Commit Graph

70 Commits

Author SHA1 Message Date
Ulf Lilleengen
a34331ae5f Refactor firmware updater
* Allow manipulating state without accessing DFU partition.
* Provide aligned buffer when creating updater to reduce potential wrong parameters passed.
2023-08-06 19:46:53 +02:00
Ulf Lilleengen
76659d9003 Prevent accidental revert when using firmware updater
This change prevents accidentally overwriting the previous firmware before
the new one has been marked as booted.
2023-06-19 22:39:00 +02:00
Rasmus Melchior Jacobsen
c22d2b5b5b Remove unused use's 2023-05-30 14:15:52 +02:00
Rasmus Melchior Jacobsen
b703db4c09 Fix verify test 2023-05-30 14:07:35 +02:00
Rasmus Melchior Jacobsen
c6a984f506 Align tests 2023-05-30 13:55:49 +02:00
Rasmus Melchior Jacobsen
551f76c700 Remove legacy Partition type and use the one from embedded-hal 2023-05-30 13:44:12 +02:00
Rasmus Melchior Jacobsen
b23e40f722 Add TestFlash helper 2023-05-30 13:41:10 +02:00
Rasmus Melchior Jacobsen
1cd87f0028 Cleanup MemFlash 2023-05-30 13:40:04 +02:00
Rasmus Melchior Jacobsen
c5ec453ec1 Add bootloader helper for creating config from linkerfile symbols 2023-05-30 13:38:00 +02:00
Rasmus Melchior Jacobsen
5205b5b095 Split FirmwareUpdater into async and blocking types 2023-05-30 13:36:42 +02:00
Rasmus Melchior Jacobsen
94046f30ff Remove the usage of the local Partition type in BootLoader 2023-05-29 22:00:44 +02:00
Rasmus Melchior Jacobsen
c844894a6e Split the FirmwareUpdater into blocking and async 2023-05-29 21:29:13 +02:00
Rasmus Melchior Jacobsen
18c62aa5b4 Protect default implementations for FirmwareUpdater and BootLoader
It seems as if the arm compiler can does not care about whether the bootloader symbols are undefined if the default() function is never used. The x64 compiler does care however, so this change ensures that we can instantiate the types from tests.
2023-05-22 11:32:39 +02:00
Dario Nieuwenhuis
9f7392474b Update Rust nightly. 2023-05-19 17:12:39 +02:00
sander
a73f9474a0 embassy-boot: ensure tests can run on the stable compiler 2023-04-20 10:56:59 +02:00
sander
3002ee0dcf embassy-boot: add nightly feature gate for async usage 2023-04-14 11:27:23 +02:00
sander
f51cbebffd embassy-boot: add nightly feature gates 2023-04-11 13:49:32 +02:00
sander
c309797488 merge embassy/master 2023-04-11 13:48:34 +02:00
Rasmus Melchior Jacobsen
d3ce64254a Let update_len be u32 2023-04-11 07:46:05 +02:00
Rasmus Melchior Jacobsen
d8c92c53d6 Merge remote-tracking branch 'upstream/master' into u32-partition 2023-04-11 07:36:23 +02:00
Rasmus Melchior Jacobsen
7e5ead78fe Remove firmware_len 2023-04-05 08:28:46 +02:00
Rasmus Melchior Jacobsen
2deb2c624c Let Partition range be u32 instead of usize 2023-04-05 08:28:31 +02:00
Rasmus Melchior Jacobsen
d8e2f82569 Let update_len be usize for now 2023-04-05 07:11:52 +02:00
Rasmus Melchior Jacobsen
043b3072c4 Merge remote-tracking branch 'upstream/master' into incremental-hash 2023-04-05 06:55:38 +02:00
Rasmus Melchior Jacobsen
e962fe794c Add assertions about the aligned_buf % write sizes 2023-04-04 21:57:28 +02:00
Rasmus Melchior Jacobsen
78e6b4d261 Remove comment about equal erase size requirement 2023-04-04 21:43:18 +02:00
Rasmus Melchior Jacobsen
53efb02900 Allow different erase sizes for active and dfu 2023-04-04 21:30:49 +02:00
Rasmus Melchior Jacobsen
6c93309df4 Remove the Flash trait 2023-04-04 21:18:41 +02:00
Rasmus Melchior Jacobsen
25577e0eaf Assert active and dfu have same erase size and copy in smaller chunks
The copy from active to dfu (and vice versa) is now done in smaller portions depending on aligned_buf, which now does not need to be erase_size big.
2023-04-04 21:09:30 +02:00
Rasmus Melchior Jacobsen
9242ad89d4 Remove magic buffer argument from prepare_boot
and use the aligned page buffer instead
2023-04-04 20:25:55 +02:00
Rasmus Melchior Jacobsen
8256ac1044 Use MemFlash::default() in sha1 verify test 2023-04-04 19:07:45 +02:00
Rasmus Melchior Jacobsen
54b82d9966 Merge remote-tracking branch 'upstream/master' into incremental-hash 2023-04-04 19:06:14 +02:00
bors[bot]
3ede5667d4
Merge #1324 #1327
1324: Add MCO support for L4 and F4 families r=Dirbaio a=m-dupont

Add MCO support for L4 and F4 as already done in F7. 

When the 'HSI' source is selected as MCO source, 'HSI' is activated (`set_hsion(true)`) . This is done to operate the MCO in case 'MSI' is chosen as the clock source for the CPU. The same applies to PLL, etc.

1327: Avoid write before erase r=Dirbaio a=rmja

This introduces an additional marker to the state partition right after the magic which indicates whether the current progress is valid or not. Validation in tests that we never write without an erase is added.

There is currently a FIXME in the FirmwareUpdater. Let me know if we should take the erase value as a parameter. I opened a feature request in embedded-storage to get this value in the trait. Before this, the assumption about ERASE_VALUE=0xFF was the same.

I have made some thoughts about whether this is a breaking change between the app and firmware, i.e. whether adding the "Progress valid" field is breaking. My conclusion is that it is not a breaking change. For the case where an app uses this new FirmwareUpdater together with an old bootloader, what it now does, is that it:

1. Writes the progress valid field to all zeros. This field is not known in the old bootloader, so it actually writes a "current progress" index.
2. The entire state partition is erased - effectively removing any trace of 1.
3. Set magic

This should be compatible.


Co-authored-by: Mathieu Dupont <mdupont@cppm.in2p3.fr>
Co-authored-by: Rasmus Melchior Jacobsen <rmja@laesoe.org>
2023-04-04 14:59:10 +00:00
Rasmus Melchior Jacobsen
803c09c300 Expose read/write/erase on partition 2023-04-04 12:50:53 +02:00
Rasmus Melchior Jacobsen
5e19fb6fb9 Fix compile error when verification is enabled 2023-04-04 12:36:50 +02:00
Rasmus Melchior Jacobsen
c38eb9660b Merge remote-tracking branch 'upstream/master' into avoid-write-before-erase 2023-04-04 12:29:24 +02:00
Rasmus Melchior Jacobsen
7c6936a2e3 Let hash functions take a digest::Digest trait
... and add adapters for current Sha512 implementations that does not inplement the Digest trait
2023-04-04 12:24:30 +02:00
Rasmus Melchior Jacobsen
c94f1e1450 Merge remote-tracking branch 'upstream/master' into incremental-hash 2023-04-04 07:58:16 +02:00
Rasmus Melchior Jacobsen
df3a1e1b9d Avoid write to not-erased magic
This introduces an additional marker to the state partition right after the magic which indicates whether the current progress is valid or not. Validation in tests that we never write without an erase is added.

There is currently a FIXME in the FirmwareUpdater. Let me know if we should take the erase value as a parameter. I opened a feature request in embedded-storage to get this value in the trait. Before this, the assumption about ERASE_VALUE=0xFF was the same.
2023-04-04 07:18:29 +02:00
Rasmus Melchior Jacobsen
7c11d85e1e Move MemFlash to separate module and add verify_erased_before_write verification 2023-04-03 15:33:20 +02:00
Rasmus Melchior Jacobsen
8aaffe82e7 Add incremental hash to FirmwareUpdater
This adds support for computing any hash over the update in the dtu area by providing a closure to the hash update function.
2023-04-03 14:59:55 +02:00
Rasmus Melchior Jacobsen
b1e2195b49 Remove FirmwareWriter
FirmwareWriter currently has a "max-write-size" parameter, but this is a limitation that should be handled by chunking inside the NorFlash driver, and not "up here" in user code. In case that the driver (e.g. qspi driver) is unaware of any max-write limitations, one could simply add an intermediate NorFlash adapter providing the chunk'ing capability.
2023-04-03 14:50:41 +02:00
Rasmus Melchior Jacobsen
d9d6fd6d70 Add erase and wipe tests 2023-03-31 10:28:47 +02:00
Rasmus Melchior Jacobsen
42931b51f2 Let bootloader partition have read/write/erase operations
This change should not have any breaking changes.
2023-03-31 10:18:19 +02:00
Rasmus Melchior Jacobsen
373760a56b Split bootloader implementation into multiple files 2023-03-31 08:05:37 +02:00
sander
ba9afbc26d embassy-boot: add default nightly feature, makes it possible to compile with the stable compiler 2023-03-22 16:49:49 +01:00
Mehmet Ali Anil
b1bc034a7e Merge branch 'emb-storage-async-0p4' of https://github.com/Grus-BV/embassy into emb-storage-async-0p4 2023-03-07 23:35:56 +01:00
Mehmet Ali Anil
6bf8d090a1 Merge branch 'emb-storage-async-0p4' of https://github.com/Grus-BV/embassy into emb-storage-async-0p4 2023-03-07 23:21:19 +01:00
Mehmet Ali Anil
935633c90b Merge upstream 2023-03-07 23:16:54 +01:00
Mehmet Ali Anil
bc0cb43307 Bump embedded-storage-async to 0.4 2023-03-06 22:16:36 +01:00