Commit Graph

70 Commits

Author SHA1 Message Date
Anas Nashif 3c7e60ee74 nvs: fix style
Fix code style after moving to new logger.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2018-10-08 17:49:12 -04:00
Anas Nashif 12984c6d1f subsys: nvs: move to new logger
Move to new logger and update all related samples and configs.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2018-10-08 17:49:12 -04:00
Mark Ruvald Pedersen d67096da05 portability: Avoid void* arithmetics which is a GNU extension
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.

Pointer arithmetics over void types is:
 * A GNU C extension
 * Not supported by Clang
 * Illegal across all ISO C standards

See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html

Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
2018-09-28 07:57:28 +05:30
Krzysztof Chruscinski 527256501f shell: Rename shell to legacy_shell
New shell implementation is on the way. For now old one and all
references are kept to be gradually replaced by new shell.

Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
2018-09-19 09:30:29 -04:00
Aurelien Jarno 9fa1af694e subsys: fs/nvs: do not leave the flash unprotected in case of error
In case a write to the flash failed, do not leave the flash unprotected.
Always call flash_write_protection_set in that case.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno ce7e1a1cc8 subsys: fs/nvs: do not change flash protection for zero-length case
Avoid unsetting and setting the flash protection if there is nothing to
write to the flash. This happens for example when deleting data from the
flash using nvs_delete.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno 7a76792c87 subsys: fs/nvs: break if no end of sector is found
In case a sector is not empty nor properly closed (ie it never contains
8 times 0xff nor 0x00), the _nvs_prev_ate will loop indefinitely and
will start adressing memory outside of the flash area.

Fix that by stopping the loop when the address matches the beginning of
the sector.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno 725d9f7e09 subsys: fs/nvs: simplify crc8 computation
Instead of forcing the crc8 entry to 0xff for the crc8 computation, just
ignore this field in the computation as it is the last one. This avoid
having to set it back to the original value for _nvs_ate_crc8_check.

Add a build assertion to ensure crc8 is kept last.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno f1c6f91def subsys: fs/nvs: declare the ate structure as packed
The allocation table entry should be as small as possible in the flash,
so declare it as packed to avoid that the compiler pads it.

Note that this doesn't change anything on ARM, but it might help for
other (future) architectures.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno afa9e1f9fc subsys: fs/nvs: improve syslog messages
- Add a missing plural.
- Use a comma to separate the sector number with the offset to not
  confuse that with a range.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Aurelien Jarno 9ec11d70eb subsys: fs/nvs: improve some comments
Use "within sector" instead of "sector", as it could be confused with
the unit otherwise.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-09-17 07:54:35 -04:00
Flavio Ceolin da49f2e440 coccicnelle: Ignore return of memset
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.

The only directory excluded directory was ext/* since it contains
only imported code.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
2018-09-14 16:55:37 -04:00
Varun Sharma 28f5da6c38 subsys: shell : fs new shell module for fs mount operation
Fixes # 7348, also includes test cases

Signed-off-by: Varun Sharma <varun.sharma@intel.com>
2018-09-13 09:27:45 -04:00
Aurelien Jarno d47fada3a4 subsys: fs/nvs: fix writes when write_block_size != 1
The current code computes the block-aligned len by ANDing the len with
~write_block_size instead of ~(write_block_size - 1).

In addition the compute value can be 0 (for lengths that are less than
the block size), so the first flash write might have to be skipped.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-08-24 13:24:04 -05:00
Laczen JMS 7d2e59813f subsys: fs/nvs: Rewrite for improved robustness
On flash NVS was stored one entry after another including the metadata
of each entry. This has the disadvantage that when an incomplete write
is performed (e.g. due to power failure) the complete sector had to be
rewritten to get a completely functional system.

The present rewrite changed the storage in flash of the data. For each
sector the data is now written as follows: the data itself at the
beginning of the sector (one after the other), the metadata (id, length,
data offset in the sector, and a crc of the metadata) is written from
the end of the sector. The metadata is of fixed size (8 byte) and for
a sector that is completely occupied a metadata entry of all zeros is
used.

Writing data to flash always is done by:
1. Writing the data,
2. Writing the metadata.

If an incomplete write is done NVS will ignore this incomplete write.

At the same time the following improvements were done:
1. NVS now support 65536 sectors of each 65536 byte.
2. The sector size no longer requires to be a power of 2 (but it
still needs to be a multiple of the flash erase page size).
3. NVS now also keeps track of the free space available.

Signed-off-by: Laczen JMS <laczenjms@gmail.com>
2018-08-10 14:16:06 -07:00
Laczen JMS b9dead0a42 subsys: fs/nvs: Improved nvs for larger blocksizes
The nvs module has some disadvantages for larger block size. The data
header and slot are taking up to much space. A rewrite is proposed that
reduces the used storage space for systems with write block size > 4.

The data storage in flash is now one unit consisting of: data_length,
data_id, data and data_length again in a multiple of the write block
size. The data_length at the end is used to validate the correctness of
the flash write and also allows to travel backwards in the filesystem.

As a comparison, on a system with block size 8 byte, a 32 bit values
now fits 1 block including the metadata (length and id). This used to
be 3 blocks.

The data_length will occupy 1 byte if the data length is less than 128
byte, it will occupy 2 byte if the data length is 128 byte or more. The
data length is limited to 16383 byte.

Each write to flash is verified by a read back of the data.

The read performance is improved because reading is done backwards so
the latest items are found first.

When the filesystem is locked it can be unlocked by calling
reinit(), this will clear flash and setup everything for storage.

add sample documentation - README.rst

Update dtsi to include erase_block_size, use erase_block_size in sample

Update prj.conf to include CONFIG_MPU_ALLOW_FLASH_WRITE

Signed-off-by: Laczen JMS <laczenjms@gmail.com>
2018-08-10 14:16:06 -07:00
Sebastian Bøe 4c60c510c3 cmake: default to linking 'app' with the interface library 'FS'
This patch removes the need for application build script code to
explicitly link 'app' with a filesystem implementation.

It does this by introducing a zephyr interface library called 'FS'
that contains the usage requirements for linking with the filesystem
library subsys__fs and using Kconfig to default to linking the 'app'
library with this interface library.

Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
2018-07-25 08:27:45 -04:00
Ulf Magnusson 1073882998 subsys: kconfig: Remove 'default n' properties and clean up a bit
Bool symbols implicitly default to 'n'.

A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.

Remove some 'default ""' properties on string symbols too.

Also make definitions more consistent by converting some

  config FOO
  	<type>
  	prompt "foo"

definitions to a shorter form:

  config FOO
  	<type> "foo"

This shorthand works for int/hex/string symbols too, not just for bool
symbols.

Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
2018-07-12 23:13:22 -04:00
Aurelien Jarno 4089602f3a subsys: fs/nvs: fix _nvs_sector_is_used
_nvs_sector_is_used() never uses the offset argument. As a consequence,
it only check the first sector of the flash. Fix that.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 131c4a4f74 subsys: fs/nvs: do not assume the flash is mapped at address 0
The two functions that compute the crc16 when writing (nvs_append_close)
and when reading (nvs_check_crc) currently assume that the flash is
also mapped in read mode at address 0. This is not true on all SoCs, and
even less on an SPI flash.

Fix this by adding a new nvs_compute_crc() function which compute the
CRC16 of an entry using the flash using nvs_flash_read, in blocks of
write_block_size. This might not be the optimal size, but it keeps the
stack usage small.

Use this function in both nvs_append_close() and nvs_check_crc() instead
of accessing the flash from address 0.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 4795b79e9d subsys: fs/nvs: kill a warning
GCC complains that last_entry.len and last_entry.data_addr might be
uninitialized in _nvs_gc. Fix that.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 14aae1a189 subsys: fs/nvs: remove explicit padding from structures
Now that the flash writes are padded up to the write block size, there
is no need to have explicit padding fields in the _nvs_sector_hdr and
_nvs_data_slt structure. This allow to save space when the write block
size equals to 1 or 2

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 154e6ea72f subsys: fs/nvs: never write more than the source buffer
Writing more than the source buffer means that some random data,
possibly coming from the stack, ends-up in the flash. This could be
a security issue.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 7acd339974 subsys: fs/nvs: never read more than the destination buffer
Reading more than the destination buffer means that data is overwritten
possibly on the stack. This causes unpredictable behaviours like
crashes.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Aurelien Jarno 83ac3f8bd5 subsys: fs/nvs: explicitly pad flash writes up to the write block size
Some SoCs do not allow shorter writes than the write block size, usually
when they have ECC memory. This patch first write all data in multiple
of the write block size and then do a last write with the data padded.
It uses 0xff as the padding byte to avoid wearing-out the flash.

nvs_append_close() is slightly modified to compute the crc16 that will
be put in the slot over the size defined in the header, to match the way
it is checked on read.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2018-05-26 08:26:40 -04:00
Laczen JMS b1e45b413e subsys: fs: Add Non Volatile Storage (NVS) for zephyr
Zephyr supports fatfs, nffs and fcb as storage layer. fatfs and nffs
are less suited for application in memory restricted IC's. fcb has a
smaller footprint but has a complex api.

The proposed module is a module with a even smaller footprint compared
to fcb and a simple interface for reading and writing entries. The
module provides wear levelling of flash. This allows the module to be
used not only to store configuration settings but to store device state
(e.g. state of a light switch over reboots) of a zephyr device.

Fixes buffer overflow by introducing maximum read length in nvs_read()
and nvs_read_hist().

Fixes nvs_write() not to reflash the same data. Allows the user to do
call nvs_write() for all defined entries without worries about flash
wear.

Fixes garbage collection error where wrong data could be copied.

Add nvs_delete() to allow deleting a stored entry. A deleted entry will
not be copied to a new flash sector

Include flash wear information in the README.md documentation

0/25 Update module after reviewers remarks, added documentation to
nvs.h, removed README.md by nvs.rst in doc/subsystems folder

04/26 Update module after reviewers remarks, updated nvs.rst, added more
documentation to samples/subsys/nvs/src/main.c, updated doxygen info
in nvs.h (hope this time it works).

04/26 Update subsystems.rst to include nvs.restart

04/27 Updated nvs.c and nvs.h to avoid a possible flash deletion loop
when the file system is full.

04/29 Updated nvs_write to detect and ignore deletes of non-existing
items

05/06 Update NVS module to return standard error codes, removed low
level API, added configuration options. NVS now uses the board dts to
determine the flash storage location (FLASH_AREA_STORAGE_OFFSET).

05/06 Update nvs.rst. Updated intendation and added intermediate
variables in nvs.c to make the code easier to read.

05/06 Update nvs.rst.

05/07 Update nvs.rst

05/08 Changed the API to a more standard file system API.

05/08 Removed cnt_max from nvs_read() as it is not used.

05/08 Removed #ifdef(CONFIG_NVS_LOG) from nvs_priv.h, now the module can
be build with debugging off.

05/09 Removed configuration options for SECTOR_SIZE, SECTOR_COUNT and
MAX_ELEM_SIZE. It is now easy to support multiple NVS filesystems on
one or multiple devices. Changed logging to support newlib systems.
Thanks to Olivier Martin for reporting and proposed changes.

Signed-off-by: Laczen JMS <laczenjms@gmail.com>
2018-05-15 10:29:16 +02:00
Ramakrishna Pallala dd5449a77b subsys: fs: Add the support for multiple instances of fs
Add support for multiple instances of a file system by
making use of mount point as the disk volume name which
is used by the file system library while formatting or
mounting a disk.

Also moved out file system specific data structures from
public fs.h header and handled them in corresponding
file system interface files by introducing open files and
open directories concept which is already being used in
NFFS interface module. Now it is extended to FatFs as well.

Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
2018-05-08 08:53:01 -04:00
Ramakrishna Pallala b99ff6f9e1 subsys: fs: Extend storage_dev type beyond 'struct device'
Extend storage_dev type beyond 'struct device' by changing
the variable type to void pointer. This will be needed if we
have additional transactional layers b/w filesystem and the
actual backend device.

Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
2018-05-08 08:53:01 -04:00
Andrzej Puzdrowski f4dcb4593d subsys: fs: fcb: fix - crc write size not aligned
This is bug-fix for issue #7311
FCB: CRC write size in append_finish doesn't honor
flash min write size

This patch changes write size to the minimum supported
write size.


Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-05-04 17:25:29 -04:00
Andrzej Puzdrowski 4954fe06f2 subsys: fs: fix generic storage partition selection
FS_FLASH_MAP_STORAGE keyword enables the storage partition,
but it was depend on flash_map module which is unused by
NFFS. This patch makes it independent thanks
to it is possible to enable the storage partition
without flash_map module.

FS_FLASH_MAP_STORAGE was renamed to
CONFIG_FS_FLASH_STORAGE_PARTITION
as it is independent for flash_map.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-05-04 10:14:01 -04:00
Johan Hedberg 9968cda453 fs: Convert NFFS partition to a generic one
The NFFS partition at the end of flash is also useful for any other
file system or even the Flash Circular Buffer (FCB). Rename the
partition from 'nffs_partition' to 'storage_partition' and make it
depend on a new hidden Kconfig entry which the relevant users will
select (such as NFFS and FCB).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2018-04-26 16:06:55 +05:30
Leandro Pereira 50893349fe subsys: nffs: Unlock mutex before returning
The implementation for the tell() primitive was attempting to unlock
the NFFS mutex after returning an error code.

Coverity-Id: 185283

Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
2018-04-14 23:35:52 -04:00
Andrzej Puzdrowski e33aa5509a subsys: fs: add NFFS rename API implementation
Added file/directory rename implementation basing on NFFS
native support.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-03-28 10:44:20 -04:00
Kumar Gala d68b6a901a subsys: fs: Fix fs_file_t and fs_dir_t usage
With the introduce of VFS the typedef for fs_file_t & fs_dir_t don't
exist anymore so we need to use 'struct fs_dir_t' or 'struct fs_file_t'.
Fix up some places that got missed in the VFS conversion.

Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
2018-03-13 09:47:58 -05:00
Ramakrishna Pallala 3e83a52781 subsys: fs: Kconfig changes to enable multiple file systems
Kconfig changes to enable or select multiple file systems.

Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
2018-03-10 21:38:04 -05:00
Ramakrishna Pallala 25302b1980 subsys: fs: Add Virtual File system Switch (VFS) support
Add support for Virtual File system Switch (VFS) by
introducing mount point concept to Zephyr. This allows
the applications to mount multiple file systems at
different mount points (ex: "/fatfs" and "/nffs"). The
mount point structure contains all the necessary info
required to instantiate, mount and operate on file system.

Decouple applications from directly accessing individual
file systems API's or internal functions by introducing
file system registration mechanism in VFS.

Move the file system defination and mount responsibility
to application so that application can decide which file system
to use and where to mount.

Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
2018-03-10 21:38:04 -05:00
Ramakrishna Pallala 9792951570 subsys: fs: Kconfig: Add log level support for fs subsystem
Add SYS_LOG_FS_LEVEL Kconfig option for file system subsystem.

Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
2018-03-10 21:38:04 -05:00
Leandro Pereira 02dc6eb960 subsys: fcb: Check for mutex lock failure when walking FCB
Coverity-CID: 182195
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
2018-02-17 09:14:16 -05:00
Andrzej Puzdrowski b3614c0b17 subsys: fs: fcb: remove f_area_id from fcb structure
It is faster to operate directly on flash_area pointer instead
of fetch it all the time using the fcb flash area id.
Also as f_area_id was needed only for get appropriate flash_area
pointer, so it is better to pass it only while initialization
the fcb and not store it in fcb instance data at all.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-02-07 09:51:26 -05:00
Andrzej Puzdrowski 95a9dbc4b3 subsys: fs: fcb: rework fcb_walk and its callback
Previously flash_area structure was the parameter for the callback
function for transferring sector location info.
Now flash_sector is used so relevant flash_area is missing for
the callback.

This patch introduces structure fcb_entry_ctx which incorporates
entries' location and relevant flash area. It is used to pass complete
information to the callback. Additional  pointer to the flash_area fcb
speeds up operations.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-02-07 09:51:26 -05:00
Christopher Collins e3cd915d8f fs: Convert FCB to use sectors (not areas)
Prior to this commit: `struct fcb` contained a pointer to an array of
`struct flash_area`.  Each entry in the array represented a flash sector
that the fcb comprised.

After commit: `struct fcb` contains a pointer to an array of `struct
flash_sector`, not `struct flash_area`.

Rationale: The FCB needs to know which sectors it occupies for its
rotate operation.  However, the `flash_area` type is meant to represent
a collection of sectors, not a single sector.  `struct flash_area`
contains information that the fcb does not need (e.g., area ID and
device ID).  Furthermore, the flash_map API provides a means of
converting a flash area ID to an array of sectors
(`flash_area_get_sectors()`), but no way to convert to an array of
areas.

Signed-off-by: Christopher Collins <ccollins@apache.org>
2018-02-07 09:51:26 -05:00
Ding Tao 75a3590d20 fs: Kconfig: Fix warning on undefined choice NO_FILE_SYSTEM
Fix this by replace "NO_FS" with "NO_FILE_SYSTEM".

Signed-off-by: Ding Tao <miyatsu@qq.com>
2018-02-07 08:35:29 -05:00
Andrzej Puzdrowski b7f1289847 subsys: fs: Add Flash Circular Buffer
Zephyr already supports NFFS as a storage layer, but it might
be a little bit too heavyweight for certain applications in
memory-restricted ICs.

This module is response for need of Lightweight flash storage
capability. FCB is ported form MyNewt as native zephyr module.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2018-01-15 15:46:37 -05:00
Jan Van Winkel 36e2efaf91 fs: nffs: Corrected types in OS specific functions
Corrected types in OS specific functions to be inline with NFFS
declarations.

Fixes #5467

Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
2018-01-02 13:34:02 -05:00
Michael Hope 9dd4399edd fs: only select the disk subsystem if the filesystem needs it.
Of the filesystems under subsys/fs/, only the ELM FAT filesystem needs
the disk layer as others (like NFFS) talk directly to the flash API.

This removes the need to define CONFIG_DISK_ERASE_BLOCK_SIZE and
similar which are used by the disk subsystem but not by NFFS.

Signed-off-by: Michael Hope <mlhx@google.com>
2017-12-14 16:49:18 -06:00
Anas Nashif 429c2a4d9d kconfig: fix help syntax and add spaces
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2017-12-13 17:43:28 -06:00
Sebastian Bøe 0829ddfe9a kbuild: Removed KBuild
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
2017-11-08 20:00:22 -05:00
Sebastian Bøe 12f8f76165 Introduce cmake-based rewrite of KBuild
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.

Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.

This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.

For users that just want to continue their work with minimal
disruption the following should suffice:

Install CMake 3.8.2+

Port any out-of-tree Makefiles to CMake.

Learn the absolute minimum about the new command line interface:

$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..

$ cd build
$ make

PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html

Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
2017-11-08 20:00:22 -05:00
David B. Kinder ee71332b99 doc: fix doc misspellings
Found some spelling issues missed during regular PR review

Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
2017-10-17 14:31:52 -04:00
Anas Nashif c6a8014e1c subsys: fs: consolidate elm FAT kconfig options
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
2017-10-03 08:43:50 -04:00