Commit graph

96 commits

Author SHA1 Message Date
Anas Nashif 83508a5677 cleanup: include/: move flash_map.h to storage/flash_map.h
move flash_map.h to storage/flash_map.h and
create a shim for backward-compatibility.

No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.

Related to #16539

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2019-06-27 22:55:49 -04:00
Andrzej Puzdrowski f51e3c2960 dfu/boot: make swap_type optional
Swap_type field implementation is the new mcuboot's trailer field.
This patch makes using of it optional which keeps possibility of being
compatible with older versions of MCUBoot.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-06-18 11:09:16 +02:00
Andrzej Puzdrowski b1e1774cd4 dfu/boot: double swap on interrupted revert bugfix adaptation
Mcuboot changed TLV in PR: Fix double swap on interrupted revert
(https://github.com/JuulLabs-OSS/mcuboot/pull/485)

Above bugfix changes a little way for upgrade request.

This path introduces re-formatted original mcuboot bootutil_misc.c
code as much as it was reasonable which includes the bugfix
adaptation and support for devices witch have bite erased sate different
than 1 as well.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-06-18 11:09:16 +02:00
Ulf Magnusson 6c55bb446c dfu: kconfig: Remove 'DFU Options' menu
This menu contains just the IMG_MANAGER symbol and its children. Remove
one menu level by making IMG_MANAGER a top-level 'menuconfig' symbol
instead.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2019-05-15 05:02:32 -05:00
Andrzej Puzdrowski c2f08dadf0 dfu/img_util: : non-secure app support
In non-secure Trustzone application dedicated flash non-secure
partition are used instead of regular one, which become secure
partition in Trustzone collaboration model.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-05-08 20:02:50 -04:00
Dennis Wildmark af98cd7b9c DFU: img util: Fixed warnings when compiling with newlib
Fixed format error when compiling with gcc and newlib.
Used standard formats (%u) instead of inttypes formats (PRIxxx)
since Zephyr redefines the standard formats, that way it should always
be in line with the Zephyr types.

Compiled with and without newlib using gcc.

Signed-off-by: Dennis Wildmark <dennis.wildmark@assaabloy.com>
2019-05-07 09:00:39 -04:00
Andrzej Puzdrowski dffcfd8c79 dfu: introduce progressive erasing
Patch adds option for progressive erase of firmware image.
When using this, flash is erased as necessary when receiving
new firmware, instead of erasing the whole image slot at once.
This is useful on some hardware (like nRF52840) that has
long erase times, to prevent long wait times at the beginning
of the DFU process.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-04-28 12:20:01 -04:00
Andrzej Puzdrowski a819d1628b dfu/boot: Replace flash partitioning terminology
Changed image terminology to the same which is used by
mcuboot after https://github.com/JuulLabs-OSS/mcuboot/pull/440

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-04-18 12:22:48 -04:00
Andrzej Puzdrowski 945f9c7d54 dfu/boot: non-secure app support
In non-secure Trustzone application dedicated flash non-secure
partition are used instead of regular one, which become secure
partition in Trustzone collaboration model.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2019-04-18 12:22:48 -04:00
Anas Nashif 3ae52624ff license: cleanup: add SPDX Apache-2.0 license identifier
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier.  Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.

By default all files without license information are under the default
license of Zephyr, which is Apache version 2.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2019-04-07 08:45:22 -04:00
Patrik Flykt 24d71431e9 all: Add 'U' suffix when using unsigned variables
Add a 'U' suffix to values when computing and comparing against
unsigned variables.

Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
2019-03-28 17:15:58 -05:00
Ulf Magnusson 747cc7129a kconfig: subsys: dfu: Remove redundant IMG_MANAGER dep.
Appears within an 'if IMG_MANAGER'.

'if FOO' is just shorthand for adding 'depends on FOO' to each item
within the 'if'. Dependencies on menus work similarly. There are no
"conditional includes" in Kconfig, so 'if FOO' has no special meaning
around a source. Conditional includes wouldn't be possible, because an
if condition could include (directly or indirectly) forward references
to symbols not defined yet.

Tip: When adding a symbol, check its dependencies in the menuconfig
('ninja menuconfig', then / to jump to the symbol). The menuconfig also
shows how the file with the symbol got included, so if you see
duplicated dependencies, it's easy to hunt down where they come from.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2019-03-09 10:03:45 -05:00
Anas Nashif 996c252e51 dfu: mcuboot: rename boot_swap_type> mcuboot_swap_type
This function conflicts with a function of the same name in mcuboot.
This happens when building USB DFU support into mcuboot.

DFU over USB uses image manager and mcuboot internals to manage images
downloaded to the device.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2019-02-19 09:32:02 +01:00
Kumar Gala 67a7b43fc9 dfu: img_util: Convert FLASH_WRITE_BLOCK_SIZE to DT_
Use DT_FLASH_WRITE_BLOCK_SIZE prefixed defined instead of
FLASH_WRITE_BLOCK_SIZE as the non-DT version is deprecated.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2019-02-08 22:39:07 -06:00
Kumar Gala 9237dbee4e dfu: boot: mcuboot: Convert FLASH_WRITE_BLOCK_SIZE to DT_
Use DT_FLASH_WRITE_BLOCK_SIZE prefixed defined instead of
FLASH_WRITE_BLOCK_SIZE as the non-DT version is deprecated.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2019-02-08 22:39:07 -06:00
Kumar Gala a5c1bb59e0 dfu: boot: mcuboot: Convert FLASH_AREA to DT_FLASH_AREA
Use DT_FLASH_AREA prefixed defined instead of FLASH_AREA as the non-DT
version is deprecated.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2019-02-08 22:39:07 -06:00
Findlay Feng 2d2e1614b5 dfu/flash_img: use flash_map instead of flash API
Patch introduces flash_map subsystem to operate on flash
image instead of direct operation using flash_driver API.
Changes allows to support operation on the image in any flash
device.

flash_map was not available when this subsystem was introduced.

Signed-off-by: Findlay Feng <i@fengch.me>
2019-02-08 09:13:09 -06:00
Findlay Feng 04bf2e1bd1 dfu/mcuboot: use flash_map instead of flash API
Patch introduces flash_map subsystem to operate on flash
footprint instead of direct operation using flash_driver API.
Flash area ID is used in API instead of direct flash-bank-offsets.
Changes allows to support operation on the partition in any flash
device.

flash_map was not available when this subsystem was introduced.

Signed-off-by: Findlay Feng <i@fengch.me>
2019-02-08 09:13:09 -06:00
Kumar Gala 93d0f8c58d dfu: Fix build issue with gcc8
We get the following warning when buiding with gcc8:

	error: 'packed' attribute ignored for type 'u32_t *'
	{aka 'unsigned int *'} [-Werror=attributes]

Use UNALIGNED_GET() to access the data since we don't know the
alignment.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2019-01-31 03:13:52 -06:00
Jan Van Winkel 8fb4384927 dfu: Cast offset to u32_t before calling LOG
Cast offset to u32_t before printing in hexadecimal form.

Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
2019-01-07 16:07:03 -05:00
Savinay Dharmappa b9b8daa3bc samples: subsys: usb: dfu: Fix build error for intel_s1000
intel_s1000 uses DT_SPI_NOR_DRV_NAME instead of DT_FLASH_DEV_NAME
for device binding of flash device.

Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
2018-12-30 16:24:33 -05:00
Andrzej Głąbek 20202902f2 dts_fixups: Use DT_ prefix in all defined labels not related to Kconfig
These changes were obtained by running a script  created by
Ulf Magnusson <Ulf.Magnusson@nordicsemi.no> for the following
specification:

1. Read the contents of all dts_fixup.h files in Zephyr
2. Check the left-hand side of the #define macros (i.e. the X in
   #define X Y)
3. Check if that name is also the name of a Kconfig option
   3.a If it is, then do nothing
   3.b If it is not, then replace CONFIG_ with DT_ or add DT_ if it
       has neither of these two prefixes
4. Replace the use of the changed #define in the code itself
   (.c, .h, .ld)

Additionally, some tweaks had to be added to this script to catch some
of the macros used in the code in a parameterized form, e.g.:
- CONFIG_GPIO_STM32_GPIO##__SUFFIX##_BASE_ADDRESS
- CONFIG_UART_##idx##_TX_PIN
- I2C_SBCON_##_num##_BASE_ADDR
and to prevent adding DT_ prefix to the following symbols:
- FLASH_START
- FLASH_SIZE
- SRAM_START
- SRAM_SIZE
- _ROM_ADDR
- _ROM_SIZE
- _RAM_ADDR
- _RAM_SIZE
which are surprisingly also defined in some dts_fixup.h files.

Finally, some manual corrections had to be done as well:
- name##_IRQ -> DT_##name##_IRQ in uart_stm32.c

Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
2018-11-13 10:44:42 -06:00
Anas Nashif c01339554b dfu: image_mgr: make Kconfigs depend on IMG_MANAGER
Add an if statement around IMG_MANAGER options.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2018-11-02 15:31:44 -05:00
Kumar Gala cabdf5e9dd subsys: Remove board.h include
The subsys code doesn't need anything from board.h so lets remove the
include.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2018-11-01 13:15:18 +01:00
Anas Nashif 7dea257e92 dfu: log: rename level variable
Rename log level variable:
CONFIG_LOG_IMG_MANAGER_LEVEL to CONFIG_IMG_MANAGER_LOG_LEVEL

Use template for log levels.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2018-10-08 17:49:12 -04:00
Olivier Martin 1e630baa02 subsys: dfu: Migrate to new logging subsys
Migrate from `SYS_LOG` to `LOG` logging mechanism.

Signed-off-by: Olivier Martin <olivier.martin@proglove.de>
2018-10-08 17:49:12 -04:00
Flavio Ceolin da49f2e440 coccicnelle: Ignore return of memset
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.

The only directory excluded directory was ext/* since it contains
only imported code.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
2018-09-14 16:55:37 -04:00
Ulf Magnusson 8cf8db3a73 Kconfig: Use a short, consistent style for prompts
Consistently use

    config FOO
            bool/int/hex/string "Prompt text"

instead of

    config FOO
            bool/int/hex/string
            prompt "Prompt text"

(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).

The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.

Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/
how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2018-08-15 04:10:10 -07:00
Ulf Magnusson 1073882998 subsys: kconfig: Remove 'default n' properties and clean up a bit
Bool symbols implicitly default to 'n'.

A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.

Remove some 'default ""' properties on string symbols too.

Also make definitions more consistent by converting some

  config FOO
  	<type>
  	prompt "foo"

definitions to a shorter form:

  config FOO
  	<type> "foo"

This shorthand works for int/hex/string symbols too, not just for bool
symbols.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2018-07-12 23:13:22 -04:00
Ismael Fillonneau 4535b9443d subsys: dfu: img_util: Fix warning with ERR log
GCC complains because of wrong format. commit based on #7412

Signed-off-by: Ismael Fillonneau <ismael.fillonneau@stimio.fr>
2018-06-28 13:02:42 +02:00
Christopher Collins f31245d365 subsys: dfu: boot: Remove unused ver query code.
Duplicate code to query was mistakenly added in commit
2ad7ccdb2d.  This code is redundant; the
existing `boot_read_bank_header()` function can read the version from
both image banks.

Signed-off-by: Christopher Collins <ccollins@apache.org>
2018-02-21 18:53:42 -05:00
Christopher Collins 2ad7ccdb2d subsys: dfu: boot: mcuboot: Query current img ver
Allow a running image to query its own version number.

Signed-off-by: Christopher Collins <ccollins@apache.org>
2018-02-20 22:07:52 +01:00
Christopher Collins 7b27fa6d5a subsys: dfu: boot: Allow inspection of boot state.
Exposes the operation that MCUboot will perform on the next reboot
(e.g., stay on current image, swap to alternate image, etc.).

Signed-off-by: Christopher Collins <ccollins@apache.org>
2018-02-20 22:07:52 +01:00
Erwan Gouriou c734c2972f flash: remove obsolete FLASH_DRIVER_NAME
Replace seldom occurrences of FLASH_DRIVER_NAME by equivalent
and commonly used FLASH_DEV_NAME.

Fixes #5919.

Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
2018-02-06 11:48:53 -06:00
Marti Bolivar e2c9be1a18 dfu: mcuboot: add boot_read_bank_header()
This is an accessor function for the MCUboot image header of an image
bank. The interface may seem a little cumbersome, but it is
future-proof against MCUboot feature and incompatible header version
changes.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-02-05 06:42:15 -08:00
Marti Bolivar 01aa12bffd dfu: mcuboot: add boot_is_img_confirmed()
Applications chainloaded by MCUboot may want to change their behavior
based on whether or not they are confirmed.

Here are some examples:

  - performing a built-in self test (BIST) if the image is not yet
    confirmed, and marking it OK if it passes (this enables reverting
    to an older working image if the BIST fails, and allows future
    resets to skip the BIST if it passes to improve boot time)

  - interacting with persistent metadata related to image state on
    other flash partitions during test upgrades (these are required in
    cases when the update source provides runtime metadata, such as
    monotonic counters, related to an upgrade attempt which must be
    used to report results)

To enable these use cases, add boot_is_img_confirmed(), which reads
the "image OK" field for the current firmware image and returns true
if and only if it is set.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-02-05 06:42:15 -08:00
Marti Bolivar 4877dd22ea dfu: mcuboot: delete misleading comment
There is more information in the trailer than indicated by this comment.

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-02-05 06:42:15 -08:00
Marti Bolivar 389060fb00 dfu: mcuboot: don't use magic when confirming image
The current implementation of boot_write_img_confirmed() does not
write the image OK byte in flash bank 0 if the magic "request upgrade"
bytes in that bank are "good". This is not robust behavior.

The MCUboot design document has this to say about the image OK byte:

   Upgrading an old image with a new one by swapping can be a two-step
   process. In this process, mcuboot performs a "test" swap of image
   data in flash and boots the new image. The new image can then
   update the contents of flash at runtime to mark itself "OK", and
   mcuboot will then still choose to run it during the next boot.

   [...]

    4. Image OK: A single byte indicating whether the image in this
       slot has been confirmed as good by the user (0x01=confirmed;
       0xff=not confirmed).

This says nothing about the magic bytes, so it'd be better not to make
assumptions about their effect here.

Further, MCUboot itself does not use the magic field when marking the
only known-good image on flash "OK" after either reverting a failed
upgrade or refusing to boot an upgrade iamge with an invalid
signature: instead, it unconditionally ensures the Image OK byte is
set to 0x01.

For consistency with MCUboot's design and implementation, remove the
lines that look at the magic bytes from boot_write_img_confirmed().

Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
2018-02-05 06:42:15 -08:00
Anas Nashif 429c2a4d9d kconfig: fix help syntax and add spaces
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2017-12-13 17:43:28 -06:00
Sebastian Bøe 0829ddfe9a kbuild: Removed KBuild
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
2017-11-08 20:00:22 -05:00
Sebastian Bøe 12f8f76165 Introduce cmake-based rewrite of KBuild
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.

Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.

This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.

For users that just want to continue their work with minimal
disruption the following should suffice:

Install CMake 3.8.2+

Port any out-of-tree Makefiles to CMake.

Learn the absolute minimum about the new command line interface:

$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..

$ cd build
$ make

PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html

Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
2017-11-08 20:00:22 -05:00
Marti Bolivar 313b20d648 dfu: replace FLASH_ALIGN with FLASH_WRITE_BLOCK_SIZE
Use the define generated by the DTS instead of using the FLASH_ALIGN
alias. The latter is an internal mcuboot name. We shouldn't need it in
Zephyr itself.

Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
2017-10-06 22:12:23 -04:00
Anas Nashif e5ffa66d84 dfu: fix includes
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2017-10-03 14:50:14 -04:00
Anas Nashif db4eba64da dfu: img_util: move flash defines to SoC
mcuboot_constraints.h had FLASH information related to the SoC that
should be maintained as part of the SoC and not in the subsystem. Also
fixed Makefiles to check for IMG_UTIL Kconfig and not MCUBOOT.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2017-09-21 06:46:27 -04:00
Andrzej Puzdrowski 25c6610a65 DFU: add module for store the image
Store image in sequence of certain blocks.
Module is intended to be use by a higher-level
image management protocol module

Signed-off-by: Michael Scott <michael.scott@linaro.org>
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2017-09-11 11:37:43 -04:00
Andrzej Puzdrowski 49fccdd2ea DFU: add module for interact with mcuboot
read, update status
trigger flashing
erase image bank
Module is intended to be use by a higher-level
image management protocol module.

Signed-off-by: Fabio Utzig <utzig@apache.org>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2017-09-11 11:37:43 -04:00