The original SHI module only has one output FIFO buffer. It costs a lot
when the driver has to send/change the protocol control code because it
must fill out all 128 bytes of output FIFO. In npcx4, we introduce
another output buffer in 1-byte depth. These two buffers can switch back
and forth during the transaction. We can use the single-byte buffer
to send the control code and the 128-byte FIFO to send the data payload.
It helps improve the SHI driver's efficiency.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
Implement the pm_policy lock to prevent the chip enters the deep slepp
mode while shi transaction is ongoing.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
Initially, the command/reply ID byte was not part of the data length
macros. But later, when it was changed to include it, the buffer length
checks was not adjusted. Due to this, we were not using the last byte in
the buffer. Fix this issue by correcting the condition.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Commit c7fec71193 ("mgmt/osdp: Add length checks for commands and
replies") attempted to remove code duplication by adding a macro to perform
a length check. At the time, a CI linter did not like macros with control
flow so the code was switched to a method which called __ASSERT() on this
condition.
The __ASSERT() macro is a nop if CONFIG_ASSERT=n (which is the default) and
causes the buffer access to be unguarded which may lead to OOB accesses.
This patch fixes the issue by reintroducing the if check.
Fixes: c7fec71193.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
`smp_shell_input_timeout_handler`. Create a public function in
the `shell_uart.c` for it to get the pointer to the
`smp_shell_data` and fix the compilation error.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
SMP shell was looking into internal shell uart structures to get
uart device. This structures are now internal to the shell and
cannot be used. Using device tree chosen instead.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Adds datetime set and get functions which allow for setting and
getting the current time to/from the rtc alias device
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Move the syscall_handler.h header, used internally only to a dedicated
internal folder that should not be used outside of Zephyr.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The mcumgr SMP UDP configs struct was causing a unique tag name
violation (rule 5.7).
The struct name has been changed from configs to smp_udp_configs.
Signed-off-by: Ben Marsh <ben.marsh@helvar.com>
mcumgr's SMP UDP transport was unnecessarily using a potentially large
amount of ROM space due to static initialising fields in a
config struct that also contains buffers/stacks.
This has been changed to instead initialise fields in the start
function, reducing ROM usage by ~5K in the default configuration
with IPv4 and IPv6 enabled.
Signed-off-by: Ben Marsh <ben.marsh@helvar.com>
Add the len_max rx structure member to indicate maximum number of bytes
possible to receive. It is needed to send information about our protocol
parameters to host.
Also, limit the maximum size of request/responses for backends that uses
buffers provided by the handler.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Since CRC32 hash/checksum support is enabled by default, make it
select the CRC Kconfig symbol
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Only SMP over console transports need CRC support, therefore do
not imply CRC support for MCUmgr entirely because only 2 optional
transports require it
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
SMP over console uses a checksum, therefore it is required in order
to enable these transports
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby the erase function would return an unknown
error, which would happen when the slot was already erased.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Do not use timeout for UART callback. The UART IRQ bases on the IDLE
line, so waiting for additional bytes is not necessary and it introduce
additional latency.
Another issue with the timeout is that the UART drivers use sysworkq for
implementing timeout. The sysworkq thread may have lower prio than the
host command thread, which may cause a delay in calling the UART
callback, which gives the semaphore to the HC handler.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Oneline fix to smp_bt.c smp transport register.
smp_client_transport_register() is a void function and
has no return value, so it should be ignored.
Signed-off-by: Alexander Stark <alexander.t.stark@gmail.com>
Handles return values from settings handlers which were missing
and would return "Unknown error" to clients instead of the read
error
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes the error code being returned when trying to perform a
hash/checksum on an empty file to show it is because the file is
empty, not because a paramter (which was not provided) was too
large.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
rand32.h does not make much sense, since the random subsystem
provides more APIs than just getting a random 32 bits value.
Rename it to random.h and get consistently with other
subsystems.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
`smp_send_pos` is 16 bits wide but it was being
passed as uint8_t, thus truncating.
This made it impossible to receive packets
larger than 256 bytes.
Signed-off-by: Stasys Aužbikas <stasysau@gmail.com>
This commit adds support for finding registered mcumgr command groups.
By default, supported command groups are local to the namespace where
they're registered. This api addition allows applications to get
reference to these supported command groups to deregister & re-register
them.
This adds scope for applications to support multiple implementations
of a command group alongside the default.
Signed-off-by: Chandler Keep <chandlersamkeep@gmail.com>
Adds command allowing to query information on bootloader.
In this case support is provided to query MCUboot information.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds support for uploading image to board with MCUboot
configured with DirectXIP with revert.
It allows to set uploaded image either for test or as permanent
boot application, until newer image gets confirmed.
Note that in DirectXIP with revert MCUboot will remove image
that has not been set for test nor confirmed and MCUmgr does not
set either mode unless image has the mode set within uploaded
binary.
The commit adds Kconfig option
CONFIG_MCUBOOT_BOOTLOADER_MODE_DIRECT_XIP_WITH_REVERT
that enabled the new mode of operation within MCUmgr.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Updates possible return errors for fs mgmt file upload, to clarify
when a provided path is on a read-only filesystem or if the mount
point does not exist.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
If autoinit is not enebled, it is allowed to build a few backends and
initialize a proper one in runtime.
Check number of backends only if autoinit is enabled.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
Modify the signature of the k_mem_slab_free() function with a new one,
replacing the old void **mem with void *mem as a parameter.
The following function:
void k_mem_slab_free(struct k_mem_slab *slab, void **mem);
has the wrong signature. mem is only used as a regular pointer, so there
is no need to use a double-pointer. The correct signature should be:
void k_mem_slab_free(struct k_mem_slab *slab, void *mem);
The issue with the current signature, although functional, is that it is
extremely confusing. I myself, a veteran Zephyr developer, was confused
by this parameter when looking at it recently.
All in-tree uses of the function have been adapted.
Fixes#61888.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Makes img_mgmt_slot_to_image image number independent and moves
it to header file as static inline.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The erase logic has been switched to using img_mgmt_get_opposite_slot
and the img_mgmt_get_other_slot has been removed.
The commit adds CONFIG_MCUMGR_GRP_IMG_ALLOW_ERASE_PENDING Kconfig
options, default set to n, that allows to make pending slot
erasable. The option only allows erase on pending slot that
is not revert slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Make img_mgmt_active_slot independent from
CONFIG_MCUMGR_GRP_IMG_UPDATABLE_IMAGE_NUMBER for MCUboot swap type
algorithms.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit modifies image list command operations to use
img_mgmt_get_next_boot_slot instead of directly relying of
MCUboot flags.
The function is now used, also, by img_mgmt_slot_in_use to
figure out whether queried slot is in use.
The commit introduces two new Kconfig options
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY
MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_ANY
that allow users to enable confirming non-active images slots.
The MCUMGR_GRP_IMG_ALLOW_CONFIRM_NON_ACTIVE_IMAGE_SECONDARY is y
by default to keep original behavior of logic that accidentally
allowed confirming secondary slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit adds functions:
img_mgmt_get_next_boot_slot
img_mgmt_get_opposite_slot
to simplify obtaining information on next boot slot.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The connectivity monitoring subfeature of conn_mgr is currently also
named conn_mgr, which is confusing.
This commit renames it to conn_mgr_monitor, or conn_mgr_mon for short,
for clarity.
Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
Drop few redeclared variables, fixes some:
settings_mgmt.c:454:30: error: declaration of ok shadows a previous
local [-Werror=shadow]
454 | bool ok;
| ^~
settings_mgmt.c:436:14: note: shadowed declaration is here
436 | bool ok = true;
| ^~
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix few instances of delayable work handlers using the k_work pointer
directly in a CONTAINER_OF pointing to a k_work_delayable.
This is harmless since the k_work is the first element in
k_work_delayable, but using k_work_delayable_from_work is the right way
of handling it.
Change a couple of explicit CONTAINER_OF doing the same work as the
macro in the process.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Adds a settings management group to MCUmgr which allows for
manipulation of the zephyr settings from a remote device.
Includes callback hooks to secure access from an application.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
