-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] [TF:OTA] OTA updates common work branch #9969
Conversation
Ping to interested people: |
Just some more feedback from testing on my side: I completed also the upgrade via CoAP via serial on a saml-xpro21 using ethos. Sorry for the late feedback but I had quite some problems but at the end unrelated to this issue (see issue #10068) but once that was solved now it works like a charm, so can switch also by transfering via CoAP (over ethos in my case). I'll do a smal PR with some tiny doc fixes. Question: would it be interesting for the patch to have a couple of lines in the readme on how you can test it via ethos as an additional example? If so I could prepare. Just some output ;)
|
Highly appreciated!! Thanks for testing!! |
TODO Rebase message edit at the end. * updated to edbg/openocd new variables * Use RIOTBOOT_FW_SLOT_SIZE: upcomming PRs should remove RIOTBOOT_SLOT1_SIZE and RIOTBOOT_SLOT2_SIZE * Use ROM_START_ADDR for 'firmware' to handle iotlab-m3 * Use ROM_OFFSET and FW_ROM_LEN * Info on non supported existing bootloader for the moment in dist/riotboot * dist/riotboot: allow running different targets and not only flash * RIOTBOOT_HDR_LEN as hexadecimal and can be overwritten
Adapt from shell/commands/sc_gnrc_netif
* Add information on the current flashpage Currently the information is not 100% consistent as 'offset' is relative to the beginning and flashpage is absolute but I find it useful this way.
`RIOTBOOT_FW_SLOT_SIZE` contains both the metadata and the firmware. TODO describe somewhere.
Variables must be exported for `openocd.sh` on `iotlab-m3`.
Variables must be exported for `openocd.sh` on `iotlab-m3`.
As it us using 'export' to the shell for openocd, it does not work properly. Replace it with calculating the value in a subshell.
make is a bit strange sometimes and considers various factors to decide the precedence of the rule to be applied: definition order is one (and the %.signed.bin is after %.bin, and would be also if we put it at the end of Makefile.include), but also if a rule is implicit is then preferred no matter the order. A quite complete and coincise overview of the topic can be found here: https://stackoverflow.com/questions/28842851/force-make-to-use-a-more-specific-rule Given the inclusion mechanism used in RIOT it should be safer to explicitly state things, although may seem ugly sometimes.
314a05f
to
359ee2e
Compare
Rebased to current master. Removed commits related to coap block2 support and "fake" dependencies on stm32 devices for flashpage_write_common. |
@kYc0o: any plans on continuing this effort? I would be interested to continue and was wondering if this could align to current master (with the riotboot changes there) so I would not be using this branch. |
Ok, didn't notice that PR sorry (please if you remember just ping me when you have related work, I sometimes get lost ;) ) . |
What's the status here? Several related PRs were merged and this got super outdated. Is of some use to still having it open? |
I agree, I believe mostly the OTA suit is still missing for this to be complete. I had a short chat at FOSDEM BOH with @bergzand , not sure if something continued after that (gave a search on github but didn't find anything). |
@kaspar030 @bergzand does it make more sense to close this indeed? |
Contribution description
DO NOT MERGE! - PLEASE DON'T TRIGGER THE CI UNLESS IT'S REALLY NEEDED
This is a PR to track the work in progress for the OTA updates task force. Some PRs were already merged under different contexts, but they are essential to achieve this goal.
Basically, this PR represents what's described in #9342 as a "ready to test" environment, on which all the features are already (dirty) implemented and work as expected (no bug free warranties). The goal is to extract little by little the features and cleanly integrate them into RIOT, which is a lesson learned from the several previous attempts.
Testing procedure
Basically, we provide two applications (which might be PRed conveniently and might differ of what they are now) :
Both applications embed security prototypes to perform signature and validation of it with Ed25519, currently with the tweetnacl package.
Following what is described on examples/ota/README.md, the first step is to generate the keys with the following commands:
To flash the device (currently tested only on samr21-xpro and iotlab-m3) with either ota or suit_updater:
BOARD=samr21-xpro APP_VER=$(date +%s) make -C examples/ota riotboot/flash
: flash bootloader plus application firmware on slot1 (initial state).BOARD=samr21-xpro APP_VER=$(date +%s) make -C examples/ota riotboot/slot2
: generate an "update" of the same firmware, since the date is used as a version it will be always higher. The output file has the following formatota_example-slot2.signed.bin
. That's the file that needs to be sent to the device via CoAP, e.g. for ota example. For suit_updater there are more steps, as the generation of the manifest requires more input data.I hope with this some people can already play a bit.
Issues/PRs references
#9342 as the tracking issue
https://github.com/RIOT-OS/RIOT/projects/11 as the tracking project with the ongoing PRs, already merged PRs and superseded PRs.
Thanks (really) a lot to @kaspar030 @cladmi and @bergzand for their invaluable help to achieve this feature!