max/embassy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
064ec9581e
embassy/embassy-boot/boot/src/partition.rs
bors[bot] 3ede5667d4
Merge #1324 #1327 
1324: Add MCO support for L4 and F4 families r=Dirbaio a=m-dupont

Add MCO support for L4 and F4 as already done in F7. 

When the 'HSI' source is selected as MCO source, 'HSI' is activated (`set_hsion(true)`) . This is done to operate the MCO in case 'MSI' is chosen as the clock source for the CPU. The same applies to PLL, etc.

1327: Avoid write before erase r=Dirbaio a=rmja

This introduces an additional marker to the state partition right after the magic which indicates whether the current progress is valid or not. Validation in tests that we never write without an erase is added.

There is currently a FIXME in the FirmwareUpdater. Let me know if we should take the erase value as a parameter. I opened a feature request in embedded-storage to get this value in the trait. Before this, the assumption about ERASE_VALUE=0xFF was the same.

I have made some thoughts about whether this is a breaking change between the app and firmware, i.e. whether adding the "Progress valid" field is breaking. My conclusion is that it is not a breaking change. For the case where an app uses this new FirmwareUpdater together with an old bootloader, what it now does, is that it:

1. Writes the progress valid field to all zeros. This field is not known in the old bootloader, so it actually writes a "current progress" index.
2. The entire state partition is erased - effectively removing any trace of 1.
3. Set magic

This should be compatible.


Co-authored-by: Mathieu Dupont <mdupont@cppm.in2p3.fr>
Co-authored-by: Rasmus Melchior Jacobsen <rmja@laesoe.org>
2023-04-04 14:59:10 +00:00

141 lines
4.7 KiB
Rust
Raw Blame History

use embedded_storage::nor_flash::{NorFlash, ReadNorFlash};
use embedded_storage_async::nor_flash::{NorFlash as AsyncNorFlash, ReadNorFlash as AsyncReadNorFlash};
/// A region in flash used by the bootloader.
#[derive(Copy, Clone, Debug)]
#[cfg_attr(feature = "defmt", derive(defmt::Format))]
pub struct Partition {
/// The offset into the flash where the partition starts.
pub from: usize,
/// The offset into the flash where the partition ends.
pub to: usize,
}
impl Partition {
/// Create a new partition with the provided range
pub const fn new(from: usize, to: usize) -> Self {
Self { from, to }
}
/// Return the size of the partition
#[allow(clippy::len_without_is_empty)]
pub const fn len(&self) -> usize {
self.to - self.from
}
/// Read from the partition on the provided flash
pub async fn read<F: AsyncReadNorFlash>(
&self,
flash: &mut F,
offset: u32,
bytes: &mut [u8],
) -> Result<(), F::Error> {
let offset = self.from as u32 + offset;
flash.read(offset, bytes).await
}
/// Write to the partition on the provided flash
pub async fn write<F: AsyncNorFlash>(&self, flash: &mut F, offset: u32, bytes: &[u8]) -> Result<(), F::Error> {
let offset = self.from as u32 + offset;
flash.write(offset, bytes).await?;
trace!("Wrote from 0x{:x} len {}", offset, bytes.len());
Ok(())
}
/// Erase part of the partition on the provided flash
pub async fn erase<F: AsyncNorFlash>(&self, flash: &mut F, from: u32, to: u32) -> Result<(), F::Error> {
let from = self.from as u32 + from;
let to = self.from as u32 + to;
flash.erase(from, to).await?;
trace!("Erased from 0x{:x} to 0x{:x}", from, to);
Ok(())
}
/// Erase the entire partition
pub(crate) async fn wipe<F: AsyncNorFlash>(&self, flash: &mut F) -> Result<(), F::Error> {
let from = self.from as u32;
let to = self.to as u32;
flash.erase(from, to).await?;
trace!("Wiped from 0x{:x} to 0x{:x}", from, to);
Ok(())
}
/// Read from the partition on the provided flash
pub fn read_blocking<F: ReadNorFlash>(&self, flash: &mut F, offset: u32, bytes: &mut [u8]) -> Result<(), F::Error> {
let offset = self.from as u32 + offset;
flash.read(offset, bytes)
}
/// Write to the partition on the provided flash
pub fn write_blocking<F: NorFlash>(&self, flash: &mut F, offset: u32, bytes: &[u8]) -> Result<(), F::Error> {
let offset = self.from as u32 + offset;
flash.write(offset, bytes)?;
trace!("Wrote from 0x{:x} len {}", offset, bytes.len());
Ok(())
}
/// Erase part of the partition on the provided flash
pub fn erase_blocking<F: NorFlash>(&self, flash: &mut F, from: u32, to: u32) -> Result<(), F::Error> {
let from = self.from as u32 + from;
let to = self.from as u32 + to;
flash.erase(from, to)?;
trace!("Erased from 0x{:x} to 0x{:x}", from, to);
Ok(())
}
/// Erase the entire partition
pub(crate) fn wipe_blocking<F: NorFlash>(&self, flash: &mut F) -> Result<(), F::Error> {
let from = self.from as u32;
let to = self.to as u32;
flash.erase(from, to)?;
trace!("Wiped from 0x{:x} to 0x{:x}", from, to);
Ok(())
}
}
#[cfg(test)]
mod tests {
use crate::mem_flash::MemFlash;
use crate::Partition;
#[test]
fn can_erase() {
let mut flash = MemFlash::<1024, 64, 4>::new(0x00);
let partition = Partition::new(256, 512);
partition.erase_blocking(&mut flash, 64, 192).unwrap();
for (index, byte) in flash.mem.iter().copied().enumerate().take(256 + 64) {
assert_eq!(0x00, byte, "Index {}", index);
}
for (index, byte) in flash.mem.iter().copied().enumerate().skip(256 + 64).take(128) {
assert_eq!(0xFF, byte, "Index {}", index);
}
for (index, byte) in flash.mem.iter().copied().enumerate().skip(256 + 64 + 128) {
assert_eq!(0x00, byte, "Index {}", index);
}
}
#[test]
fn can_wipe() {
let mut flash = MemFlash::<1024, 64, 4>::new(0x00);
let partition = Partition::new(256, 512);
partition.wipe_blocking(&mut flash).unwrap();
for (index, byte) in flash.mem.iter().copied().enumerate().take(256) {
assert_eq!(0x00, byte, "Index {}", index);
}
for (index, byte) in flash.mem.iter().copied().enumerate().skip(256).take(256) {
assert_eq!(0xFF, byte, "Index {}", index);
}
for (index, byte) in flash.mem.iter().copied().enumerate().skip(512) {
assert_eq!(0x00, byte, "Index {}", index);
}
}
}
Reference in New Issue View Git Blame Copy Permalink