When a PD is set online, we need to do other actions along with it. To
make this easier in future, move cp_set_state(pd, OSDP_CP_STATE_ONLINE)
to it's own method cp_set_online(pd).
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Select in Kconfig causes many issues with dependency loops, this
resolves the issue by replacing most select with depends on for
MCUmgr, including updates to the sample smp_svr application and
tests.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This patch replaces many instances where raw loops were used to copy bytes
with memcpy calls.
No functional change intended.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Do not check or send the first entry in the pd->cp[] device capability
table which is for function code 0 which is not a defined function code.
Signed-off-by: David Vucich <dave@alcatraz.ai>
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
By default, on errors, pd_decode_command replies with osdp_NAK with
sub-error code set to OSDP_PD_NAK_CMD_LEN (achieved using the ret ==
OSDP_PD_ERR_GENERIC check before return). This is works for all packet
framing errors; but when a more specific error code needs to be sent, ret
has to be set to something other than OSDP_PD_ERR_GENERIC (a suitable error
code happens to be OSDP_PD_ERR_REPLY) to prevent the tail check from
overwriting the error info.
In CMD_KEYSET, we fill a more specific error code but do not set the ret to
OSDP_PD_ERR_REPLY. It causes this error to be reported as a framing
error hence loosing some extended info about the error. Fix this issue by
reordering the checks a bit.
Fixes: 7f4d2c741b "mgmt/osdp: Add support for Secure Channel"
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Initially, subsys/mgmt had its own STR() macro for string pasting which was
replaced with the zephry provided STRINGIFY(). The definition of this macro
seems to have lingered on so remove it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
During handshake, only certain types of secure block types (<= SCS_14)
are allowed. A rouge CP/PD can try to bypass the handshake by directly
sending a secure block type ahead of the sequence and gain a secure
channel. Fix this by adding a check in packet decode time.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
OSDP specification section 5.7 states that a transmitting device has to
drive the transmission line to a marking state for a period of one char
in the current baud rate. This can be achieved by sending 0xFF. Since
this is not mentioned in the packet structure definition, many commercial
implementations of OSDP out in the wild do not send/expect this byte.
To work with such non-conforming devices, we will try to be as flexible
as possible in the PD: send mark byte only if the other side sent one. In
case of CP, we have no option but to send the mark byte to be as close
to the specification as possible. If a particular use case needs the CP
to not send it, we will provide a Kconfig option to disable it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Now that we have the necessary infrastructure to collect events from PD
apps, we can use them to translate it to OSDP packet sequence for card
reads and key press events.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
OSDP compliant devices communicate their capabilities and discover what
their peer can and cannot do. Right now, PD advertises these capabilities
and expects CP to honor them. Although this is not known to cause any
issues, it is not desirable to allow such accesses.
Add a check of incoming commands to to validate that the corresponding
capability was enabled and advertised.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Since cmd_data member is used by both commands and events to store the
contents of current transaction, rename it to ephemeral_data which
better reflects the purpose of the variable.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Bluetooth does not need to be enabled to register services,
therefore the newly introduced automatic bluetooth SMP transport
registration system can be simplified by returning enabling of
bluetooth back to the application.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The updatehub shell cmd_info allocate memory but not checks function
return. This add missing checks and proper error handle.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The current updatehub version forces user application to run in kernel
mode. This add necessary api syscalls to isolate userspace from kernel.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The img_mgmt_flash_area_id would add processing of
slot2_partition and slot3_partition if they only exist, even if
not used at all.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
This changes some of the MCUmgr transport CMake select statements
to depends on, this is to align with other in-tree symbols that
do not pull in whole subsystems and instead only allow selection
if those subsystems are already enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
BOOT_MAGIC_SZ and BOOT_MAX_ALIGN were used in the header without
including bootutil/bootutil_public.h. This change remove the need of
the inclusion by making the dependency private.
Fixes#52095
Signed-off-by: Guillaume Lager <g.lager@innoseis.com>
This add storage abstraction to allow switch between different flash
APIs. This remove the erase command at updatehub core and move it to
storage init phase.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Currently MCUboot and system reset are invoked directly in the sample
applicatiion. This introduce 2 new methods to isolate system from
application.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Move header includes to source file. Currently firmware source files
have a hardcode partition identificator. This moves identificators
to updatehub core.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
The CP app sends PD a "command" and the PD responds to it. Some times,
the PD has something that it wants to tell the PD which it does so in
response to POLL command. Both CP and PD apps need a way to exchange
these info over the OSDP bus. To archive this we will introduce what are
called "events" that allow the PD app to enqueue and CP app to get
notified.
This is analogous to the incumbent "commands" abstraction where, the CP
app enqueues a command and the PD app gets notified of it.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
For all commands and replies, the buffer length needed to build or the
length of data needed to decode needs to be checked and asserted. Right now
we do this by ad-hoc if-s. Add macros that do this at a common location.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
The raw, flags check has become a bit excessive and has begun to affect
code readability. Provide inline functions for those accesses that are
frequent. Also, get rid of `struct osdp_cp` as it can be fully represented
by `struct osdp` itself.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
CP has an array of PDs and pd->offset was the position of the PD in CP's
list. Since offset has many meanings, rename it to pd->idx.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
Partial packets in the RX buffers cause the subsequent packet to be
treated as malformed. The RX buffer can have partial data if the sender
is too slow in sending the packet of if there is an interruption in
transmission mid-way.
To avoid any issues due to such partials, flush the uart channel before
sending the command/response.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
The log lines in CP and PD had a prefix such as "CP: " and "PD: " that
does not add too much value as a given device an either be CP or PD
only. This patch removes those and enhances some other log lines while
at it.
It also adds a enum for return values throughout the module to improve
code quality.
Signed-off-by: Siddharth Chandrasekaran <sidcha.dev@gmail.com>
This commit adds the support for host commands being transported
by the Serial Host Interface on the NPCX SoC.
Signed-off-by: Michał Barnaś <mb@semihalf.com>
This prevents a configuration error by selecting the console if
the UART MCUmgr transport is used, which is actually a dependency
for this transport.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Fixes an issue whereby event ID was not checked properly, meaning
that OR'd events would not work as one would expect.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The TinyCrypt is the current library used by UpdateHub to perform
SHA-256 integrity check. This refactor code and add support to
mbedTLS library. It changes default library to mbedTLS to use
hardware accelerator when available.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
Fixes an issue with a missing variable when
CONFIG_IMG_MGMT_REJECT_DIRECT_XIP_MISMATCHED_SLOT is enabled.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
After Kconfig options got renamed, some of the no longer fit
to files they have been defined in.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Will check an uploaded image's hash against the hash that was
originally supplied before the upload began and return the result to
the client to know if the upload was successful or if there was an
error during upload. Requires CONFIG_IMG_ENABLE_IMAGE_CHECK be
enabled for functionality to be available.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This moves the UDP and Bluetooth initialisation for MCUmgr to be
performed automatically with the new hander registration feature.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Makes group registration functions for MCUmgr handlers static as
they are registered automatically at startup.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This replaces the requirement for applications to manually
register MCUmgr handlers by having an iterable section which
then automatically registers the handlers at boot time.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This change changes the previous mcumgr behaviour of return result
codes when the status is 0 (OK) to being legacy behaviour, instead
it will skip the rc field for these responses. If there is only an
rc field with status 0 to return, then mcumgr will now instead just
return an empty map.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
This fixes an issue whilst investigating using iterable sections,
which cannot be used when the non-zephyr prefixed functions are
used. It also resolves a possible critical bug intoduced with the
MCUmgr rework whereby functions or elements seem to have silently
dropped.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The CBOR encoding allows strings to have white spaces, and as string
may be used as key it should also be allowed to use space in key.
The commit provides ZCBOR_MAP_DECODE_KEY_DECODER macro, which is
intended to replace ZCBOR_MAP_DECODE_KEY_VAL macro, that allows
to use string keys with spaces in it.
Both macros are available for now.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Fixes an issue with large packets being received, these packets are
chunked into 127-byte frames for the serial transport but this system
is not needed for the dummy transport as it has a fixed size buffer.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The device information handler can be used to retrieve information about
the configuration of the configured device such as board name, board
revision, firmware version and build date.
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The shell_mgmt_config.h and stat_mgmt_config.h as they have been only
providing alternative identifiers for Kconfig options.
Now the Kconfig options are directly used in code and the headers
have been removed.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
