From 96c6c7a88b60361d916888d931bbc1d3dc98bc66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arkadiusz=20Ba=C5=82ys?= Date: Tue, 29 Aug 2023 14:24:04 +0200 Subject: [PATCH] [nrfconnect] [OTA] Confirm the new image in the app init. (#28924) The nRF5340 target requires 4kB of FPROTECT block size (SPU limitation) and after making a restriction for the factory data partition the new image cannot be confirmed after the OTA update finishes. Due to that, we need to confirm the current OTA image before factory data initialization. To do it we should allow confirming the image in the other place rather than during posting the OTAStateChange event and then we should inform the image processor of the confirmation status. --- .../nrfconnect/main/AppTask.cpp | 9 +++++++++ .../nrfconnect/main/AppTask.cpp | 9 +++++++++ .../nrfconnect/main/AppTask.cpp | 9 +++++++++ .../lighting-app/nrfconnect/main/AppTask.cpp | 9 +++++++++ examples/lock-app/nrfconnect/main/AppTask.cpp | 9 +++++++++ examples/platform/nrfconnect/util/OTAUtil.cpp | 19 +++++++++++++++++++ .../nrfconnect/util/include/OTAUtil.h | 10 ++++++++++ examples/pump-app/nrfconnect/main/AppTask.cpp | 9 +++++++++ .../nrfconnect/main/AppTask.cpp | 9 +++++++++ .../window-app/nrfconnect/main/AppTask.cpp | 9 +++++++++ .../nrfconnect/OTAImageProcessorImpl.cpp | 2 +- .../nrfconnect/OTAImageProcessorImpl.h | 4 ++++ 12 files changed, 106 insertions(+), 1 deletion(-) diff --git a/examples/all-clusters-app/nrfconnect/main/AppTask.cpp b/examples/all-clusters-app/nrfconnect/main/AppTask.cpp index 4b837e04a01551..7f9b4f87b74eea 100644 --- a/examples/all-clusters-app/nrfconnect/main/AppTask.cpp +++ b/examples/all-clusters-app/nrfconnect/main/AppTask.cpp @@ -178,6 +178,15 @@ CHIP_ERROR AppTask::Init() k_timer_init(&sFunctionTimer, &AppTask::FunctionTimerTimeoutCallback, nullptr); k_timer_user_data_set(&sFunctionTimer, this); +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/all-clusters-minimal-app/nrfconnect/main/AppTask.cpp b/examples/all-clusters-minimal-app/nrfconnect/main/AppTask.cpp index 3307789c9e5989..783096c52d32b5 100644 --- a/examples/all-clusters-minimal-app/nrfconnect/main/AppTask.cpp +++ b/examples/all-clusters-minimal-app/nrfconnect/main/AppTask.cpp @@ -137,6 +137,15 @@ CHIP_ERROR AppTask::Init() k_timer_init(&sFunctionTimer, &AppTask::FunctionTimerTimeoutCallback, nullptr); k_timer_user_data_set(&sFunctionTimer, this); +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/light-switch-app/nrfconnect/main/AppTask.cpp b/examples/light-switch-app/nrfconnect/main/AppTask.cpp index 405664af872c24..6bc4138a9d635a 100644 --- a/examples/light-switch-app/nrfconnect/main/AppTask.cpp +++ b/examples/light-switch-app/nrfconnect/main/AppTask.cpp @@ -179,6 +179,15 @@ CHIP_ERROR AppTask::Init() return System::MapErrorZephyr(ret); } +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize Timers k_timer_init(&sFunctionTimer, AppTask::FunctionTimerTimeoutCallback, nullptr); k_timer_init(&sDimmerPressKeyTimer, AppTask::FunctionTimerTimeoutCallback, nullptr); diff --git a/examples/lighting-app/nrfconnect/main/AppTask.cpp b/examples/lighting-app/nrfconnect/main/AppTask.cpp index e16230e000ca0f..a2ad1d6e5996e5 100644 --- a/examples/lighting-app/nrfconnect/main/AppTask.cpp +++ b/examples/lighting-app/nrfconnect/main/AppTask.cpp @@ -217,6 +217,15 @@ CHIP_ERROR AppTask::Init() } mPWMDevice.SetCallbacks(ActionInitiated, ActionCompleted); +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/lock-app/nrfconnect/main/AppTask.cpp b/examples/lock-app/nrfconnect/main/AppTask.cpp index aa65236ba747d2..ab5df56d36d9d4 100644 --- a/examples/lock-app/nrfconnect/main/AppTask.cpp +++ b/examples/lock-app/nrfconnect/main/AppTask.cpp @@ -187,6 +187,15 @@ CHIP_ERROR AppTask::Init() BoltLockMgr().Init(LockStateChanged); +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/platform/nrfconnect/util/OTAUtil.cpp b/examples/platform/nrfconnect/util/OTAUtil.cpp index 733a8ebd741d1f..f1c1c916aa0aa7 100644 --- a/examples/platform/nrfconnect/util/OTAUtil.cpp +++ b/examples/platform/nrfconnect/util/OTAUtil.cpp @@ -23,7 +23,9 @@ #include #include #include +#include #include +#include #endif using namespace chip; @@ -63,6 +65,23 @@ void InitBasicOTARequestor() sOTARequestorDriver.Init(&sOTARequestor, &imageProcessor); imageProcessor.TriggerFlashAction(ExternalFlashManager::Action::SLEEP); } + +CHIP_ERROR OtaConfirmNewImage() +{ + CHIP_ERROR err = CHIP_NO_ERROR; + OTAImageProcessorImpl & imageProcessor = GetOTAImageProcessor(); + if (imageProcessor.IsFirstImageRun()) + { + CHIP_ERROR err = System::MapErrorZephyr(boot_write_img_confirmed()); + if (CHIP_NO_ERROR == err) + { + imageProcessor.SetImageConfirmed(); + } + } + ChipLogError(SoftwareUpdate, "Failed to confirm firmware image, it will be reverted on the next boot"); + return err; +} + #endif ExternalFlashManager & GetFlashHandler() diff --git a/examples/platform/nrfconnect/util/include/OTAUtil.h b/examples/platform/nrfconnect/util/include/OTAUtil.h index 55b51129aa81a0..2e120f6b7db096 100644 --- a/examples/platform/nrfconnect/util/include/OTAUtil.h +++ b/examples/platform/nrfconnect/util/include/OTAUtil.h @@ -46,6 +46,16 @@ chip::DeviceLayer::OTAImageProcessorImpl & GetOTAImageProcessor(); */ void InitBasicOTARequestor(); +/** + * Check if the current image is the first boot the after OTA update and if so + * confirm it in MCUBoot. + * + * @return CHIP_NO_ERROR if the image has been confirmed, or it is not the first + * boot after the OTA update. + * Other CHIP_ERROR codes if the image could not be confirmed. + */ +CHIP_ERROR OtaConfirmNewImage(); + #endif // CONFIG_CHIP_OTA_REQUESTOR /** diff --git a/examples/pump-app/nrfconnect/main/AppTask.cpp b/examples/pump-app/nrfconnect/main/AppTask.cpp index 9c75c54e1fcc87..d21908bfa165b4 100644 --- a/examples/pump-app/nrfconnect/main/AppTask.cpp +++ b/examples/pump-app/nrfconnect/main/AppTask.cpp @@ -160,6 +160,15 @@ CHIP_ERROR AppTask::Init() GetDFUOverSMP().ConfirmNewImage(); #endif +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/pump-controller-app/nrfconnect/main/AppTask.cpp b/examples/pump-controller-app/nrfconnect/main/AppTask.cpp index 9580af61ae451d..f1b0fb19a3a19b 100644 --- a/examples/pump-controller-app/nrfconnect/main/AppTask.cpp +++ b/examples/pump-controller-app/nrfconnect/main/AppTask.cpp @@ -158,6 +158,15 @@ CHIP_ERROR AppTask::Init() GetDFUOverSMP().ConfirmNewImage(); #endif +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/examples/window-app/nrfconnect/main/AppTask.cpp b/examples/window-app/nrfconnect/main/AppTask.cpp index 38e20fd503d4ea..5b80507a375c71 100644 --- a/examples/window-app/nrfconnect/main/AppTask.cpp +++ b/examples/window-app/nrfconnect/main/AppTask.cpp @@ -165,6 +165,15 @@ CHIP_ERROR AppTask::Init() GetDFUOverSMP().ConfirmNewImage(); #endif +#ifdef CONFIG_CHIP_OTA_REQUESTOR + /* OTA image confirmation must be done before the factory data init. */ + err = OtaConfirmNewImage(); + if (err != CHIP_NO_ERROR) + { + return err; + } +#endif + // Initialize CHIP server #if CONFIG_CHIP_FACTORY_DATA ReturnErrorOnFailure(mFactoryDataProvider.Init()); diff --git a/src/platform/nrfconnect/OTAImageProcessorImpl.cpp b/src/platform/nrfconnect/OTAImageProcessorImpl.cpp index 9d024991f122a0..2e0806d75aa052 100644 --- a/src/platform/nrfconnect/OTAImageProcessorImpl.cpp +++ b/src/platform/nrfconnect/OTAImageProcessorImpl.cpp @@ -207,7 +207,7 @@ bool OTAImageProcessorImpl::IsFirstImageRun() CHIP_ERROR OTAImageProcessorImpl::ConfirmCurrentImage() { PostOTAStateChangeEvent(DeviceLayer::kOtaApplyComplete); - return System::MapErrorZephyr(boot_write_img_confirmed()); + return mImageConfirmed ? CHIP_NO_ERROR : CHIP_ERROR_INCORRECT_STATE; } CHIP_ERROR OTAImageProcessorImpl::ProcessHeader(ByteSpan & aBlock) diff --git a/src/platform/nrfconnect/OTAImageProcessorImpl.h b/src/platform/nrfconnect/OTAImageProcessorImpl.h index 6012e20c29ac81..7a87bc4bef5f55 100644 --- a/src/platform/nrfconnect/OTAImageProcessorImpl.h +++ b/src/platform/nrfconnect/OTAImageProcessorImpl.h @@ -44,6 +44,7 @@ class OTAImageProcessorImpl : public OTAImageProcessorInterface CHIP_ERROR ProcessBlock(ByteSpan & aBlock) override; bool IsFirstImageRun() override; CHIP_ERROR ConfirmCurrentImage() override; + void SetImageConfirmed() { mImageConfirmed = true; } protected: CHIP_ERROR PrepareDownloadImpl(); @@ -53,6 +54,9 @@ class OTAImageProcessorImpl : public OTAImageProcessorInterface OTAImageHeaderParser mHeaderParser; uint8_t mBuffer[kBufferSize]; ExternalFlashManager * mFlashHandler; + +private: + bool mImageConfirmed = false; }; } // namespace DeviceLayer