBOR container encoding fails the stats collecting function
will not be called.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes a twister test issue whereby handler_found and valid_hdr variables
are checked prior to being set.
Signed-off-by: Jamie McCrae <jamie.mccrae@lairdconnect.com>
The IMG_MGMT_VERBOSE_ERR Kconfig option has not been really working
since the SMP response that it would setup was reset in case of
error, so in any instance that it would actually be used.
Fixes#32545
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for passing "rsn" explanation strings,
for "rc" code, in error SMP responses.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The zephyr_fs_mgmt_truncate has been replaced with fs_unlink
since there is no point to specially check for file existence
before just removing it.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The fs_mgmt_file_upload_rsp has been renamed fs_mgmt_file_rsp
and is used everywhere where "rc" code and "off" is placed into
response, instead of duplicating code that does the task.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
