Updater: Add safety memory to updater

2021-04-06 20:55:41 +02:00
parent 08eee66d30
commit 6e5627fde2
9 changed files with 86 additions and 22 deletions
--- a/stm-firmware/include/reflow-controller/safety/safety-memory.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-memory.h
@@ -240,13 +240,15 @@ int safety_memory_insert_config_override(struct config_override *config_override
 int safety_memory_get_config_override_count(uint32_t *count);
 /**
- * @brief Get a config ovveide entry
+ * @brief Get a config  entry
 * @param idx Index of the requested entry
 * @param[out] config_override READ override
 * @return 0 if successful
 */
 int safety_memory_get_config_override(uint32_t idx, struct config_override *config_override);
 #ifndef SAFETY_MEMORY_STRIPOUT_DUMP
 /**
 * @brief Get a base64 dump of the whole safety memory.
 * @param[out] buffer Buffer to write the base 64 dump into.
@@ -256,6 +258,8 @@ int safety_memory_get_config_override(uint32_t idx, struct config_override *conf
 */
 int safety_memory_dump_base64(char *buffer, size_t buffsize, size_t *used_size);
 #endif /* SAFETY_MEMORY_STRIPOUT_DUMP */
 #endif /* __SAFETY_MEMORY_H__ */
 /** @} */
--- a/stm-firmware/include/reflow-controller/updater/updater.h
+++ b/stm-firmware/include/reflow-controller/updater/updater.h
@@ -25,7 +25,14 @@
 /**
 * @brief Start the RAM Code of the updater. This function will never return!
 *
 * This function is called at startup when the controller detects, that an update should
 * be performed.
 *
 * @note You prabably want to call @ref start_updater function to update.
 */
 void __attribute__((noreturn)) start_updater_ram_code(void);
 void __attribute__((noreturn)) start_updater(void);
 #endif /* __UPDATER_UPDATER_H__ */
--- a/stm-firmware/main.c
+++ b/stm-firmware/main.c
@@ -162,7 +162,7 @@ static inline void handle_boot_status(void)
 		led_set(0, 1);
 		led_set(1, 1);
-		start_updater();
+		start_updater_ram_code();
 	}
 }
--- a/stm-firmware/safety/safety-memory.c
+++ b/stm-firmware/safety/safety-memory.c
@@ -22,7 +22,10 @@
 #include <helper-macros/helper-macros.h>
 #include <stm-periph/crc-unit.h>
 #include <stm-periph/backup-ram.h>
 #ifndef SAFETY_MEMORY_STRIPOUT_DUMP
 #include <base64-lib/base64-lib.h>
 #endif /* SAFETY_MEMORY_STRIPOUT_DUMP */
 static int word_to_error_memory_entry(uint32_t entry_data, struct error_memory_entry *out)
 {
@@ -608,6 +611,8 @@ int safety_memory_get_config_override(uint32_t idx, struct config_override *conf
 	return 0;
 }
 #ifndef SAFETY_MEMORY_STRIPOUT_DUMP
 int safety_memory_dump_base64(char *buffer, size_t buffsize, size_t *used_size)
 {
 	uint32_t safety_mem_size;
@@ -633,3 +638,5 @@ int safety_memory_dump_base64(char *buffer, size_t buffsize, size_t *used_size)
 		*used_size = output_size + 1u;
 	return 0;
 }
 #endif /* SAFETY_MEMORY_STRIPOUT_DUMP */
--- a/stm-firmware/shell.c
+++ b/stm-firmware/shell.c
@@ -42,6 +42,7 @@
 #include <reflow-controller/safety/safety-memory.h>
 #include <reflow-controller/hw-version-detect.h>
 #include <reflow-controller/temp-profile-executer.h>
 #include <reflow-controller/updater/updater.h>
 #ifndef GIT_VER
 #define GIT_VER "VERSION NOT SET"
@@ -631,13 +632,8 @@ shellmatta_retCode_t shell_cmd_update(const shellmatta_handle_t handle, const ch
 	(void)handle;
 	(void)arguments;
 	(void)length;
 	struct safety_memory_boot_status status;
-	safety_memory_get_boot_status(&status);
+	start_updater();
 	status.reboot_to_bootloader = 0xFFFFFFFFUL;
 	safety_memory_set_boot_status(&status);
 	NVIC_SystemReset();
 	return SHELLMATTA_OK;
 }
@@ -924,8 +920,8 @@ static shellmatta_cmd_t cmd[21] = {
 	{
 		.cmd = "update",
 		.cmdAlias = NULL,
-		.helpText = "Update Firmware",
+		.helpText = "Update Firmware. The updater searches for a file called update.hex",
-		.usageText = "",
+		.usageText = "update",
 		.cmdFct = shell_cmd_update,
 		.next = &cmd[19],
--- a/stm-firmware/updater/ram-code/CMakeLists.txt
+++ b/stm-firmware/updater/ram-code/CMakeLists.txt
@@ -13,13 +13,15 @@ set(ELFFILE "${PROJECT_NAME}.elf")
 aux_source_directory("." SRCS)
 aux_source_directory("fatfs" FATFS_SRCS)
 aux_source_directory("fatfs/shimatta_sdio_driver" SDIO_SRCS)
 aux_source_directory("../../stm-periph" STM_PERIPH_SRCS)
 set(SAFETY_MEMORY_SRCS "../../safety/safety-memory.c")
-add_executable(${ELFFILE} ${SRCS} ${FATFS_SRCS} ${SDIO_SRCS})
+add_executable(${ELFFILE} ${SRCS} ${FATFS_SRCS} ${SDIO_SRCS} ${STM_PERIPH_SRCS} ${SAFETY_MEMORY_SRCS})
-target_include_directories(${ELFFILE} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include)
+target_include_directories(${ELFFILE} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include ../../include)
 target_compile_options(${ELFFILE} PRIVATE -Wall -Wextra -Wold-style-declaration -Wuninitialized -Wmaybe-uninitialized -Wunused-parameter)
 target_compile_options(${ELFFILE} PRIVATE -mlittle-endian -mthumb -mcpu=cortex-m4 -mthumb-interwork -mfloat-abi=hard -mfpu=fpv4-sp-d16 -nostartfiles -Wimplicit-fallthrough=3 -Wsign-compare -Os -g3)
-target_compile_definitions(${ELFFILE} PRIVATE -DBASE64_LOOKUP_TABLE_SECTION=\".ccm.bss\" -DSHELLMATTA_HELP_ALIAS=\"?\" -DGIT_VER=${GIT_DESCRIBE} -DHSE_VALUE=8000000UL -DSTM32F407xx -DSTM32F4XX -DARM_MATH_CM4)
+target_compile_definitions(${ELFFILE} PRIVATE -DGIT_VER=${GIT_DESCRIBE} -DHSE_VALUE=8000000UL -DSTM32F407xx -DSTM32F4XX -DARM_MATH_CM4 -DSAFETY_MEMORY_STRIPOUT_DUMP)
 target_link_options(${ELFFILE} PRIVATE -mlittle-endian -mthumb -mcpu=cortex-m4 -mthumb-interwork -mfloat-abi=hard -mfpu=fpv4-sp-d16 --disable-newlib-supplied-syscalls -nostartfiles -T${LINKER_SCRIPT} -Wl,--print-memory-usage)
 set(GEN_HEADER_PATH "${CMAKE_CURRENT_BINARY_DIR}/include/generated")
 set(GEN_HEADER_FILE "${GEN_HEADER_PATH}/${PROJECT_NAME}.bin.h")
--- a/stm-firmware/updater/ram-code/main.c
+++ b/stm-firmware/updater/ram-code/main.c
@@ -3,6 +3,14 @@
 #include <cmsis/core_cm4.h>
 #include "hex-parser.h"
 #include <fatfs/ff.h>
 /* This is used to get the defines for the external watchdog */
 #include <reflow-controller/safety/safety-config.h>
 #include <helper-macros/helper-macros.h>
 #include <stm-periph/stm32-gpio-macros.h>
 #include <reflow-controller/safety/safety-memory.h>
 #include <stdbool.h>
 static volatile unsigned int wait_tick;
@@ -12,6 +20,14 @@ static void watchdog_ack(void)
 	IWDG->KR = 0xAAAA;
 }
 static void external_watchdog_disable(void)
 {
 	RCC->AHB1ENR |= SAFETY_EXT_WATCHDOG_RCC_MASK;
 	__DSB();
 	/* Set Pin to input. This disables the external watchdog. */
 	SAFETY_EXT_WATCHDOG_PORT->MODER &= MODER_DELETE(SAFETY_EXT_WATCHDOG_PIN);
 }
 void sdio_wait_ms(unsigned int ms)
 {
 	wait_tick = 0;
@@ -23,7 +39,11 @@ static FATFS _fs;
 static void __attribute__((noreturn)) ram_code_exit(bool updated)
 {
-	(void)updated;
+	struct safety_memory_boot_status boot_status;
 	safety_memory_get_boot_status(&boot_status);
 	boot_status.code_updated = updated ? 0xFFFFFFFFUL : 0x0UL;
 	boot_status.reboot_to_bootloader = 0x0UL;
 	safety_memory_set_boot_status(&boot_status);
 	NVIC_SystemReset();
 	while(1);
@@ -32,15 +52,30 @@ static void __attribute__((noreturn)) ram_code_exit(bool updated)
 int ram_code_main(void)
 {
 	FRESULT fres;
 	int res;
 	enum safety_memory_state safety_mem_state;
 	enum hex_parser_ret hex_ret;
 	struct hex_parser parser;
 	SysTick_Config(168000UL);
 	external_watchdog_disable();
 	__enable_irq();
 	res = safety_memory_init(&safety_mem_state);
 	if (res || safety_mem_state != SAFETY_MEMORY_INIT_VALID_MEMORY) {
 		ram_code_exit(false);
 	}
 	fres = f_mount(fs, "0:/", 1);
 	if (fres != FR_OK) {
 		ram_code_exit(false);
 	}
 	hex_ret = hex_parser_open(&parser, "update.hex");
 	if (hex_ret != HEX_PARSER_OK) {
 		ram_code_exit(false);
 	}
 	while(1) {
 		__WFI();
 	}
--- a/stm-firmware/updater/ram-code/startup.c
+++ b/stm-firmware/updater/ram-code/startup.c
@@ -260,28 +260,28 @@ extern unsigned int __ld_vector_start;
 extern unsigned int __ld_sbss;
 extern unsigned int __ld_ebss;
 #ifdef CPACR
 #undef CPACR
 #endif
 #define CPACR (*((volatile uint32_t *)0xE000ED88))
-void Reset_Handler(void)
+void Reset_Handler()
 {
 	/* The first thing we do here, is to initialize the FPU
 	 * When this code is compiled optimized with hardfpu abi,
 	 * GCC tends to generate FPU instructions for data copying
 	 */
 	CPACR |= (0xF << 20);
-	/* Reset the stack pointer to top of stack. SP is not required to be inside the clobber list! */
+
 	__asm__ __volatile__ ("mov sp, %0\n\t" :: "r"(&__ld_top_of_stack) :);
 	/* Fill bss with zero */
 	__fill_zero(&__ld_sbss, &__ld_ebss);
-	/* Fill Heap with zero */
+
 	/* Reset the stack pointer to top of stack. SP is not required to be inside the clobber list! */
 	__asm__ __volatile__ ("mov sp, %0\n\t" :: "r"(&__ld_top_of_stack) :);
 	ram_code_main();	
--- a/stm-firmware/updater/updater.c
+++ b/stm-firmware/updater/updater.c
@@ -19,6 +19,7 @@
 */
 #include <reflow-controller/updater/updater.h>
 #include <reflow-controller/safety/safety-memory.h>
 #include <reflow-controller/safety/watchdog.h>
 #include <generated/updater-ram-code.bin.h>
 #include <stm32/stm32f4xx.h>
@@ -26,7 +27,7 @@
 #include <stdint.h>
 #include <stddef.h>
-void __attribute__((noreturn)) start_updater(void)
+void __attribute__((noreturn)) start_updater_ram_code(void)
 {
 	const char *updater_src = binary_blob;
 	char *dest_ptr = (char *)UPDATER_RAM_CODE_BASE_ADDRESS;
@@ -57,3 +58,15 @@ void __attribute__((noreturn)) start_updater(void)
 	while(1);
 }
 void __attribute__((noreturn)) start_updater(void)
 {
 	struct safety_memory_boot_status status;
 	safety_memory_get_boot_status(&status);
 	status.reboot_to_bootloader = 0xFFFFFFFFUL;
 	safety_memory_set_boot_status(&status);
 	NVIC_SystemReset();
 	while (1);
 }