diff options
| author | bors[bot] <26634292+bors[bot]@users.noreply.github.com> | 2023-04-11 06:17:00 +0000 |
|---|---|---|
| committer | GitHub <[email protected]> | 2023-04-11 06:17:00 +0000 |
| commit | 636a3d05c2ac129e2fa85cf6e7fb5afff2d8126b (patch) | |
| tree | 91c7bec35c40932932569c889654986a52d30ee7 /embassy-boot/boot/src/lib.rs | |
| parent | 1f25d2ba8335300368b32f9ceedf163376dfdb6f (diff) | |
| parent | d3ce64254aecb24feded2408119855daf7380e80 (diff) | |
Merge #1331
1331: Let bootloader partition be u32 r=rmja a=rmja
This is probably controversial but hear me out:)
The idea about changing from usize to u32 is to enable support for 16 bit mcu's with large flash, e.g. MSP430F5529. Its usize is only 16 bit, but its flash is larger than 64k. Hence, to address its entire flash, it needs the flash address space to be u32.
Missing from the PR is `update_len` in the verification methods. There is currently [a different PR](https://github.com/embassy-rs/embassy/pull/1323) that contains changes in those methods, and I will align depending on the merge order of the two.
The general distinction between u32 and usize is:
* If it is a size or address that only ever lives in flash, then it is u32.
* If the offset or size is ever representable in memory, then usize.
Co-authored-by: Rasmus Melchior Jacobsen <[email protected]>
Diffstat (limited to 'embassy-boot/boot/src/lib.rs')
| -rw-r--r-- | embassy-boot/boot/src/lib.rs | 62 |
1 files changed, 18 insertions, 44 deletions
diff --git a/embassy-boot/boot/src/lib.rs b/embassy-boot/boot/src/lib.rs index acd90996f..87457b173 100644 --- a/embassy-boot/boot/src/lib.rs +++ b/embassy-boot/boot/src/lib.rs | |||
| @@ -90,13 +90,11 @@ mod tests { | |||
| 90 | const DFU: Partition = Partition::new(61440, 122880); | 90 | const DFU: Partition = Partition::new(61440, 122880); |
| 91 | let mut flash = MemFlash::<131072, 4096, 4>::random(); | 91 | let mut flash = MemFlash::<131072, 4096, 4>::random(); |
| 92 | 92 | ||
| 93 | let original: [u8; ACTIVE.len()] = [rand::random::<u8>(); ACTIVE.len()]; | 93 | let original = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 94 | let update: [u8; DFU.len()] = [rand::random::<u8>(); DFU.len()]; | 94 | let update = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 95 | let mut aligned = [0; 4]; | 95 | let mut aligned = [0; 4]; |
| 96 | 96 | ||
| 97 | for i in ACTIVE.from..ACTIVE.to { | 97 | flash.program(ACTIVE.from, &original).unwrap(); |
| 98 | flash.mem[i] = original[i - ACTIVE.from]; | ||
| 99 | } | ||
| 100 | 98 | ||
| 101 | let mut bootloader: BootLoader = BootLoader::new(ACTIVE, DFU, STATE); | 99 | let mut bootloader: BootLoader = BootLoader::new(ACTIVE, DFU, STATE); |
| 102 | let mut updater = FirmwareUpdater::new(DFU, STATE); | 100 | let mut updater = FirmwareUpdater::new(DFU, STATE); |
| @@ -111,14 +109,9 @@ mod tests { | |||
| 111 | .unwrap() | 109 | .unwrap() |
| 112 | ); | 110 | ); |
| 113 | 111 | ||
| 114 | for i in ACTIVE.from..ACTIVE.to { | 112 | flash.assert_eq(ACTIVE.from, &update); |
| 115 | assert_eq!(flash.mem[i], update[i - ACTIVE.from], "Index {}", i); | ||
| 116 | } | ||
| 117 | |||
| 118 | // First DFU page is untouched | 113 | // First DFU page is untouched |
| 119 | for i in DFU.from + 4096..DFU.to { | 114 | flash.assert_eq(DFU.from + 4096, &original); |
| 120 | assert_eq!(flash.mem[i], original[i - DFU.from - 4096], "Index {}", i); | ||
| 121 | } | ||
| 122 | 115 | ||
| 123 | // Running again should cause a revert | 116 | // Running again should cause a revert |
| 124 | assert_eq!( | 117 | assert_eq!( |
| @@ -128,14 +121,9 @@ mod tests { | |||
| 128 | .unwrap() | 121 | .unwrap() |
| 129 | ); | 122 | ); |
| 130 | 123 | ||
| 131 | for i in ACTIVE.from..ACTIVE.to { | 124 | flash.assert_eq(ACTIVE.from, &original); |
| 132 | assert_eq!(flash.mem[i], original[i - ACTIVE.from], "Index {}", i); | ||
| 133 | } | ||
| 134 | |||
| 135 | // Last page is untouched | 125 | // Last page is untouched |
| 136 | for i in DFU.from..DFU.to - 4096 { | 126 | flash.assert_eq(DFU.from, &update); |
| 137 | assert_eq!(flash.mem[i], update[i - DFU.from], "Index {}", i); | ||
| 138 | } | ||
| 139 | 127 | ||
| 140 | // Mark as booted | 128 | // Mark as booted |
| 141 | block_on(updater.mark_booted(&mut flash, &mut aligned)).unwrap(); | 129 | block_on(updater.mark_booted(&mut flash, &mut aligned)).unwrap(); |
| @@ -159,12 +147,10 @@ mod tests { | |||
| 159 | let mut state = MemFlash::<4096, 128, 4>::random(); | 147 | let mut state = MemFlash::<4096, 128, 4>::random(); |
| 160 | let mut aligned = [0; 4]; | 148 | let mut aligned = [0; 4]; |
| 161 | 149 | ||
| 162 | let original: [u8; ACTIVE.len()] = [rand::random::<u8>(); ACTIVE.len()]; | 150 | let original = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 163 | let update: [u8; DFU.len()] = [rand::random::<u8>(); DFU.len()]; | 151 | let update = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 164 | 152 | ||
| 165 | for i in ACTIVE.from..ACTIVE.to { | 153 | active.program(ACTIVE.from, &original).unwrap(); |
| 166 | active.mem[i] = original[i - ACTIVE.from]; | ||
| 167 | } | ||
| 168 | 154 | ||
| 169 | let mut updater = FirmwareUpdater::new(DFU, STATE); | 155 | let mut updater = FirmwareUpdater::new(DFU, STATE); |
| 170 | 156 | ||
| @@ -181,14 +167,9 @@ mod tests { | |||
| 181 | .unwrap() | 167 | .unwrap() |
| 182 | ); | 168 | ); |
| 183 | 169 | ||
| 184 | for i in ACTIVE.from..ACTIVE.to { | 170 | active.assert_eq(ACTIVE.from, &update); |
| 185 | assert_eq!(active.mem[i], update[i - ACTIVE.from], "Index {}", i); | ||
| 186 | } | ||
| 187 | |||
| 188 | // First DFU page is untouched | 171 | // First DFU page is untouched |
| 189 | for i in DFU.from + 4096..DFU.to { | 172 | dfu.assert_eq(DFU.from + 4096, &original); |
| 190 | assert_eq!(dfu.mem[i], original[i - DFU.from - 4096], "Index {}", i); | ||
| 191 | } | ||
| 192 | } | 173 | } |
| 193 | 174 | ||
| 194 | #[test] | 175 | #[test] |
| @@ -203,12 +184,10 @@ mod tests { | |||
| 203 | let mut dfu = MemFlash::<16384, 4096, 8>::random(); | 184 | let mut dfu = MemFlash::<16384, 4096, 8>::random(); |
| 204 | let mut state = MemFlash::<4096, 128, 4>::random(); | 185 | let mut state = MemFlash::<4096, 128, 4>::random(); |
| 205 | 186 | ||
| 206 | let original: [u8; ACTIVE.len()] = [rand::random::<u8>(); ACTIVE.len()]; | 187 | let original = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 207 | let update: [u8; DFU.len()] = [rand::random::<u8>(); DFU.len()]; | 188 | let update = [rand::random::<u8>(); ACTIVE.size() as usize]; |
| 208 | 189 | ||
| 209 | for i in ACTIVE.from..ACTIVE.to { | 190 | active.program(ACTIVE.from, &original).unwrap(); |
| 210 | active.mem[i] = original[i - ACTIVE.from]; | ||
| 211 | } | ||
| 212 | 191 | ||
| 213 | let mut updater = FirmwareUpdater::new(DFU, STATE); | 192 | let mut updater = FirmwareUpdater::new(DFU, STATE); |
| 214 | 193 | ||
| @@ -227,14 +206,9 @@ mod tests { | |||
| 227 | .unwrap() | 206 | .unwrap() |
| 228 | ); | 207 | ); |
| 229 | 208 | ||
| 230 | for i in ACTIVE.from..ACTIVE.to { | 209 | active.assert_eq(ACTIVE.from, &update); |
| 231 | assert_eq!(active.mem[i], update[i - ACTIVE.from], "Index {}", i); | ||
| 232 | } | ||
| 233 | |||
| 234 | // First DFU page is untouched | 210 | // First DFU page is untouched |
| 235 | for i in DFU.from + 4096..DFU.to { | 211 | dfu.assert_eq(DFU.from + 4096, &original); |
| 236 | assert_eq!(dfu.mem[i], original[i - DFU.from - 4096], "Index {}", i); | ||
| 237 | } | ||
| 238 | } | 212 | } |
| 239 | 213 | ||
| 240 | #[test] | 214 | #[test] |
| @@ -281,7 +255,7 @@ mod tests { | |||
| 281 | &mut flash, | 255 | &mut flash, |
| 282 | &public_key.to_bytes(), | 256 | &public_key.to_bytes(), |
| 283 | &signature.to_bytes(), | 257 | &signature.to_bytes(), |
| 284 | firmware_len, | 258 | firmware_len as u32, |
| 285 | &mut aligned, | 259 | &mut aligned, |
| 286 | )) | 260 | )) |
| 287 | .is_ok()); | 261 | .is_ok()); |