2
0

fwupdate.c 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358
  1. #define MODULE "fwupdate"
  2. #define DEBUG 1
  3. #include "common.h"
  4. #include "jtag.h"
  5. #include "spiflash.h"
  6. #include "fpga.h"
  7. #include "ota.h"
  8. #include "spz.h"
  9. #include "httpd.h"
  10. #include "fw.h"
  11. #include <unzipLIB.h>
  12. #include <zlib.h>
  13. /* Needed for struct inflate_state, due to unziplib hacks */
  14. #include <zutil.h>
  15. #include <inftrees.h>
  16. #include <inflate.h>
  17. #ifndef local
  18. # define local static
  19. #endif
  20. #define BUFFER_SIZE SPIFLASH_SECTOR_SIZE
  21. /* Normally provided by zlib, but UnzipLIB breaks it */
  22. static void *z_calloc(void *opaque, unsigned int items, unsigned int size)
  23. {
  24. (void)opaque;
  25. return calloc(items, size);
  26. }
  27. static void z_free(void *opaque, void *ptr)
  28. {
  29. (void)opaque;
  30. free(ptr);
  31. }
  32. int spz_read_data(spz_stream *spz, void *buf, size_t len)
  33. {
  34. uint8_t *p = buf;
  35. while (len) {
  36. unsigned int avail = spz->zs.next_out - spz->optr;
  37. if (spz->err)
  38. break;
  39. if (avail) {
  40. if (avail > len)
  41. avail = len;
  42. memcpy(p, spz->optr, avail);
  43. p += avail;
  44. spz->optr += avail;
  45. len -= avail;
  46. } else {
  47. spz->optr = spz->zs.next_out = spz->obuf;
  48. spz->zs.avail_out = BUFFER_SIZE;
  49. while (spz->zs.avail_out) {
  50. if (!spz->zs.avail_in && !spz->eoi) {
  51. int rlen;
  52. spz->zs.next_in = spz->ibuf;
  53. rlen = spz->read_data(spz->token, spz->ibuf, BUFFER_SIZE);
  54. if (rlen < 0) {
  55. if (!spz->err)
  56. spz->err = rlen;
  57. rlen = 0;
  58. }
  59. spz->eoi = !rlen;
  60. spz->zs.avail_in = rlen;
  61. }
  62. int rv = inflate(&spz->zs, Z_SYNC_FLUSH);
  63. if (rv == Z_OK || (rv == Z_BUF_ERROR && !spz->eoi))
  64. continue;
  65. spz->eoi = true;
  66. if (rv != Z_STREAM_END && !spz->err)
  67. spz->err = rv;
  68. break;
  69. }
  70. }
  71. }
  72. return p - (uint8_t *)buf;
  73. }
  74. /*
  75. * spz needs to be initialized to zero except the read_data and cookie
  76. * fields.
  77. */
  78. static int fwupdate_data_init(spz_stream *spz)
  79. {
  80. spz->zs.zalloc = z_calloc;
  81. spz->zs.zfree = z_free;
  82. spz->zs.opaque = spz; /* Might be useful at some point */
  83. /* This is necessary due to unziplib damage */
  84. spz->zs.state = calloc(1, sizeof(struct inflate_state));
  85. for (int i = 0; i < SPZ_NBUF; i++) {
  86. spz->bufs[i] = malloc(BUFFER_SIZE);
  87. if (!spz->bufs[i])
  88. goto err;
  89. }
  90. /* gzip, max window size */
  91. int rv = inflateInit2(&spz->zs, 16 + 15);
  92. if (rv != Z_OK && rv != Z_STREAM_END) {
  93. spz->err = rv;
  94. goto err;
  95. }
  96. spz->cleanup = true;
  97. err:
  98. return spz->err;
  99. }
  100. static int fwupdate_data_cleanup(spz_stream *spz)
  101. {
  102. int err = 0;
  103. if (!spz)
  104. return 0;
  105. err = spz->err;
  106. if (spz->cleanup)
  107. inflateEnd(&spz->zs);
  108. /* Don't reload the FPGA on error; it wedges the JTAG bus */
  109. if (spz->fpga_updated && !err)
  110. fpga_reset();
  111. for (int i = 0; i < SPZ_NBUF; i++) {
  112. if (spz->bufs[i])
  113. free(spz->bufs[i]);
  114. }
  115. return err;
  116. }
  117. /*
  118. * Blash a full chunk of data as a JTAG SHIFT_DR transaction
  119. */
  120. int jtag_shift_spz(spz_stream *spz, enum jtag_io_flags flags)
  121. {
  122. unsigned int data_left = spz->header.len;
  123. int err = 0;
  124. if (!data_left)
  125. return 0;
  126. while (data_left) {
  127. unsigned int bytes = data_left;
  128. int rv;
  129. if (bytes > BUFFER_SIZE)
  130. bytes = BUFFER_SIZE;
  131. rv = spz_read_data(spz, spz->dbuf, bytes);
  132. if (rv < 1) {
  133. err = Z_DATA_ERROR;
  134. break;
  135. }
  136. data_left -= rv;
  137. jtag_io(rv << 3, data_left ? 0 : flags, spz->dbuf, NULL);
  138. }
  139. return err;
  140. }
  141. static void *fwupdate_read_chunk_str(spz_stream *spz)
  142. {
  143. int rv;
  144. if (spz->header.len >= BUFFER_SIZE) {
  145. spz->err = Z_DATA_ERROR;
  146. return NULL;
  147. }
  148. rv = spz_read_data(spz, spz->dbuf, spz->header.len);
  149. if (spz->err) {
  150. return NULL;
  151. }
  152. if (rv != (int)spz->header.len) {
  153. spz->err = Z_DATA_ERROR;
  154. return NULL;
  155. }
  156. spz->dbuf[spz->header.len] = '\0';
  157. return spz->dbuf;
  158. }
  159. /* Skip a data chunk */
  160. static int fwupdate_skip_chunk(spz_stream *spz)
  161. {
  162. unsigned int skip = spz->header.len;
  163. while (skip) {
  164. unsigned int block = skip;
  165. if (block > BUFFER_SIZE)
  166. block = BUFFER_SIZE;
  167. int rv = spz_read_data(spz, spz->dbuf, block);
  168. if (spz->err)
  169. return spz->err;
  170. if (rv != (int)block) {
  171. return spz->err = Z_DATA_ERROR;
  172. }
  173. skip -= block;
  174. }
  175. return 0;
  176. }
  177. /* Process a data chunk; return a nonzero value if done */
  178. static int fwupdate_process_chunk(spz_stream *spz)
  179. {
  180. int rv;
  181. char *str;
  182. rv = spz_read_data(spz, &spz->header, sizeof spz->header);
  183. if (spz->err)
  184. return spz->err;
  185. else if (!rv)
  186. return Z_STREAM_END;
  187. else if (rv != sizeof spz->header)
  188. return spz->err = Z_STREAM_ERROR;
  189. if (spz->header.magic != FW_MAGIC) {
  190. MSG("bad chunk header magic 0x%08x\n", spz->header.magic);
  191. return spz->err = Z_DATA_ERROR;
  192. }
  193. switch (spz->header.type) {
  194. case FDT_END:
  195. return Z_STREAM_END; /* End of data - not an error */
  196. case FDT_DATA:
  197. MSG("updating FPGA flash\n");
  198. return spiflash_write_spz(spz);
  199. case FDT_TARGET:
  200. str = fwupdate_read_chunk_str(spz);
  201. #if 0
  202. if (!str || strcmp(str, spz->flash->target)) {
  203. MSG("this firmware file targets \"%s\", need \"%s\"\n",
  204. str, spz->flash->target);
  205. return spz->err = Z_DATA_ERROR;
  206. }
  207. #else
  208. MSG("firmware target: \"%s\"\n", str);
  209. #endif
  210. return Z_OK;
  211. case FDT_NOTE:
  212. str = fwupdate_read_chunk_str(spz);
  213. MSG("%s\n", str);
  214. return Z_OK;
  215. case FDT_ESP_OTA:
  216. MSG("updating ESP32... ");
  217. spz->esp_updated = true;
  218. rv = esp_update((read_func_t)spz_read_data, (token_t)spz,
  219. spz->header.len);
  220. CMSG("done.\n");
  221. return rv;
  222. case FDT_FPGA_INIT:
  223. MSG("initializing FPGA for flash programming... ");
  224. spz->fpga_updated = true;
  225. rv = fpga_program_spz(spz);
  226. CMSG("done\n");
  227. return rv;
  228. default:
  229. if (spz->header.flags & FDF_OPTIONAL) {
  230. return fwupdate_skip_chunk(spz);
  231. } else {
  232. MSG("unknown chunk type: %u\n", spz->header.type);
  233. return spz->err = Z_DATA_ERROR;
  234. }
  235. }
  236. }
  237. const char *firmware_errstr(int err)
  238. {
  239. static char unknown_err[32];
  240. static const char * const errstr[] = {
  241. [-Z_STREAM_ERROR] = "Decompression error",
  242. [-Z_DATA_ERROR] = "Invalid data stream",
  243. [-Z_MEM_ERROR] = "Out of memory",
  244. [-Z_BUF_ERROR] = "Decompression error",
  245. [-FWUPDATE_ERR_IN_PROGRESS] =
  246. "Firmware update already in progress",
  247. [-FWUPDATE_ERR_BAD_CHUNK] = "Invalid firmware chunk header",
  248. [-FWUPDATE_ERR_ERASE_FAILED] = "FPGA flash erase failed",
  249. [-FWUPDATE_ERR_PROGRAM_FAILED] = "FGPA flash program failed",
  250. [-FWUPDATE_ERR_WRITE_PROTECT] = "FPGA flash write protected",
  251. [-FWUPDATE_ERR_NOT_READY] = "FPGA flash stuck at not ready",
  252. [-FWUPDATE_ERR_FPGA_JTAG] =
  253. "FPGA JTAG bus stuck, check for JTAG adapter or power cycle board",
  254. [-FWUPDATE_ERR_FPGA_MISMATCH] =
  255. "Bad FPGA IDCODE, check for JTAG adapter or power cycle board",
  256. [-FWUPDATE_ERR_FPGA_FAILED] = "FPGA reboot failed",
  257. [-FWUPDATE_ERR_UNKNOWN] = "Unidentified error",
  258. [-FWUPDATE_ERR_ESP_NO_PARTITION] = "No available ESP partition",
  259. [-FWUPDATE_ERR_ESP_BAD_OTA] = "ESP OTA information corrupt",
  260. [-FWUPDATE_ERR_ESP_FLASH_FAILED] = "ESP flash program failed",
  261. [-FWUPDATE_ERR_ESP_BAD_DATA] = "ESP firmware image corrupt",
  262. [-FWUPDATE_ERR_CONFIG_READ] = "Configuration upload failure",
  263. [-FWUPDATE_ERR_CONFIG_SAVE] = "Error saving configuration"
  264. };
  265. switch (err) {
  266. case Z_OK:
  267. return errstr[-FWUPDATE_ERR_UNKNOWN];
  268. case Z_ERRNO:
  269. return strerror(errno);
  270. case -ARRAY_SIZE(errstr)+1 ... Z_STREAM_ERROR:
  271. if (errstr[-err])
  272. return errstr[-err];
  273. /* fall through */
  274. default:
  275. snprintf(unknown_err, sizeof unknown_err, "error %d", -err);
  276. return unknown_err;
  277. }
  278. }
  279. int firmware_update(read_func_t read_data, token_t token)
  280. {
  281. struct spz_stream *spz = calloc(1, sizeof *spz);
  282. int err = 0;
  283. if (!spz) {
  284. return Z_MEM_ERROR;
  285. }
  286. fpga_service_enable(false);
  287. spz->read_data = read_data;
  288. spz->token = token;
  289. err = fwupdate_data_init(spz);
  290. if (err)
  291. goto fail;
  292. while (!(err = fwupdate_process_chunk(spz))) {
  293. /* Process data chunks until end */
  294. }
  295. if (!spz->err && err != Z_STREAM_END)
  296. spz->err = err;
  297. err = fwupdate_data_cleanup(spz);
  298. if (err)
  299. MSG("failed (err %d)\n", err);
  300. fail:
  301. free(spz);
  302. return err;
  303. }