Skip to content

Commit

Permalink
[OTA] Make watchdog timeout value configurable (#16955)
Browse files Browse the repository at this point in the history
  • Loading branch information
@carol-apple
carol-apple authored Apr 4, 2022
1 parent 2947ac0 commit 7ab6653
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 36 deletions.
1 change: 1 addition & 0 deletions .github/.wordlist.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1337,6 +1337,7 @@ VSCode
WaitNewInputEvent
WakeOnLan
WantedBy
watchdogTimeout
webpage
wget
whde
Expand Down
15 changes: 8 additions & 7 deletions examples/ota-requestor-app/linux/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,14 @@ scripts/examples/gn_build_example.sh examples/ota-requestor-app/linux out/debug
In addition to the general options available to all Linux applications, the
following command line options are available for the OTA Requestor application.

| Directory | Description |
| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| -p/--periodicQueryTimeout <Time in seconds> | Periodic timeout for querying providers in the default OTA provider list. If none or zero is supplied the timeout is set to every 24 hours. |
| -c/--requestorCanConsent | If supplied, the RequestorCanConsent field of the QueryImage command is set to true. Otherwise, the value is determined by the driver. |
| -f/--otaDownloadPath <file path> | If supplied, the OTA image is downloaded to the given fully-qualified file-path. Otherwise, the value defaults to /tmp/test.bin. |
| -u/--userConsentState <granted \| denied \| deferred> | The user consent state for the first QueryImage command. For all subsequent commands, the value of granted will be used. <li> granted: Authorize OTA requestor to download an OTA image <li> denied: Forbid OTA requestor to download an OTA image <li> deferred: Defer obtaining user consent |
| -a/--autoApplyImage | If supplied, apply the image immediately after download. Otherwise, the OTA update is complete after image download. |
| Command Line Option | Description |
| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| -a, --autoApplyImage | If supplied, apply the image immediately after download. Otherwise, the OTA update is complete after image download. |
| -c, --requestorCanConsent | If supplied, the RequestorCanConsent field of the QueryImage command is set to true. Otherwise, the value is determined by the driver. |
| -f, --otaDownloadPath \<file path\> | If supplied, the OTA image is downloaded to the given fully-qualified file-path. Otherwise, the default location for the downloaded image is at /tmp/test.bin |
| -p, --periodicQueryTimeout \<time in seconds\> | The periodic time interval to wait before attempting to query a provider from the default OTA provider list. If none or zero is supplied, the value is determined by the driver. |
| -u, --userConsentState \<granted \| denied \| deferred\> | The user consent state for the first QueryImage command. For all subsequent commands, the value of granted will be used. <li> granted: Authorize OTA requestor to download an OTA image <li> denied: Forbid OTA requestor to download an OTA image <li> deferred: Defer obtaining user consent |
| -w, --watchdogTimeout \<time in seconds\> | Maximum amount of time allowed for an OTA download before the process is cancelled and state reset to idle. If none or zero is supplied, the value is determined by the driver. |

## Software Image Version

Expand Down
68 changes: 41 additions & 27 deletions examples/ota-requestor-app/linux/main.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,47 +64,55 @@ static chip::ota::UserConsentState gUserConsentState = chip::ota::UserConsentSta

bool HandleOptions(const char * aProgram, OptionSet * aOptions, int aIdentifier, const char * aName, const char * aValue);

constexpr uint16_t kOptionUserConsentState = 'u';
constexpr uint16_t kOptionPeriodicQueryTimeout = 'p';
constexpr uint16_t kOptionAutoApplyImage = 'a';
constexpr uint16_t kOptionRequestorCanConsent = 'c';
constexpr uint16_t kOptionOtaDownloadPath = 'f';
constexpr uint16_t kOptionAutoApplyImage = 'a';
constexpr uint16_t kOptionPeriodicQueryTimeout = 'p';
constexpr uint16_t kOptionUserConsentState = 'u';
constexpr uint16_t kOptionWatchdogTimeout = 'w';
constexpr size_t kMaxFilePathSize = 256;

uint32_t gPeriodicQueryTimeoutSec = (24 * 60 * 60);
uint32_t gPeriodicQueryTimeoutSec = 0;
uint32_t gWatchdogTimeoutSec = 0;
chip::Optional<bool> gRequestorCanConsent;
static char gOtaDownloadPath[kMaxFilePathSize] = "/tmp/test.bin";
bool gAutoApplyImage = false;

OptionDef cmdLineOptionsDef[] = {
{ "periodicQueryTimeout", chip::ArgParser::kArgumentRequired, kOptionPeriodicQueryTimeout },
{ "autoApplyImage", chip::ArgParser::kNoArgument, kOptionAutoApplyImage },
{ "requestorCanConsent", chip::ArgParser::kNoArgument, kOptionRequestorCanConsent },
{ "otaDownloadPath", chip::ArgParser::kArgumentRequired, kOptionOtaDownloadPath },
{ "periodicQueryTimeout", chip::ArgParser::kArgumentRequired, kOptionPeriodicQueryTimeout },
{ "userConsentState", chip::ArgParser::kArgumentRequired, kOptionUserConsentState },
{ "autoApplyImage", chip::ArgParser::kNoArgument, kOptionAutoApplyImage },
{ "watchdogTimeout", chip::ArgParser::kArgumentRequired, kOptionWatchdogTimeout },
{},
};

OptionSet cmdLineOptions = { HandleOptions, cmdLineOptionsDef, "PROGRAM OPTIONS",
" -p/--periodicQueryTimeout <Time in seconds>\n"
" Periodic timeout for querying providers in the default OTA provider list\n"
" If none or zero is supplied the timeout is set to every 24 hours. \n"
" -c/--requestorCanConsent\n"
" If supplied, the RequestorCanConsent field of the QueryImage command is set to "
"true.\n"
" Otherwise, the value is determined by the driver.\n "
" -f/--otaDownloadPath <file path>\n"
" If supplied, the OTA image is downloaded to the given fully-qualified file-path.\n"
" Otherwise, the value defaults to /tmp/test.bin.\n "
" -u/--userConsentState <granted | denied | deferred>\n"
" The user consent state for the first QueryImage command. For all\n"
" subsequent commands, the value of granted will be used.\n"
" granted: Authorize OTA requestor to download an OTA image\n"
" denied: Forbid OTA requestor to download an OTA image\n"
" deferred: Defer obtaining user consent \n"
" -a/--autoApplyImage\n"
" If supplied, apply the image immediately after download.\n"
" Otherwise, the OTA update is complete after image download.\n" };
OptionSet cmdLineOptions = {
HandleOptions, cmdLineOptionsDef, "PROGRAM OPTIONS",
" -a, --autoApplyImage\n"
" If supplied, apply the image immediately after download.\n"
" Otherwise, the OTA update is complete after image download.\n"
" -c, --requestorCanConsent\n"
" If supplied, the RequestorCanConsent field of the QueryImage command is set to "
"true.\n"
" Otherwise, the value is determined by the driver.\n"
" -f, --otaDownloadPath <file path>\n"
" If supplied, the OTA image is downloaded to the given fully-qualified file-path.\n"
" Otherwise, the default location for the downloaded image is at /tmp/test.bin\n"
" -p, --periodicQueryTimeout <time in seconds>\n"
" The periodic time interval to wait before attempting to query a provider from the default OTA provider list.\n"
" If none or zero is supplied, the timeout is determined by the driver.\n"
" -u, --userConsentState <granted | denied | deferred>\n"
" The user consent state for the first QueryImage command. For all\n"
" subsequent commands, the value of granted will be used.\n"
" granted: Authorize OTA requestor to download an OTA image\n"
" denied: Forbid OTA requestor to download an OTA image\n"
" deferred: Defer obtaining user consent \n"
" -w, --watchdogTimeout <time in seconds>\n"
" Maximum amount of time allowed for an OTA download before the process is cancelled and state reset to idle.\n"
" If none or zero is supplied, the timeout is determined by the driver.\n"
};

OptionSet * allOptions[] = { &cmdLineOptions, nullptr };

Expand Down Expand Up @@ -132,9 +140,12 @@ static void InitOTARequestor(void)
// Set the global instance of the OTA requestor core component
SetRequestorInstance(&gRequestorCore);

// Periodic query timeout must be set prior to requestor being initialized
// Periodic query timeout must be set prior to the driver being initialized
gRequestorUser.SetPeriodicQueryTimeout(gPeriodicQueryTimeoutSec);

// Watchdog timeout can be set any time before a query image is sent
gRequestorUser.SetWatchdogTimeout(gWatchdogTimeoutSec);

gRequestorStorage.Init(chip::Server::GetInstance().GetPersistentStorage());
gRequestorCore.Init(chip::Server::GetInstance(), gRequestorStorage, gRequestorUser, gDownloader);
gRequestorUser.Init(&gRequestorCore, &gImageProcessor);
Expand Down Expand Up @@ -194,6 +205,9 @@ bool HandleOptions(const char * aProgram, OptionSet * aOptions, int aIdentifier,
case kOptionAutoApplyImage:
gAutoApplyImage = true;
break;
case kOptionWatchdogTimeout:
gWatchdogTimeoutSec = static_cast<uint32_t>(strtoul(aValue, NULL, 0));
break;
default:
PrintArgError("%s: INTERNAL ERROR: Unhandled option: %s\n", aProgram, aName);
retval = false;
Expand Down
15 changes: 13 additions & 2 deletions src/app/clusters/ota-requestor/GenericOTARequestorDriver.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,15 @@ class GenericOTARequestorDriver : public OTARequestorDriver
}
}

// Set the timeout (in seconds) for the watchdog timer; must be non-zero
void SetWatchdogTimeout(uint32_t timeout)
{
if (timeout != 0)
{
mWatchdogTimeInterval = timeout;
}
}

//// Virtual methods from OTARequestorDriver
bool CanConsent() override;
uint16_t GetMaxDownloadBlockSize() override;
Expand Down Expand Up @@ -86,8 +95,10 @@ class GenericOTARequestorDriver : public OTARequestorDriver
OTARequestorInterface * mRequestor = nullptr;
OTAImageProcessorInterface * mImageProcessor = nullptr;
uint32_t mOtaStartDelaySec = 0;
uint32_t mPeriodicQueryTimeInterval = (24 * 60 * 60); // Timeout for querying providers on the default OTA provider list
uint32_t mWatchdogTimeInterval = (6 * 60 * 60); // Timeout (in seconds) for checking if Requestor has reverted back to idle mode
// Timeout (in seconds) for querying providers from the default OTA provider list
uint32_t mPeriodicQueryTimeInterval = (24 * 60 * 60);
// Timeout (in seconds) for checking if current OTA download is stuck and requires a reset
uint32_t mWatchdogTimeInterval = (6 * 60 * 60);
// Maximum number of times to retry a BUSY OTA provider before moving to the next available one
static constexpr uint8_t kMaxBusyProviderRetryCount = 3;
uint8_t mProviderRetryCount; // Track retry count for the current provider
Expand Down

0 comments on commit 7ab6653

Please sign in to comment.