2
0

fwupdate.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581
  1. #define MODULE "fwupdate"
  2. #define DEBUG 1
  3. #include "common.h"
  4. #include "jtag.h"
  5. #include "spiflash.h"
  6. #include "fpga.h"
  7. #include "ota.h"
  8. #include "spz.h"
  9. #include "httpd.h"
  10. #include "fw.h"
  11. #include "boardinfo_esp.h"
  12. #include "matchver.h"
  13. #include <unzipLIB.h>
  14. #include <zlib.h>
  15. /* Needed for struct inflate_state, due to unziplib hacks */
  16. #include <zutil.h>
  17. #include <inftrees.h>
  18. #include <inflate.h>
  19. #ifndef local
  20. # define local static
  21. #endif
  22. #define BUFFER_SIZE SPIFLASH_SECTOR_SIZE
  23. #define FWUPDATE_STACK 8192
  24. #define FWUPDATE_PRIORITY 3
  25. static void heap_info(void)
  26. {
  27. #if DEBUG > 1
  28. MSG("Heap: sram ");
  29. MSG("%u/", heap_caps_get_largest_free_block(MALLOC_CAP_INTERNAL));
  30. MSG("%u, spiram ", heap_caps_get_free_size(MALLOC_CAP_INTERNAL));
  31. MSG("%u/", heap_caps_get_largest_free_block(MALLOC_CAP_SPIRAM));
  32. MSG("%u\n", heap_caps_get_free_size(MALLOC_CAP_SPIRAM));
  33. #endif
  34. }
  35. static void *spz_calloc(void *opaque, unsigned int items, unsigned int size)
  36. {
  37. spz_stream *spz = opaque;
  38. heap_info();
  39. MSG("spz_calloc(%u,%u) = %u = ", items, size, items*size);
  40. void *p = calloc(items, size);
  41. CMSG("%p\n", p);
  42. heap_info();
  43. if (!p)
  44. spz->err = Z_MEM_ERROR;
  45. return p;
  46. }
  47. static void *spz_malloc(void *opaque, unsigned int size)
  48. {
  49. spz_stream *spz = opaque;
  50. heap_info();
  51. MSG("spz_malloc(%u) = ", size);
  52. void *p = malloc(size);
  53. CMSG("%p\n", p);
  54. heap_info();
  55. if (!p)
  56. spz->err = Z_MEM_ERROR;
  57. return p;
  58. }
  59. static void spz_free(void *opaque, void *ptr)
  60. {
  61. heap_info();
  62. MSG("spz_free(%p)\n", ptr);
  63. (void)opaque;
  64. free(ptr);
  65. heap_info();
  66. }
  67. int spz_read_data(spz_stream *spz, void *buf, size_t len)
  68. {
  69. uint8_t *p = buf;
  70. while (len) {
  71. unsigned int avail = spz->zs.next_out - spz->optr;
  72. if (spz->err)
  73. break;
  74. if (avail) {
  75. if (avail > len)
  76. avail = len;
  77. memcpy(p, spz->optr, avail);
  78. p += avail;
  79. spz->optr += avail;
  80. len -= avail;
  81. } else {
  82. spz->optr = spz->zs.next_out = spz->obuf;
  83. spz->zs.avail_out = BUFFER_SIZE;
  84. while (spz->zs.avail_out) {
  85. if (!spz->zs.avail_in && !spz->eoi) {
  86. int rlen;
  87. spz->zs.next_in = spz->ibuf;
  88. rlen = spz->read_data(spz->token, spz->ibuf, BUFFER_SIZE);
  89. if (rlen < 0) {
  90. if (!spz->err)
  91. spz->err = rlen;
  92. rlen = 0;
  93. }
  94. spz->eoi = !rlen;
  95. spz->zs.avail_in = rlen;
  96. }
  97. int rv = inflate(&spz->zs, Z_SYNC_FLUSH);
  98. if (rv == Z_OK || (rv == Z_BUF_ERROR && !spz->eoi))
  99. continue;
  100. spz->eoi = true;
  101. if (rv != Z_STREAM_END && !spz->err)
  102. spz->err = rv;
  103. break;
  104. }
  105. }
  106. }
  107. return p - (uint8_t *)buf;
  108. }
  109. /*
  110. * spz needs to be initialized to zero except the read_data and cookie
  111. * fields.
  112. */
  113. static int fwupdate_data_init(spz_stream *spz)
  114. {
  115. spz->zs.zalloc = spz_calloc;
  116. spz->zs.zfree = spz_free;
  117. spz->zs.opaque = spz; /* For error reporting */
  118. spz->err = Z_OK;
  119. /* This is necessary due to unziplib damage */
  120. spz->zs.state = spz_calloc(spz, 1, sizeof(struct inflate_state));
  121. if (!spz->zs.state)
  122. goto err;
  123. for (int i = 0; i < SPZ_NBUF; i++) {
  124. spz->bufs[i] = spz_malloc(spz, BUFFER_SIZE);
  125. if (!spz->bufs[i])
  126. goto err;
  127. }
  128. /* gzip, max window size */
  129. int rv = inflateInit2(&spz->zs, 16 + 15);
  130. printf("[FWUP] fwupdate_data_init: inflateInit2 returned %d\n", rv);
  131. if (rv != Z_OK && rv != Z_STREAM_END) {
  132. spz->err = rv;
  133. goto err;
  134. }
  135. spz->cleanup = true;
  136. err:
  137. return spz->err;
  138. }
  139. static int fwupdate_data_cleanup(spz_stream *spz)
  140. {
  141. int err = 0;
  142. if (!spz)
  143. return 0;
  144. err = spz->err;
  145. if (spz->cleanup)
  146. inflateEnd(&spz->zs);
  147. /* Don't reload the FPGA on error; it wedges the JTAG bus */
  148. if (spz->fpga_updated && !err)
  149. fpga_reset();
  150. for (int i = 0; i < SPZ_NBUF; i++) {
  151. if (spz->bufs[i])
  152. free(spz->bufs[i]);
  153. }
  154. if (spz->zs.state)
  155. free(spz->zs.state);
  156. return err;
  157. }
  158. /*
  159. * Blash a full chunk of data as a JTAG SHIFT_DR transaction
  160. */
  161. int jtag_shift_spz(spz_stream *spz, enum jtag_io_flags flags)
  162. {
  163. unsigned int data_left = spz->header.len;
  164. int err = 0;
  165. if (!data_left)
  166. return 0;
  167. while (data_left) {
  168. unsigned int bytes = data_left;
  169. int rv;
  170. if (bytes > BUFFER_SIZE)
  171. bytes = BUFFER_SIZE;
  172. rv = spz_read_data(spz, spz->dbuf, bytes);
  173. if (rv < 1) {
  174. err = Z_DATA_ERROR;
  175. break;
  176. }
  177. data_left -= rv;
  178. jtag_io(rv << 3, data_left ? 0 : flags, spz->dbuf, NULL);
  179. }
  180. return err;
  181. }
  182. static void *fwupdate_read_chunk_str(spz_stream *spz)
  183. {
  184. int rv;
  185. if (spz->header.len >= BUFFER_SIZE) {
  186. spz->err = Z_DATA_ERROR;
  187. return NULL;
  188. }
  189. rv = spz_read_data(spz, spz->dbuf, spz->header.len);
  190. if (spz->err) {
  191. return NULL;
  192. }
  193. if (rv != (int)spz->header.len) {
  194. spz->err = Z_DATA_ERROR;
  195. return NULL;
  196. }
  197. spz->dbuf[spz->header.len] = '\0';
  198. return spz->dbuf;
  199. }
  200. /* Skip a data chunk */
  201. static int fwupdate_skip_chunk(spz_stream *spz)
  202. {
  203. unsigned int skip = spz->header.len;
  204. while (skip) {
  205. unsigned int block = skip;
  206. if (block > BUFFER_SIZE)
  207. block = BUFFER_SIZE;
  208. int rv = spz_read_data(spz, spz->dbuf, block);
  209. if (spz->err)
  210. return spz->err;
  211. if (rv != (int)block) {
  212. return spz->err = Z_DATA_ERROR;
  213. }
  214. skip -= block;
  215. }
  216. return 0;
  217. }
  218. static int fwupdate_boardinfo(spz_stream *spz)
  219. {
  220. uint8_t *board_info_data = spz_malloc(spz, BOARDINFO_SIZE);
  221. int rv = Z_OK;
  222. MSG("updating FPGA board_info\n");
  223. if (!board_info_data)
  224. return spz->err;
  225. if (board_info.len >= 16 &&
  226. board_info.len <= sizeof board_info &&
  227. board_info.len <= BOARDINFO_SIZE) {
  228. memcpy(board_info_data, &board_info, board_info.len);
  229. memset(board_info_data + board_info.len, 0xff,
  230. BOARDINFO_SIZE - board_info.len);
  231. rv = spiflash_write_spz(spz, board_info_data, BOARDINFO_SIZE);
  232. }
  233. free(board_info_data);
  234. fwupdate_skip_chunk(spz);
  235. if (rv)
  236. spz->err = rv;
  237. return spz->err;
  238. }
  239. /* Get a piece of the chunk header */
  240. static int fwupdate_get_header_data(spz_stream *spz, void *buf, size_t len)
  241. {
  242. int rv;
  243. rv = spz_read_data(spz, buf, len);
  244. if (spz->err)
  245. return spz->err;
  246. else if (!rv)
  247. return Z_STREAM_END;
  248. else if (rv != len)
  249. return spz->err = Z_STREAM_ERROR;
  250. else
  251. return Z_OK;
  252. }
  253. /* Get and validate a chunk header */
  254. static int fwupdate_get_header(spz_stream *spz)
  255. {
  256. struct fw_header * const hdr = &spz->header;
  257. uint8_t *hptr = (uint8_t *)hdr;
  258. int rv;
  259. unsigned int hlen;
  260. memset(hdr, 0, sizeof *hdr);
  261. hdr->vmax = -1;
  262. rv = fwupdate_get_header_data(spz, hptr, FW_HDR_LEN_V1);
  263. if (rv)
  264. return rv;
  265. switch (hdr->magic) {
  266. case FW_MAGIC_V1:
  267. hlen = FW_HDR_LEN_V1;
  268. break;
  269. case FW_MAGIC_V2:
  270. hlen = FW_HDR_LEN_V2;
  271. break;
  272. default:
  273. MSG("bad chunk header magic 0x%08x\n", hdr->magic);
  274. hlen = 0;
  275. rv = Z_DATA_ERROR;
  276. break;
  277. }
  278. if (hlen > FW_HDR_LEN_V1) {
  279. rv = fwupdate_get_header_data(spz, hptr + FW_HDR_LEN_V1,
  280. hlen - FW_HDR_LEN_V1);
  281. if (rv == Z_STREAM_END) /* Only valid for the first chunk */
  282. rv = Z_STREAM_ERROR;
  283. }
  284. return spz->err = rv;
  285. }
  286. /* Process a data chunk; return a nonzero value if done */
  287. static int fwupdate_process_chunk(spz_stream *spz)
  288. {
  289. int rv;
  290. char *str;
  291. rv = fwupdate_get_header(spz);
  292. if (rv)
  293. return rv;
  294. if (spz->header.type != FDT_NOTE &&
  295. spz->header.type != FDT_TARGET &&
  296. spz->header.type != FDT_END &&
  297. !(spz->header.flags & FDF_PRETARGET)) {
  298. if (!spz->vmatch.magic) {
  299. /* No matching firmware target support */
  300. return spz->err = FWUPDATE_ERR_NOT_MINE;
  301. }
  302. if (spz->header.vmin > spz->vmatch.vmax ||
  303. spz->header.vmax < spz->vmatch.vmin ||
  304. ((spz->header.vmatch ^ spz->vmatch.vmatch) & spz->header.vmask)) {
  305. /* Chunk not applicable to this target */
  306. return fwupdate_skip_chunk(spz);
  307. }
  308. }
  309. switch (spz->header.type) {
  310. case FDT_END:
  311. return Z_STREAM_END; /* End of data - not an error */
  312. case FDT_DATA:
  313. MSG("updating FPGA flash\n");
  314. return spiflash_write_spz(spz, NULL, 0);
  315. case FDT_BOARDINFO:
  316. return fwupdate_boardinfo(spz);
  317. case FDT_TARGET:
  318. {
  319. bool match;
  320. str = fwupdate_read_chunk_str(spz);
  321. match = match_version(board_info.version_str, str);
  322. if (match || spz->header.magic == FW_MAGIC_V1)
  323. spz->vmatch = spz->header;
  324. MSG("firmware file supports: %s%s\n",
  325. str, match ? " (match)" : "");
  326. return Z_OK;
  327. }
  328. case FDT_NOTE:
  329. str = fwupdate_read_chunk_str(spz);
  330. MSG("%s\n", str);
  331. return Z_OK;
  332. case FDT_ESP_OTA:
  333. MSG("updating ESP32... ");
  334. spz->esp_updated = true;
  335. rv = esp_update((read_func_t)spz_read_data, (token_t)spz,
  336. spz->header.len);
  337. CMSG("done.\n");
  338. return rv;
  339. case FDT_FPGA_INIT:
  340. MSG("initializing FPGA for flash programming... ");
  341. spz->fpga_updated = true;
  342. rv = fpga_program_spz(spz);
  343. CMSG("done\n");
  344. return rv;
  345. case FDT_ESP_PART:
  346. case FDT_ESP_SYS:
  347. case FDT_ESP_TOOL:
  348. /* Not applicable to this update method */
  349. return fwupdate_skip_chunk(spz);
  350. default:
  351. if (spz->header.flags & FDF_OPTIONAL) {
  352. return fwupdate_skip_chunk(spz);
  353. } else {
  354. MSG("unknown chunk type: %u\n", spz->header.type);
  355. return spz->err = Z_DATA_ERROR;
  356. }
  357. }
  358. }
  359. const char *firmware_errstr(int err)
  360. {
  361. static char unknown_err[32];
  362. static const char * const errstr[] = {
  363. [-Z_STREAM_ERROR] = "Decompression error",
  364. [-Z_DATA_ERROR] = "Invalid data stream",
  365. [-Z_MEM_ERROR] = "Out of memory",
  366. [-Z_BUF_ERROR] = "Decompression error",
  367. [-FWUPDATE_ERR_IN_PROGRESS] =
  368. "Firmware update already in progress",
  369. [-FWUPDATE_ERR_BAD_CHUNK] = "Invalid firmware chunk header",
  370. [-FWUPDATE_ERR_ERASE_FAILED] = "FPGA flash erase failed",
  371. [-FWUPDATE_ERR_PROGRAM_FAILED] = "FGPA flash program failed",
  372. [-FWUPDATE_ERR_WRITE_PROTECT] = "FPGA flash write protected",
  373. [-FWUPDATE_ERR_NOT_READY] = "FPGA flash stuck at not ready",
  374. [-FWUPDATE_ERR_FPGA_JTAG] =
  375. "FPGA JTAG bus stuck, check for JTAG adapter or power cycle board",
  376. [-FWUPDATE_ERR_FPGA_MISMATCH] =
  377. "Bad FPGA IDCODE, check for JTAG adapter or power cycle board",
  378. [-FWUPDATE_ERR_FPGA_FAILED] = "FPGA reboot failed",
  379. [-FWUPDATE_ERR_UNKNOWN] = "Unidentified error",
  380. [-FWUPDATE_ERR_ESP_NO_PARTITION] = "No available ESP partition",
  381. [-FWUPDATE_ERR_ESP_BAD_OTA] = "ESP OTA information corrupt",
  382. [-FWUPDATE_ERR_ESP_FLASH_FAILED] = "ESP flash program failed",
  383. [-FWUPDATE_ERR_ESP_BAD_DATA] = "ESP firmware image corrupt",
  384. [-FWUPDATE_ERR_CONFIG_READ] = "Configuration upload failure",
  385. [-FWUPDATE_ERR_CONFIG_SAVE] = "Error saving configuration",
  386. [-FWUPDATE_ERR_NOT_MINE] = "Firmware file is not compatible"
  387. };
  388. switch (err) {
  389. case Z_OK:
  390. return errstr[-FWUPDATE_ERR_UNKNOWN];
  391. case Z_ERRNO:
  392. return strerror(errno);
  393. case -ARRAY_SIZE(errstr)+1 ... Z_STREAM_ERROR:
  394. if (errstr[-err])
  395. return errstr[-err];
  396. /* fall through */
  397. default:
  398. snprintf(unknown_err, sizeof unknown_err, "error %d", -err);
  399. return unknown_err;
  400. }
  401. }
  402. static TaskHandle_t fwupdate_task;
  403. static spz_stream *fwupdate_spz;
  404. static SemaphoreHandle_t fwupdate_done;
  405. static bool do_reboot;
  406. static void firmware_update_task(void *pvt)
  407. {
  408. spz_stream *spz = pvt;
  409. fpga_service_enable(false);
  410. printf("[FWUP] fwupdate_data_init()\n");
  411. spz->err = fwupdate_data_init(spz);
  412. if (spz->err)
  413. goto fail;
  414. printf("[FWUP] fwupdate_process_chunk loop\n");
  415. int err;
  416. while (!(err = fwupdate_process_chunk(spz))) {
  417. /* Process data chunks until end */
  418. }
  419. if (!spz->err && err != Z_STREAM_END)
  420. spz->err = err;
  421. printf("[FWUP] fwupdate_data_cleanup\n");
  422. err = fwupdate_data_cleanup(spz);
  423. if (err)
  424. spz->err = err;
  425. fail:
  426. if (spz->err)
  427. MSG("failed (err %d)\n", spz->err);
  428. xSemaphoreGive(fwupdate_done);
  429. if (do_reboot) {
  430. printf("[FWUP] rebooting in %d seconds\n", reboot_delayed());
  431. while (1)
  432. vTaskSuspend(NULL);
  433. } else {
  434. exit_task();
  435. }
  436. }
  437. static int firmware_update_cleanup(void)
  438. {
  439. int err = Z_OK;
  440. fwupdate_task = NULL;
  441. if (fwupdate_done) {
  442. SemaphoreHandle_t done = fwupdate_done;
  443. fwupdate_done = NULL;
  444. vSemaphoreDelete(done);
  445. } else {
  446. err = Z_MEM_ERROR;
  447. }
  448. if (fwupdate_spz) {
  449. struct spz_stream *spz = fwupdate_spz;
  450. if (spz->err)
  451. err = spz->err;
  452. fwupdate_spz = NULL;
  453. free(spz);
  454. } else {
  455. err = Z_MEM_ERROR;
  456. }
  457. return err;
  458. }
  459. int firmware_update_start(read_func_t read_data, token_t token, bool autoreboot)
  460. {
  461. do_reboot = autoreboot;
  462. if (fwupdate_spz)
  463. return FWUPDATE_ERR_IN_PROGRESS;
  464. fwupdate_spz = calloc(1, sizeof *fwupdate_spz);
  465. if (!fwupdate_spz)
  466. goto err;
  467. fwupdate_spz->read_data = read_data;
  468. fwupdate_spz->token = token;
  469. fwupdate_done = xSemaphoreCreateBinary();
  470. if (!fwupdate_done)
  471. goto err;
  472. if (xTaskCreate(firmware_update_task, "fwupdate",
  473. FWUPDATE_STACK, fwupdate_spz,
  474. FWUPDATE_PRIORITY, &fwupdate_task) != pdPASS) {
  475. xSemaphoreGive(fwupdate_done);
  476. }
  477. return Z_OK;
  478. err:
  479. return firmware_update_cleanup();
  480. }
  481. int firmware_update_wait(TickType_t delay)
  482. {
  483. if (!fwupdate_done)
  484. return Z_MEM_ERROR;
  485. if (!xSemaphoreTake(fwupdate_done, delay))
  486. return FWUPDATE_ERR_IN_PROGRESS;
  487. return firmware_update_cleanup();
  488. }