mgmt: mcumgr: grp: os: Add active b0 slot bootloader info query #19714
Conversation
github-actions
bot
added
manifest
changelog-entry-required
|
The following west manifest projects have changed revision in this Pull Request:
✅ All manifest checks OK Note: This message is automatically posted and updated by the Manifest GitHub Action. |
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:sdk-nrf: PR head: 16ea1c38b318987a4821c42467b6a3a5788e1ca7 more detailssdk-nrf:
zephyr:
Github labels
List of changed files detected by CI (14)Outputs:ToolchainVersion: 342151af73 Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
nordicjm
force-pushed
the
activeb0mcuboot
branch
from
8f0fa94 to
d55e7c9
Compare
|
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publish GitHub Action. |
nordicjm
force-pushed
the
activeb0mcuboot
branch
from
d55e7c9 to
133ff8e
Compare
| return MGMT_CB_ERROR_RC; | ||
| } | ||
|
|
||
| /* If no parameter is recognized then just introduce the bootloader. */ |
There was a problem hiding this comment.
This comment seems copy-pasted.
nordicjm
force-pushed
the
activeb0mcuboot
branch
from
c1a739f to
94441a8
Compare
Memory footprint analysis revealed the following potential issuessample.matter.template.debug[nrf7002dk/nrf5340/cpuapp]: High ROM usage: 912194[B] - link (cc: @kkasperczyk-no @ArekBalysNordic @markaj-nordic) Note: This message is automatically posted and updated by the CI (latest/sdk-nrf/PR-19714/10) |
nordicjm
force-pushed
the
activeb0mcuboot
branch
from
94441a8 to
a4df296
Compare
| @@ -138,7 +138,7 @@ if(SB_CONFIG_BOOTLOADER_MCUBOOT) | |||
|
|
|||
| if(SB_CONFIG_SECURE_BOOT_BUILD_S1_VARIANT_IMAGE) | |||
| ncs_secure_boot_mcuboot_sign(s1_image "${bin_files}" "${signed_targets}" "") | |||
| set(extra_bin_data "signed_by_mcuboot_and_b0_s1_image.binload_address=$<TARGET_PROPERTY:partition_manager,PM_S1_ADDRESS>") | |||
| set(extra_bin_data "signed_by_mcuboot_and_b0_s1_image.binload_address=$<TARGET_PROPERTY:partition_manager,PM_S1_ADDRESS>;signed_by_mcuboot_and_b0_s1_image.binslot=1") | |||
There was a problem hiding this comment.
minor nit.
Very long line before, and even much longer now 😞
| uint32_t active_slot; | ||
| bool ok; | ||
|
|
||
| if (!s1_info || (s0_info && s0_info->version >= s1_info->version)) { |
There was a problem hiding this comment.
it's possible that there is no s1 image loaded in which case s1 would be a null pointer so the check is needed.
| active_slot = 0; | ||
| } else if (!s0_info || (s1_info && s1_info->version > s0_info->version)) { | ||
| active_slot = 1; | ||
| } |
There was a problem hiding this comment.
Assuming that at this point we can have both s0_info and s1_info and the above else and else if have not been triggered, with the !s0_info and !s1_info, we have no processing of situation where both s0_info && s1_info, in which case active_slot is left uninitialized.
There was a problem hiding this comment.
there must be an s0_info or s1_info for b0 to be able to boot the image so one of the conditions must run, if there is no s0_info and no s1_info and b0 has booted the image then something is very wrong
This can be used by the application to know if MCUboot and b0 are enabled, though the slot itself cannot be used from the application Signed-off-by: Jamie McCrae <[email protected]>
Includes an update to add a new MCUmgr OS group error code Signed-off-by: Jamie McCrae <[email protected]>
Allows querying the active b0 slot via MCUmgr so that the correct update image can be loaded to a device Signed-off-by: Jamie McCrae <[email protected]>
Adds slot numbers to the manifest used when building MCUboot updates for b0 Signed-off-by: Jamie McCrae <[email protected]>
nordicjm
force-pushed
the
activeb0mcuboot
branch
from
a4df296 to
16ea1c3
Compare
However, FW_INFO is flawed in that it does no image verification at all and just checks the struct, the whole image could have been marked as invalid by b0 and so the application can return the wrong result