diff --git a/Makefile b/Makefile index 8819d2f4..77e37384 100644 --- a/Makefile +++ b/Makefile @@ -154,7 +154,7 @@ wolfboot-align.bin: wolfboot.elf test-app/image.bin: - make -C test-app TARGET=$(TARGET) EXT_FLASH=$(EXT_FLASH) + make -C test-app TARGET=$(TARGET) EXT_FLASH=$(EXT_FLASH) SPI_FLASH=$(SPI_FLASH) include tools/test.mk diff --git a/include/spi_flash.h b/include/spi_flash.h index 74c649cb..c255e5cd 100644 --- a/include/spi_flash.h +++ b/include/spi_flash.h @@ -27,11 +27,12 @@ #ifndef SPI_FLASH_DRI_H #define SPI_FLASH_DRI_H +#define SPI_FLASH_SECTOR_SIZE (4096) +#define SPI_FLASH_PAGE_SIZE (256) + #ifdef SPI_FLASH #include -#define SPI_FLASH_SECTOR_SIZE (4096) -#define SPI_FLASH_PAGE_SIZE (256) uint16_t spi_flash_probe(void); void spi_flash_sector_erase(uint32_t address); diff --git a/src/loader.c b/src/loader.c index e1a89aae..6bdffc46 100644 --- a/src/loader.c +++ b/src/loader.c @@ -44,7 +44,7 @@ static int wolfBoot_copy_sector(struct wolfBoot_image *src, struct wolfBoot_imag wb_flash_erase(dst, dst_sector_offset, WOLFBOOT_SECTOR_SIZE); while (pos < WOLFBOOT_SECTOR_SIZE) { if (src_sector_offset + pos < (src->fw_size + IMAGE_HEADER_SIZE + FLASHBUFFER_SIZE)) { - ext_flash_read((uint32_t)(src->hdr) + src_sector_offset + pos, (void *)buffer, FLASHBUFFER_SIZE); + ext_flash_read((uint32_t)(src->hdr) + src_sector_offset + pos, (void *)buffer, FLASHBUFFER_SIZE); wb_flash_write(dst, dst_sector_offset + pos, buffer, FLASHBUFFER_SIZE); } pos += FLASHBUFFER_SIZE; @@ -87,16 +87,16 @@ static int wolfBoot_update(int fallback_allowed) /* Check the first sector to detect interrupted update */ if ((wolfBoot_get_sector_flag(PART_UPDATE, 0, &flag) < 0) || (flag == SECT_FLAG_NEW)) { - /* In case this is a new update, do the required - * checks on the firmware update + /* In case this is a new update, do the required + * checks on the firmware update * before starting the swap */ - if (!update.hdr_ok || (wolfBoot_verify_integrity(&update) < 0) + if (!update.hdr_ok || (wolfBoot_verify_integrity(&update) < 0) || (wolfBoot_verify_authenticity(&update) < 0)) { return -1; } #ifndef ALLOW_DOWNGRADE - if ( !fallback_allowed && + if ( !fallback_allowed && (wolfBoot_update_firmware_version() <= wolfBoot_current_firmware_version()) ) return -1; #endif @@ -157,11 +157,15 @@ static void wolfBoot_start(void) { uint8_t st; struct wolfBoot_image boot, update; - if ((wolfBoot_get_partition_state(PART_UPDATE, &st) == 0) && (st == IMG_STATE_UPDATING)) { - wolfBoot_update(0); - } else if ((wolfBoot_get_partition_state(PART_BOOT, &st) == 0) && (st == IMG_STATE_TESTING)) { + /* First, check if the BOOT partition is still in TESTING, + * to trigger fallback. + */ + if ((wolfBoot_get_partition_state(PART_BOOT, &st) == 0) && (st == IMG_STATE_TESTING)) { wolfBoot_update_trigger(); wolfBoot_update(1); + /* Check for new updates in the UPDATE partition */ + } else if ((wolfBoot_get_partition_state(PART_UPDATE, &st) == 0) && (st == IMG_STATE_UPDATING)) { + wolfBoot_update(0); } if ((wolfBoot_open_image(&boot, PART_BOOT) < 0) || (wolfBoot_verify_integrity(&boot) < 0) || @@ -171,6 +175,7 @@ static void wolfBoot_start(void) /* panic */; } } + hal_prepare_boot(); do_boot((void *)boot.fw_base); } diff --git a/src/spi_flash.c b/src/spi_flash.c index 32acb535..b9d21029 100644 --- a/src/spi_flash.c +++ b/src/spi_flash.c @@ -150,13 +150,15 @@ static int spi_flash_write_sb(uint32_t address, const void *data, int len) wait_busy(); spi_flash_read(address, &verify, 1); if ((verify & ~(buf[j])) == 0) { + if (verify != buf[j]) + return -1; j++; len--; address++; } wait_busy(); } - return j; + return 0; } /* --- */ diff --git a/test-app/main.c b/test-app/main.c index 44c18ed0..7ae59695 100644 --- a/test-app/main.c +++ b/test-app/main.c @@ -33,6 +33,12 @@ #ifdef PLATFORM_stm32f4 +#ifdef SPI_FLASH +extern void spi_release(void); +#else +#define spi_release() do{}while(0) +#endif + #define UART1 (0x40011000) @@ -200,7 +206,6 @@ void main(void) { led_pwm_setup(); pwm_init(CPU_FREQ, 0); - spi_flash_probe(); /* Dim the led by altering the PWM duty-cicle * in isr_tim2 (timer.c) * @@ -281,7 +286,9 @@ void main(void) { ack(next_seq); if (next_seq >= tot_len) { /* Update complete */ + spi_flash_probe(); wolfBoot_update_trigger(); + spi_release(); hal_flash_lock(); break; } diff --git a/tools/test.mk b/tools/test.mk index d3b11ee1..e2c72281 100644 --- a/tools/test.mk +++ b/tools/test.mk @@ -6,6 +6,29 @@ $(EXPVER): make -C tools/test-expect-version # Testbed actions +# +# + +test-spi-on: FORCE + @echo "8" >/sys/class/gpio/unexport || true + @echo "9" >/sys/class/gpio/unexport || true + @echo "10" >/sys/class/gpio/unexport || true + @echo "11" >/sys/class/gpio/unexport || true + @modprobe spi_bcm2835 + @modprobe spidev + +test-spi-off: FORCE + @rmmod spi_bcm2835 + @rmmod spidev + @echo "8" >/sys/class/gpio/export + @echo "9" >/sys/class/gpio/export + @echo "10" >/sys/class/gpio/export + @echo "11" >/sys/class/gpio/export + @echo "in" >/sys/class/gpio/gpio8/direction + @echo "in" >/sys/class/gpio/gpio9/direction + @echo "in" >/sys/class/gpio/gpio10/direction + @echo "in" >/sys/class/gpio/gpio11/direction + test-update: test-app/image.bin FORCE @$(SIGN_TOOL) test-app/image.bin $(PRIVATE_KEY) $(TEST_UPDATE_VERSION) 131072 >/dev/null @@ -13,16 +36,18 @@ test-update: test-app/image.bin FORCE @printf "pBOOT" >> test-update.bin @make test-reset @sleep 2 - @sudo st-flash --reset write test-update.bin 0x08040000 || \ - (make test-reset && sleep 1 && sudo st-flash --reset write test-update.bin 0x08040000) || \ - (make test-reset && sleep 1 && sudo st-flash --reset write test-update.bin 0x08040000) + @st-flash --reset write test-update.bin 0x08040000 || \ + (make test-reset && sleep 1 && st-flash --reset write test-update.bin 0x08040000) || \ + (make test-reset && sleep 1 && st-flash --reset write test-update.bin 0x08040000) -test-update-ext: +test-update-ext: test-app/image.bin FORCE @$(SIGN_TOOL) test-app/image.bin $(PRIVATE_KEY) $(TEST_UPDATE_VERSION) 524288 >/dev/null @$$(dd if=/dev/zero bs=1M count=1 | tr '\000' '\377' > test-update.rom) @dd if=test-app/image.bin.v$(TEST_UPDATE_VERSION).signed of=test-update.rom bs=1 count=524283 conv=notrunc @printf "pBOOT" | dd of=test-update.rom obs=1 seek=524283 count=5 conv=notrunc - flashrom -c $(SPI_CHIP) -p linux_spi:dev=/dev/spidev0.0 -w update.rom + @make test-spi-on + flashrom -c $(SPI_CHIP) -p linux_spi:dev=/dev/spidev0.0 -w test-update.rom + @make test-spi-off @make test-reset @sleep 2 @make clean @@ -31,24 +56,31 @@ test-erase: FORCE @echo Mass-erasing the internal flash: @make test-reset @sleep 2 - @sudo st-flash erase + @st-flash erase + +test-erase-ext: FORCE + @make test-spi-on + @echo Mass-erasing the external SPI flash: + flashrom -c $(SPI_CHIP) -p linux_spi:dev=/dev/spidev0.0 -E + @make test-spi-off test-factory: factory.bin @make test-reset @sleep 2 - @sudo st-flash --reset write factory.bin 0x08000000 || \ - (make test-reset && sleep 1 && sudo st-flash --reset write factory.bin 0x08000000) || \ - (make test-reset && sleep 1 && sudo st-flash --reset write factory.bin 0x08000000) + @st-flash --reset write factory.bin 0x08000000 || \ + (make test-reset && sleep 1 && st-flash --reset write factory.bin 0x08000000) || \ + (make test-reset && sleep 1 && st-flash --reset write factory.bin 0x08000000) test-reset: FORCE - @sudo st-info --reset + @$$(sleep 1 && st-info --reset) & ## Test cases: test-01-forward-update-no-downgrade: $(EXPVER) FORCE + @make test-erase @echo Creating and uploading factory image... @make test-factory @echo Expecting version '1' @@ -67,6 +99,7 @@ test-01-forward-update-no-downgrade: $(EXPVER) FORCE @echo TEST PASSED test-02-forward-update-allow-downgrade: $(EXPVER) FORCE + @make test-erase @echo Creating and uploading factory image... @make test-factory ALLOW_DOWNGRADE=1 @echo Expecting version '1' @@ -85,6 +118,7 @@ test-02-forward-update-allow-downgrade: $(EXPVER) FORCE @echo TEST PASSED test-03-rollback: $(EXPVER) FORCE + @make test-erase @echo Creating and uploading factory image... @make test-factory @echo Expecting version '1' @@ -112,7 +146,8 @@ test-11-forward-update-no-downgrade-ECC: $(EXPVER) FORCE test-13-rollback-ECC: $(EXPVER) FORCE @make test-03-rollback SIGN=ECC256 -test-21-forward-update-no-downgrade-SPI: FORCE +test-21-forward-update-no-downgrade-SPI: $(EXPVER) FORCE + @make test-erase-ext @echo Creating and uploading factory image... @make test-factory SPI_FLASH=1 @echo Expecting version '1' @@ -130,9 +165,10 @@ test-21-forward-update-no-downgrade-SPI: FORCE @make clean @echo TEST PASSED -test-23-rollback-SPI: +test-23-rollback-SPI: $(EXPVER) FORCE + @make test-erase-ext @echo Creating and uploading factory image... - @make test-factory SPI_FLASH=1 + @make test-factory SPI_FLASH=1 @echo Expecting version '1' @$$(test `$(EXPVER)` -eq 1) @echo @@ -148,8 +184,9 @@ test-23-rollback-SPI: @echo @echo Resetting to trigger rollback... @make test-reset + @sleep 2 @$$(test `$(EXPVER)` -eq 4) @make clean @echo TEST PASSED -test-all: clean test-01-forward-update-no-downgrade test-02-forward-update-allow-downgrade test-03-rollback test-11-forward-update-no-downgrade-ECC test-13-rollback-ECC +test-all: clean test-01-forward-update-no-downgrade test-02-forward-update-allow-downgrade test-03-rollback test-11-forward-update-no-downgrade-ECC test-13-rollback-ECC test-21-forward-update-no-downgrade-SPI test-23-rollback-SPI