Add a reference to flashing and booting so it can be used by minnowboard
and other boards.
Apply minor layout fixes.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This is an accessor function for the MCUboot image header of an image
bank. The interface may seem a little cumbersome, but it is
future-proof against MCUboot feature and incompatible header version
changes.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Applications chainloaded by MCUboot may want to change their behavior
based on whether or not they are confirmed.
Here are some examples:
- performing a built-in self test (BIST) if the image is not yet
confirmed, and marking it OK if it passes (this enables reverting
to an older working image if the BIST fails, and allows future
resets to skip the BIST if it passes to improve boot time)
- interacting with persistent metadata related to image state on
other flash partitions during test upgrades (these are required in
cases when the update source provides runtime metadata, such as
monotonic counters, related to an upgrade attempt which must be
used to report results)
To enable these use cases, add boot_is_img_confirmed(), which reads
the "image OK" field for the current firmware image and returns true
if and only if it is set.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
The current implementation of boot_write_img_confirmed() does not
write the image OK byte in flash bank 0 if the magic "request upgrade"
bytes in that bank are "good". This is not robust behavior.
The MCUboot design document has this to say about the image OK byte:
Upgrading an old image with a new one by swapping can be a two-step
process. In this process, mcuboot performs a "test" swap of image
data in flash and boots the new image. The new image can then
update the contents of flash at runtime to mark itself "OK", and
mcuboot will then still choose to run it during the next boot.
[...]
4. Image OK: A single byte indicating whether the image in this
slot has been confirmed as good by the user (0x01=confirmed;
0xff=not confirmed).
This says nothing about the magic bytes, so it'd be better not to make
assumptions about their effect here.
Further, MCUboot itself does not use the magic field when marking the
only known-good image on flash "OK" after either reverting a failed
upgrade or refusing to boot an upgrade iamge with an invalid
signature: instead, it unconditionally ensures the Image OK byte is
set to 0x01.
For consistency with MCUboot's design and implementation, remove the
lines that look at the magic bytes from boot_write_img_confirmed().
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Pin multiplexing is a function of the PORT peripheral. This change
defines a separate pinmux device at the same address as the PORTs
themselves.
Signed-off-by: Michael Hope <mlhx@google.com>
Add Altera Nios-II QSPI Flash controller driver which has
has 1024 blocks or sectors wich each sector size being 64K bytes.
This driver supports flash erase, write, read and lock operations.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Add Altera Nios-II QSPI Controller HAL driver to Zephyr.
The sources are taken from the Altera SDK v17.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Some code in the POSIX architecture is only meant to handle
safely errors which should never occur and therefore
are not covered.
=> We exclude them from the coverage reports.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
To avoid indeterministic behaviour of the tests
which leads to changing coverage reports, let's
finish the tests exectuion as soon as they pass
or fail.
Also let's return 0 to the shell if the test passed,
and 1 if it failed.
(Reverting
f9af42f078c93eca8b9f461f91b6cafddb57a35d and
07c9163f67
)
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Some code in the POSIX SOC (inf_clock) will only be executed
if the program is terminated by receiving a SIGTERM in a particular
part. Therefore to avoid confusing developers with changing
coverage, let's exclude it from the coverage reports.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Some code in the POSIX arch core will only be executed
in some very atypical cases depending on the host load.
To avoid confusing developers, let's exclude it from the
coverage reports.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
We preprocess gcov output with lcov before feeding it to
codecov. For the following reasons:
* codecov seems to support LCOV pseudo-pragmas only if
they match the pattern "// LCOV_EXCL"
* It is easier to understand what will happen in codecov
if we feed a preprocessed lcov file than a pile of raw
gcov files
* We can reproduce that step locally and therefore do
quicker trials
* Branch coverage is not correct when feeding gcov raw
input to codecov
+ We avoid feeding gcovr's output to codecov:
Codecov upload bash script also sees shippable/codecoverage/coverage.xml
but when this is uploaded together with lcov's the branch coverage
is not correct, and some not compiled in files are reported as not
covered.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
This patch does several things, most notably it changes the semantics
of CONFIG_DEBUG. CONFIG_DEBUG continues to behave as a vaguely defined
"debug mode" that enables printf's, -Og, etc. but now the user may
choose to be in "debug mode" while using a different optimization
level than -Og.
Tp support this a new config is defined to enable -Og;
CONFIG_DEBUG_OPTIMIZATIONS.
Additionally CONFIG_SIZE_OPTIMIZATIONS is introduced to allow the user
to explicitly request optimizing for size instead of relying on
defaulting to it.
The three config's {NO,SIZE,DEBUG}_OPTIMIZATIONS are now organized in
a Kconfig choice to ensure that at most one can be enabled at a time.
Finally, selected users of CONFIG_DEBUG have been ported to use one of
the optimizations configs when it was clear from usage that the
intention was to behave differently when using a different
optimization level and not when in "debug mode".
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Added a new config option which lowers the compiler
optimizations to -O0 independently of other flags.
CONFIG_COVERAGE uses it now instead of having its own
choice in CMakeLists.txt
Fixes#5720
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
As agreed on the recent APIs dedicated call, I will be working on
improving APIs for these two drivers.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Based on the discussion in #5693, the reason why humidity was defined
in milli-percent was likely following Linux which defines it as such
in its sensor subsystem:
http://elixir.free-electrons.com/linux/latest/source/Documentation/ABI/testing/sysfs-bus-iio#L263
However, Linux defines temperature in milli-degrees either, but
Zephyr uses degrees (similarly for most other quantities). Typical
sensor resolution/precision for humidity is also on the order of 1%.
One of the existing drivers, th02.c, already returned values in
percents, and few apps showed it without conversion and/or units,
leading to confusing output to user like "54500".
So, switching units to percents, and update all the drivers and
sample apps.
For few drivers, there was also optimized conversion arithmetics
to avoid u64_t operations. (There're probably more places to
optimize it, and temperature conversion could use such optimization
too, but that's left for another patch.)
Fixes: #5693
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Until now the OOB info and URI fields in unprovisioned beacons were
generally ignored by the implementation. Add fields for these to
bt_mesh_prov and make sure to take them into account when encoding
advertising data, both for PB-ADV and PB-GATT. For PB-ADV the URI goes
out in a separate beacon, whereas for PB-GATT it is placed in the scan
response data.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Currently, we always set the content-format as "plain/text" when
it is unrecognized. This is wrong for it's possible that payload
is actually something else.
For example, we don't support JSON as incoming format right now.
But if I send a PUT request to /1/0/1 (server objectinstance/lifetime
resource) with value 3200 in JSON format: {"e":[{"n":"","v":3200}]}.
The client will still handle the request and respond with changed (2.04)
except the lifetime resource is updated incorrectly due to parsing
error.
Correct the behavior by not setting a default format and respond with
content-format-not-support error code (4.15)
Signed-off-by: Robert Chou <robert.ch.chou@acer.com>
Be consistent with the style of always having braces even if a compound
statement isn't required. Avoids some warnings from static analysis
tools.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Tests system call memory buffer read/write validation using the
k_pipe_get() and k_pipe_put() calls from a userspace thread.
Specifically, this tests _SYSCALL_MEMORY_READ/WRITE checks
by the system call handler by attempting to read/write to a
kernel object.
write_kobject_user_pipe() attempts to write over a kernel object
by using the kernel object's location as the buffer to place
the data read from the pipe.
read_kobject_user_pipe() attempts to read a kernel object by using
the kernel object's location as the location of data to be placed
into the pipe.
Tested on qemu_x86 and frdm_k64, passes on both.
Signed-off-by: Joshua Domagalski <jedomag@tycho.nsa.gov>
Added three tests for kernel objects focusing on 1) revoking
access to a k_object that the thread does not have
permissions to access, 2) accessing a k_object after
permissions to access it were revoked, and 3) trying to
revoke access to a k_object from a parent thread by a
child thread. Additionally, added a test for
k_thread_user_mode_enter().
revoke_noperms_object() tests by calling
k_object_access_revoke() on a semaphore (kernel object) that it
does not have access to (ksem).
access_after_revoke() tests ability to access a semaphore after
access has been revoked by itself.
revoke_other_thread() tests whether a thread can revoke access
for an object for which it has permissions from a thread for
which it does not have permissions.
user_mode_enter() tests whether k_thread_user_mode_enter()
truly enters user mode.
Tested on qemu_x86 and frdm_k64 with pr-4974 applied, passes
on qemu_x86 but requires small fix for ARM (will submit
separately).
Signed-off-by: Joshua Domagalski <jedomag@tycho.nsa.gov>
Fixes: 5958
Ninja by default will suppress command output and input. This is a
problem for the 'flash', 'debug', etc. targets, which may need to
interact with the user (and which display interactive output like
progress bars).
To fix this, add the USES_TERMINAL option to their target
definitions. This puts them in the console pool on Ninja, allowing the
commands to interact with the console.
References:
https://ninja-build.org/manual.html#_the_literal_console_literal_poolhttps://cmake.org/cmake/help/v3.8/command/add_custom_target.html
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
Added noprompt command to shell. It will disable printing
the prompt.
For the native port, when feeding commands from a file or
pipe the prompt reprinting after each command (without echoing)
just confuses the user.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Now the native console driver also handles stdin
so we can drive the shell from the command line,
a pipe or a file
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Added a new config variable with the recommended stack
size for threads which are only meant for the posix architecture
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
net_pkt_append() has been changed. If payload reached max value
of 'data_len' in net packet, net_pkt_append will not append.
So the caller has to create new packet and append remaining payload.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Unlinking of neighbor also needed after nbr_unref. Otherwise
neighbor id is still in use and can not be linked further.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When a node receives DIO message from peer then node adds peer as
a neighbor (nbr with linklayer address). But when a node receives
DAO message from different peer (chances are peer selected
different route to reach this node), remove peer with previous
link layer address and add as a neighbor with new link layer address
with new route information. Now node can properly route packets to
peer from neighbor table or based on nexthop information from
routing table.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When a node joins in DAG network, it chooses neighbor (node or border
router) as its parent. But if it receives DIO message from another
peer, it can only act as a neighbor, not as a parent. If peer rank
is better than current preferred parent rank then node will select
new peer as it's best parent.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
RPL prints lot of debug information which is difficult to track.
Minimized debugs in timer specific information and parsing of
DIO and DAO options. Also fixed alignment issues (no changes in
functionality)
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Do not even consider the push event if CONFIG_NET_MGMT_EVENT_INFO
enabled and info length is more than NET_EVENT_INFO_MAX_SIZE.
Print error message and ignore the event.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Driver is 'Busy' can be a warning message which can be enabled with
minimum debug level CONFIG_SYS_LOG_IEEE802154_DRIVER_LEVEL=2.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Current default value for NET_RPL_INIT_LINK_METRIC is 2, changing it
to 1.
e.g. NET_RPL_MIN_HOP_RANK_INC is 256 and NET_RPL_MC_ETX_DIVISOR is 256.
Rank calculation for nodes is
rank_increase = CONFIG_NET_RPL_INIT_LINK_METRIC *
NET_RPL_MC_ETX_DIVISOR;
Which gives 768 for first set of child nodes. It would be good if
CONFIG_NET_RPL_INIT_LINK_METRIC value is 1 and nodes ranks will be
245, 512, 768 based on the path they choose.
User can absolutely change their configuration to maintain proper ranks.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
When CONFIG_NET_RPL enabled, do not run DAD (duplicate address
detection) for global addresses. In RPL mesh network global addresses
for nodes are determined by prefix from Border Router. DAD is not
necessary in this case.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If CONFIG_NET_MGMT_EVENT_INFO is enabled then provide mgmt info
about the route, which is added or deleted.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If CONFIG_NET_MGMT_EVENT_INFO is enabled then provide mgmt info
about the neighbor, which is added or deleted.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Remove any routes with neighbor as a nexthop first and then remove
neighbor from neighbor table.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Provided separate event information structs based on events. This way
user will know what kind of information will be received to that
particular event.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
