`bootutil` was updated to use exclusively `flash_area_align` removing the
dependency on this single `hal_flash` function.
Signed-off-by: Fabio Utzig <utzig@apache.org>
It is possible that while flash was erased progressively
the flash image status page was not erased.
This patch check this case and performs additional eras
if it was required.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
This commit adds the option to erase flash pages while receiving
the firmware, opposed to bulk-erasing the whole image area at
the beginning of the DFU process. This is required on some
hardware that has long erase times, to prevent a long wait
and possibly a timeout during DFU.
Signed-off-by: Emanuele Di Santo <emdi@nordicsemi.no>
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The UART device ISR in serial_adapter expected the device
to fire an interrupt for each byte that was received.
Although this might have worked for some devices it wouldn't
work for USB. This commit fixed the issue by modifying the ISR
according to the uart.h documentation.
Signed-off-by: Emanuele Di Santo <emdi@nordicsemi.no>
On Mynewt some flash drivers on very slow devices tickle the watchdog to
avoid possible hangs; those were also trying to tickle the watchdog in
mcuboot when performing an upgrade or serial boot, without initializing
the watchdog, causing an invalid memory write and reset issue.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Remove the simple pointers and use the "&" operator throughout to
simplify the understanding of the code.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
In order to avoid overwriting an existing allocated buffer that has not
yet been processed by the main loop, switch to a new command buffer
whenever we have received a complete one.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
If adding a header to a .hex file (using the command line
"--pad-header"), the hex file gets shifted by header size. This may
cause hard coded addresses to be off by "header-size", making the
firmware unusable. Instead, adjust the base address by the header
size, so the existing firmware in the hex file is loaded to the
proper addresses.
Signed-off-by: Mark Schulte <mschulte@lyft.com>
Given the example lines:
#define FLASH_AREA_MCUBOOT_OFFSET_0 0x0
#define FLASH_AREA_MCUBOOT_OFFSET FLASH_AREA_MCUBOOT_OFFSET_0
Changing OFFSET_0 to OFFSET(_0)? allows the re to possibly match the
second line where it would have stopped the match before. This combined
with the (0x)? means that the re does match the second line, with the
third group being just the F of FLASH_AREA_IMAGE_1_OFFSET_0. The int()
function fails because F is not a valid number. This commit makes the
matching more precise by 1) matching the 0x when there are hex digits
and without the 0x when there are decimal digits and 2) matching until
the end of the line.
Signed-off-by: Evan Gates <evan@gnarbox.com>
This updates error-chain to remove a warning on recent rust distros.
`pem` was update to get fairly recent `error-chain` as well.
Signed-off-by: Fabio Utzig <utzig@apache.org>
While building with Zephyr 1.12 for the nucleo_f091rc I got undefined
reference to __set_MSP() during linking. Including soc.h fixes the
problem. Thanks carlesc.
Signed-off-by: Evan Gates <evan@gnarbox.com>
This fixes an issue where the bootloader is activating a timer that is
later not used by the installed target image causing a non handled interrupt
fault.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The `--included-header` was "mandatory" when using imgtool with firmware
images generated by the Zephyr build system and it was a source of
issues when it was forgotten. This removes `--included-header` and adds
a new parameter `--pad-header` with inverted semantics, to be used only
when a zeroed header is required to be added to the firmware image.
Signed-off-by: Fabio Utzig <utzig@apache.org>
It was possible that free_queue locks on the self referencing
node.
This patch introduce check for this issue
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
For zephyr it was possible to make buffer overflow while decoding
incoming base64 sting. This patch correct the available
buffer size transferred to base64 decoding function, which mitigate the
issue.
Clean up boot_serial_start function from unwanted
execution constant pointers.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Due to an issue described here:
https://github.com/zephyrproject-rtos/zephyr/issues/8393
interrupts are not enabled when multithreading is disabled.
Enable interrupts to allow the serial recovery mode UART to receive
characters.
Note: This commit must be reverted once the issue is addressed.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The k_fifo_* primitives are not available when multithreading is
disabled. Use sys_slist_* instead.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Power management requires multithreading and other kernel features that
are disabled in MCUboot, so disable it to avoid interrupts being
confused by power management code wrappers.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
- Remove dependency to sprintf()
- Remove dependency to cborattr
- mynewt: replace console with more direct interface to uart
- mynewt: settings to reduce included os code
Signed-off-by: Marko Kiiskila <marko@runtime.io>
For serial recovery enabled Assertions conditions were improperly
which cause runtime assertion whenever __ASSERT macro was enabled
along with the serial recovery mode running.
This patch fixes the issue.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Overwrite only requires just magic + image_ok + copy_done. This fixes
issues generating images in overwrite only mode when the firmware image
is too big and overflows the swap status area.
Signed-off-by: Fabio Utzig <utzig@apache.org>
The swap status area is used to maintain information that allows
recovery when interrupted in the middle of a swap. This area has no
usefulness when doing a overwrite-only upgrade, which always copies the
entire slot.
Signed-off-by: Fabio Utzig <utzig@apache.org>
In order to provide a pleasant out-of-the-box experience to users,
default to the RSA .pem file so that users do not get a cryptic error
when building with the default .conf file in upstream.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add the new `--slot-size` and make `--pad` a bool flag, to allow
checking that firmware fits in the slot without overflowing into the
trailer region even when no padding was requested.
Fixes#241
Signed-off-by: Fabio Utzig <utzig@apache.org>
The hardcoded keys for Zephyr were removed and external references were
added for the built time autogenerated variables. A hardcoded key file
was added specifically for the simulator.
Signed-off-by: Fabio Utzig <utzig@apache.org>
For both RSA (which uses Zephyr's mbedTLS copy) and ECDSA (which uses
our own for ASN1 parsing) use the common "mcuboot-mbedtls-cfg.h" header
file instead of relying on the default config.h bundled with mbedTLS.
Additionally issue a descriptive error when CONFIG_MBEDTLS is set and we
are building with our own copy.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This adds a new command line flag to allow passing in the max number of
sectors for a swap when the image is padded. It defaults to 128 and
should match the value configured in the bootloader.
Fixes#285
Signed-off-by: Fabio Utzig <utzig@apache.org>
This removes settings of log level on a per file basis. The log level
should be set by the global config, while per file log configuration can
still be set, don't enforce them.
Signed-off-by: Fabio Utzig <utzig@apache.org>
For Mynewt when no logging (default option) or serial boot was selected,
avoid initializing all serial supporting system. This enables to save
flash space when only basic bootloader functionality is used.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Now bootutil_log.h was converted to use per platform logging primitives
defined according to documentation established on the template file.
Some "null" macros were left to avoid breaking per source logging level
definition when MCUBOOT_HAVE_LOGGING was not defined.
Signed-off-by: Fabio Utzig <utzig@apache.org>
New logging macros were added for all supported platforms, following the
documentation defined in the template config file.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fabio Utzig