NCSDK-33289: Unify max app size methods #440
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…p-move/swap-offset When computing the maximum image size in bootutil_max_image_size for swap-move or swap-offset strategy, the computation was using the size of the flash area provided as argument and was not taking into account the size of the padding sector. This was causing an incorrect size to be returned in some cases, for example when the two slots have the same size or when the slots haven't the same size but the routine is called for the slot containing the padding sector. For example, let's imagine swap-move is being used on a device having a sector size S and two slots of N bytes. This is valid configuration and the maximum image size is N - S - T, T being the size of the trailer rounded up to the next multiple of S. When calling bootutil_max_image_size with either the primary or secondary slot, the size N - T is returned, which is incorrect. This commit fixes the issue by computing always the maximum image using the size of the slot containing the padding and substracting the size of the padding and of the aligned trailer. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com> Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no> (cherry picked from commit 61d280b)
…ng validation When checking the size of an image in bootutil_img_validate, the offset to the end of the TLV area was used as the image size in all cases. However, when using swap-offset, the upgrade image is written in the secondary with an offset. This offset is not part of the image and must therefore not be taken into account in the image size. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com> Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no> (cherry picked from commit 2e60519)
…wap-offset For the swap-move and swap-offset strategies, the computation of the largest image size was not taking taking into account the padding that is needed when using those strategies. Due to this limitation, the simulator is currently using hardcoded image sizes, smaller than the maximum possible size, when running tests for the swap-move or swap-offset strategies. This commit fixes the maximum image size computation for those strategies. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com> Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no> (cherry picked from commit 0677d0d)
The simulator was testing the upgrade with the largest image possible for all strategies, except for overwrite-only, swap-move and swap-offset because some tests were failing when the maximum image size was used. For overwrite-only, this was due to an incorrect trailer size computation. This has been fixed by 88294be. For swap-move and swap-offset, this was due to the simulator not taking into account the padding needed by those strategies in the primary or secondary slot, but also to incorrect computation of the maximum image size in some cases by the MCUboot library. Both issues have been fixed by the previous commits. Since all those issues have been fixed, the simulator can now be configured to test upgrade with the largest possible image for all strategies. Note that logic needed to generate image of a given image is kept even if not useful anymore at the moment, since that might be needed when test will be added to ensure proper behavior when images of different sizes are used. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com> Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no> (cherry picked from commit f7394e3)
…gn-32 The test case oversized_secondary_slot, introduced by PR !1286 was not enabled when the 'max-align-32' feature was selected because of the test case was failing with some configurations. Since 88294be, the oversized_secondary_slot test is now passing with 'max-align-32' in all configurations and can therefore be enabled. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com> Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no> (cherry picked from commit 94fe5c9)
tomchy
force-pushed
the
bugfix/swap/NCSDK-33289_Unify_max_app_size_methods
branch
from
eb4efc8 to
e74e382
Compare
Remove redundant application size calculations in favour of a swap-specific function, implemented inside swap_<type>.c. In this way, slot sizes use the same restrictions as image validation. Upstream PR #: 2318 Signed-off-by: Tomasz Chyrowicz <tomasz.chyrowicz@nordicsemi.no>
tomchy
force-pushed
the
bugfix/swap/NCSDK-33289_Unify_max_app_size_methods
branch
from
e74e382 to
8bc99a2
Compare
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.