- Create a flash image in flash_image.bin, useful for both a real TKey
and QEMU.
- Use flash_image.bin directly in prog_flash for a real TKey, which
also flashes the bitstream.
- Remove building of tools/default_partition.bin.
- Update documentation about the tool use.
- We keep the load_preloaded_app.sh for development purposes,
but it's no longer used in the build.
Introduce the Makefile variable DEFAULT_APP which should be the path
to the device app binary to include in the obliagory slot 0.
Build automatically: the default app, the new digest file
mgmt_app_digest.h for the firmware which contains the digest of
DEFAULT_APP, the default partition table, and all the tools necessary
to generate this.
- Point out licensing terms in docs.
- Add missing SPDX tags
- Update the SPDX checker to check all the files we want to check.
- Include spdx-ensure in CI.
Allows an app to determine which type of device it is running on.
- Reserve vendor ID 0x7357 for people using Unlocked.
- Use Castor product ID.
- Serial number is just nonsense, as before.
When starting, reset the USB controller to only enable the USB CDC
endpoint and the internal command channel. If the app resets firmware,
but had differend endpoints enabled, we want to go back to a known
state.
The qemu_firmware is too large for the real hardware's 8k of ROM. The
emulator, however, has lots of ROM. Use a different linker script for
to reflect this.
Add a new syscall to enable an app to get the data left for it by the
previous app in chain.
- Change testloadapp to leave some data for the next app to read.
- Call system call with:
uint8_t next_app_data[RESET_DATA_SIZE];
syscall(TK1_SYSCALL_GET_APP_DATA, (uint32_t)next_app_data, 0, 0);
To retain the default behaviour from Bellatrix, we introduce a simple
default app. If used on flash app slot 0 we get the same behaviour as
in Bellatrix, that is, waiting for an app from the client.
Since we want to keep the user of the timer to the device apps, remove
the use of the timer for implementing a delay when writing to flash.
Let's try without any delay what so ever, just busylooping the query
to the chip.
- Set LED color to white when firmware has initialized
- Set LED color to black when changing state to loading
- Set LED color to blue when starting testloadapp
- Update mgmt app allowed digest since testloadapp changed
Instead of using 16 byte BLAKE2s with a dummy key, use plain vanilla
unkeyed 32 byte BLAKE2s for partition checksum.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
- Rename functions, defines, et c to indicate that it's a checksum
over the partition, not necessarily a cryptographic hash digest even
though we use a version of BLAKE2s.
- Add comments describing where the checksum is stored and what it is
used for.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
When we pass pointers in system calls these pointers should point to
app RAM, not any other parts of the memory map, and especially not to
memory like FW_RAM that is only available in in a higher privilege
mode.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Limit flash offsets passed to syscalls. Be sure to check the limits
before doing any form of calculation with the passed values.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
- Add per app flash storage
- Adds four data areas. An app can allocate an area. Once allocated
the area is tied to the CDI of the app and can only be
read/written/deallocated by the same app.
- Add two pre loaded app slots to flash
- Load an app from the first slot at boot. The app digest must match a
specific digest specified in firmware.
- Optionally load an app from the second slot
- Add a resetinfo area in FW_RAM which is used to signal an app's intent
of resetting the system and, optionally, pass data to firmware or the
next app in a bootchain.
Co-authored-by: Jonas Thörnblad <jonas@tillitis.se>
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
