The SPI STM32 Host Command backend doesn't use general SPI driver, so it
has to implement Power Management on its own.
The suspend procedure includes: setting pins to the sleep state,
disabling device clock and disabling CS pin interrupt.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
There are several subsystems and boards which require a relatively large
system heap (used by k_malloc()) to function properly. This became even
more notable with the recent introduction of the ACPICA library, which
causes ACPI-using boards to require a system heap of up to several
megabytes in size.
Until now, subsystems and boards have tried to solve this by having
Kconfig overlays which modify the default value of HEAP_MEM_POOL_SIZE.
This works ok, except when applications start explicitly setting values
in their prj.conf files:
$ git grep CONFIG_HEAP_MEM_POOL_SIZE= tests samples|wc -l
157
The vast majority of values set by current sample or test applications
is much too small for subsystems like ACPI, which results in the
application not being able to run on such boards.
To solve this situation, we introduce support for subsystems to specify
their own custom system heap size requirement. Subsystems do
this by defining Kconfig options with the prefix HEAP_MEM_POOL_ADD_SIZE_.
The final value of the system heap is the sum of the custom
minimum requirements, or the value existing HEAP_MEM_POOL_SIZE option,
whichever is greater.
We also introduce a new HEAP_MEM_POOL_IGNORE_MIN Kconfig option which
applications can use to force a lower value than what subsystems have
specficied, however this behavior is disabled by default.
Whenever the minimum is greater than the requested value a CMake warning
will be issued in the build output.
This patch ends up modifying several places outside of kernel code,
since the presence of the system heap is no longer detected using a
non-zero CONFIG_HEAP_MEM_POOL_SIZE value, rather it's now detected using
a new K_HEAP_MEM_POOL_SIZE value that's evaluated at build.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The implementation waited for a NET_EVENT_L4_CONNECTED event to be
emitted. However we can start the receiving thread in case the interface
is up.
This allows for IPv6 Link Local addresses to be used with mcumgr.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Not clearing that lock lead to the fs_mgmt commands being useless, after
the mgmt callback returned `MGMT_CB_ERROR_RC` once, since the lock is now
occupied and never cleared.
Fixes#66581
Signed-off-by: Ruben Völl <ruben.voell@grandcentrix.net>
Use a flag in `c:struct:mgmt_handler` to skip the cbor start and end byte,
and instead use pure custom user defined payload.
Signed-off-by: Kuno Heltborg <kunoh@live.dk>
The 2 issues were found after CONFIG_OSDP_SC_ENABLED was enabled:
- missing curly brace after if
- typo in type name
Signed-off-by: Arkadiusz Wadowski <wadowski.arkadiusz@gmail.com>
Add const prefix for service uuid and char uuid.
Since Service UUID and Char UUID should not change in the service
definition, they are most reasonably defined as rodata, also for
save some ram footprint.
The field `attr->user_data` type is `void *`, as this PR change
all Service UUID to rodata, so there must add (void *) to avoid warning.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
slab_buff size is calculated based on size of osdp_ephemeral_data union
so it is safer to use same structure for slab init.
Changes in osdp_event or osd_cmd structures can cause crashes without this.
Signed-off-by: Arkadiusz Wadowski <wadowski.arkadiusz@gmail.com>
The original SHI module only has one output FIFO buffer. It costs a lot
when the driver has to send/change the protocol control code because it
must fill out all 128 bytes of output FIFO. In npcx4, we introduce
another output buffer in 1-byte depth. These two buffers can switch back
and forth during the transaction. We can use the single-byte buffer
to send the control code and the 128-byte FIFO to send the data payload.
It helps improve the SHI driver's efficiency.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
Implement the pm_policy lock to prevent the chip enters the deep slepp
mode while shi transaction is ongoing.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
Initially, the command/reply ID byte was not part of the data length
macros. But later, when it was changed to include it, the buffer length
checks was not adjusted. Due to this, we were not using the last byte in
the buffer. Fix this issue by correcting the condition.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Commit c7fec71193 ("mgmt/osdp: Add length checks for commands and
replies") attempted to remove code duplication by adding a macro to perform
a length check. At the time, a CI linter did not like macros with control
flow so the code was switched to a method which called __ASSERT() on this
condition.
The __ASSERT() macro is a nop if CONFIG_ASSERT=n (which is the default) and
causes the buffer access to be unguarded which may lead to OOB accesses.
This patch fixes the issue by reintroducing the if check.
Fixes: c7fec71193.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
`smp_shell_input_timeout_handler`. Create a public function in
the `shell_uart.c` for it to get the pointer to the
`smp_shell_data` and fix the compilation error.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
SMP shell was looking into internal shell uart structures to get
uart device. This structures are now internal to the shell and
cannot be used. Using device tree chosen instead.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Adds datetime set and get functions which allow for setting and
getting the current time to/from the rtc alias device
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Move the syscall_handler.h header, used internally only to a dedicated
internal folder that should not be used outside of Zephyr.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The mcumgr SMP UDP configs struct was causing a unique tag name
violation (rule 5.7).
The struct name has been changed from configs to smp_udp_configs.
Signed-off-by: Ben Marsh <ben.marsh@helvar.com>
mcumgr's SMP UDP transport was unnecessarily using a potentially large
amount of ROM space due to static initialising fields in a
config struct that also contains buffers/stacks.
This has been changed to instead initialise fields in the start
function, reducing ROM usage by ~5K in the default configuration
with IPv4 and IPv6 enabled.
Signed-off-by: Ben Marsh <ben.marsh@helvar.com>
Add the len_max rx structure member to indicate maximum number of bytes
possible to receive. It is needed to send information about our protocol
parameters to host.
Also, limit the maximum size of request/responses for backends that uses
buffers provided by the handler.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Since CRC32 hash/checksum support is enabled by default, make it
select the CRC Kconfig symbol
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Only SMP over console transports need CRC support, therefore do
not imply CRC support for MCUmgr entirely because only 2 optional
transports require it
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
SMP over console uses a checksum, therefore it is required in order
to enable these transports
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby the erase function would return an unknown
error, which would happen when the slot was already erased.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Do not use timeout for UART callback. The UART IRQ bases on the IDLE
line, so waiting for additional bytes is not necessary and it introduce
additional latency.
Another issue with the timeout is that the UART drivers use sysworkq for
implementing timeout. The sysworkq thread may have lower prio than the
host command thread, which may cause a delay in calling the UART
callback, which gives the semaphore to the HC handler.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Oneline fix to smp_bt.c smp transport register.
smp_client_transport_register() is a void function and
has no return value, so it should be ignored.
Signed-off-by: Alexander Stark <alexander.t.stark@gmail.com>
Handles return values from settings handlers which were missing
and would return "Unknown error" to clients instead of the read
error
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes the error code being returned when trying to perform a
hash/checksum on an empty file to show it is because the file is
empty, not because a paramter (which was not provided) was too
large.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
rand32.h does not make much sense, since the random subsystem
provides more APIs than just getting a random 32 bits value.
Rename it to random.h and get consistently with other
subsystems.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
`smp_send_pos` is 16 bits wide but it was being
passed as uint8_t, thus truncating.
This made it impossible to receive packets
larger than 256 bytes.
Signed-off-by: Stasys Aužbikas <stasysau@gmail.com>
This commit adds support for finding registered mcumgr command groups.
By default, supported command groups are local to the namespace where
they're registered. This api addition allows applications to get
reference to these supported command groups to deregister & re-register
them.
This adds scope for applications to support multiple implementations
of a command group alongside the default.
Signed-off-by: Chandler Keep <chandlersamkeep@gmail.com>
Adds command allowing to query information on bootloader.
In this case support is provided to query MCUboot information.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for uploading image to board with MCUboot
configured with DirectXIP with revert.
It allows to set uploaded image either for test or as permanent
boot application, until newer image gets confirmed.
Note that in DirectXIP with revert MCUboot will remove image
that has not been set for test nor confirmed and MCUmgr does not
set either mode unless image has the mode set within uploaded
binary.
The commit adds Kconfig option
CONFIG_MCUBOOT_BOOTLOADER_MODE_DIRECT_XIP_WITH_REVERT
that enabled the new mode of operation within MCUmgr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Updates possible return errors for fs mgmt file upload, to clarify
when a provided path is on a read-only filesystem or if the mount
point does not exist.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
If autoinit is not enebled, it is allowed to build a few backends and
initialize a proper one in runtime.
Check number of backends only if autoinit is enabled.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Modify the signature of the k_mem_slab_free() function with a new one,
replacing the old void **mem with void *mem as a parameter.
The following function:
void k_mem_slab_free(struct k_mem_slab *slab, void **mem);
has the wrong signature. mem is only used as a regular pointer, so there
is no need to use a double-pointer. The correct signature should be:
void k_mem_slab_free(struct k_mem_slab *slab, void *mem);
The issue with the current signature, although functional, is that it is
extremely confusing. I myself, a veteran Zephyr developer, was confused
by this parameter when looking at it recently.
All in-tree uses of the function have been adapted.
Fixes#61888.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Makes img_mgmt_slot_to_image image number independent and moves
it to header file as static inline.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The erase logic has been switched to using img_mgmt_get_opposite_slot
and the img_mgmt_get_other_slot has been removed.
The commit adds CONFIG_MCUMGR_GRP_IMG_ALLOW_ERASE_PENDING Kconfig
options, default set to n, that allows to make pending slot
erasable. The option only allows erase on pending slot that
is not revert slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Make img_mgmt_active_slot independent from
CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER for MCUboot swap type
algorithms.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit modifies image list command operations to use
img_mgmt_get_next_boot_slot instead of directly relying of
MCUboot flags.
The function is now used, also, by img_mgmt_slot_in_use to
figure out whether queried slot is in use.
The commit introduces two new Kconfig options
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_ANY
that allow users to enable confirming non-active images slots.
The MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY is y
by default to keep original behavior of logic that accidentally
allowed confirming secondary slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds functions:
img_mgmt_get_next_boot_slot
img_mgmt_get_opposite_slot
to simplify obtaining information on next boot slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The connectivity monitoring subfeature of conn_mgr is currently also
named conn_mgr, which is confusing.
This commit renames it to conn_mgr_monitor, or conn_mgr_mon for short,
for clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Drop few redeclared variables, fixes some:
settings_mgmt.c:454:30: error: declaration of ok shadows a previous
local [-Werror=shadow]
454 | bool ok;
| ^~
settings_mgmt.c:436:14: note: shadowed declaration is here
436 | bool ok = true;
| ^~
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix few instances of delayable work handlers using the k_work pointer
directly in a CONTAINER_OF pointing to a k_work_delayable.
This is harmless since the k_work is the first element in
k_work_delayable, but using k_work_delayable_from_work is the right way
of handling it.
Change a couple of explicit CONTAINER_OF doing the same work as the
macro in the process.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Adds a settings management group to MCUmgr which allows for
manipulation of the zephyr settings from a remote device.
Includes callback hooks to secure access from an application.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
MCUmgr client upload max data payload length was missing
Transport layer CRC + 16bit lenght. Full net buf packet was
possible to send but receiver side it was blocked because there
was not space for calculate CRC and length.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
Add support for SPI host command backend for STM32 chips family.
Unfortunately, the current SPI API can't be used to handle the host
commands communication. The main issues are unknown command size sent
by the host(the SPI transaction sends/receives specific number of bytes)
and need to constant sending status byte(the SPI module is enabled and
disabled per transaction). Thus the SPI backend includes basic SPI STM32
driver adjusted to host command specification.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
This is a stable API treewide change changing the newly introduced
"ret" response to "err" as it was overlooked that the shell_mgmt
group already used "ret" to return the exit code of the command
and this created a collision. Since SMP version 2 was only recently
introduced, there should not be any public implementations of it
as of yet, but the original function has been kept and marked as
deprecated.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes a stray ifdef which causes a build failure if the automatic
UDP start Kconfig is not enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds the force parameter to the reset command which is now
provided to the callback hook (if enabled).
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Uses the zcbor decode bulk function instead of manually parsing the
array in the function to reduce duplicated code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Uses the zcbor decode bulk function instead of manually parsing the
array in the function to reduce duplicated code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby the data packets were not checked to ensure
that the client has not attempted to write more data than the size
that was provided in the original upload packet.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby upload image size would not be checked in
the first packet of an upload, which would allow an image to be
uploaded until it reached the point of it being too large to
fit anymore.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
MCUmgr client basic implementation for support Image and OS grpup
commands.
Image Group:
* Image state read/write
* Image Upload secondary slot
* Image Erase secondary slot
OS group:
* Reset
* Echo service, disabled by default
Opeartion's are blocked call and cant't call inside worker queue.
IMG and OS need to be SMP client object for transport.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
SMP client support for generate request and handling
response message.
Updated SMP transport for send request.
Added API for register SMP transport.
Signed-off-by: Juha Heiskanen <juha.heiskanen@nordicsemi.no>
Uses the MCUboot bootutil image.h file directly instead of an
outdated copy which resides in the zephyr tree.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds an optional callback upon image data being written, can be
used for syncing or timeout purposes.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Replaces the manual lookup function with a lookup function which
is provided when registering MCUmgr handlers which can be used to
find the function to translate error codes, allowing out of tree
MCUmgr handlers to provide error translation handlers.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The commit fixes build issue when building for two application
images in board that does not have slot0_ns_partition.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fix conditional compilation within img_mgmt_get_other_slot,
where CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER has been
incorrectly checked and #endif incorrectly placed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Add a feature to suppress commands. The suppressed commands are not
logged on the command reception.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a user possibility to set a callback for receiving a new function.
It allows instant performing some actions, that need to be done before
context switch.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Verify validity of a received command before passing it to the general
handler.
It allows performing some actions, right after receiving the command.
The context switch is not needed. Such feature may be needed for
overloaded system, where instant reboot is required.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a function to signal a new host command by a backend.
Use a function instead of giving semaphore, because it allows more
actions on rx event, common for all backends.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Add a config to save the final result of a last host command that has
sent EC_HOST_CMD_IN_PROGRESS response. To get the final result use the
ec_host_cmd_send_in_progress_status function.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Fixes an issue where a variable was used without being correctly
set by other parts of the code.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The sizeof is used in a wrong way which causes incorrect checking a
version of a command. Use NUM_BITS instead.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
The response buffer has to be cleared every command not to pass
unintended content e.g. response from a previous command, or stack
content.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Update the response buffer size, passed to a command handler, every
command, since a backend could change it in runtime.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Currently, it is not possible to use hawkbit with code that requires
POSIX_API to be set due to the dependency on NET_SOCKETS_POSIX_NAMES.
Since a lot of other code has already been moved to `zsock_`, this
commit does the same for hawkbit.
Co-authored-by: rojedag <r.ojeda@vogl-electronic.com>
Signed-off-by: Matthias Breithaupt <m.breithaupt@vogl-electronic.com>
Add a native way to log Host Command communication.
Use Zephyr logging system to do it. Use debug and normal levels.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Use one common function to send Host Command response. It allows
handling all response types within one function.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Adds status checking to the command status hook which allows an
application to inspect a request and, optionally, reject it.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
