PX4 Firmware
PX4 Autopilot Software http://px4.io
px4io_uploader.cpp
Go to the documentation of this file.
1 /****************************************************************************
2  *
3  * Copyright (c) 2012-2015 PX4 Development Team. All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in
13  * the documentation and/or other materials provided with the
14  * distribution.
15  * 3. Neither the name PX4 nor the names of its contributors may be
16  * used to endorse or promote products derived from this software
17  * without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
24  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
25  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
26  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
27  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
29  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30  * POSSIBILITY OF SUCH DAMAGE.
31  *
32  ****************************************************************************/
33 
34 /**
35  * @file uploader.cpp
36  * Firmware uploader for PX4IO
37  */
38 
39 #include <px4_platform_common/px4_config.h>
40 #include <px4_platform_common/time.h>
41 
42 #include <sys/types.h>
43 #include <stdlib.h>
44 #include <stdint.h>
45 #include <stdbool.h>
46 #include <assert.h>
47 #include <errno.h>
48 #include <string.h>
49 #include <stdio.h>
50 #include <stdarg.h>
51 #include <unistd.h>
52 #include <fcntl.h>
53 #include <poll.h>
54 #include <termios.h>
55 #include <sys/stat.h>
56 #include <nuttx/arch.h>
57 
58 #include <crc32.h>
59 
60 #include "uploader.h"
61 
62 #include <board_config.h>
63 
64 // define for comms logging
65 //#define UDEBUG
66 
68  _io_fd(-1),
69  _fw_fd(-1),
70  bl_rev(0)
71 {
72 }
73 
74 int
75 PX4IO_Uploader::upload(const char *filenames[])
76 {
77  int ret;
78  const char *filename = NULL;
79  size_t fw_size;
80 
81 #ifndef PX4IO_SERIAL_DEVICE
82 #error Must define PX4IO_SERIAL_DEVICE in board configuration to support firmware upload
83 #endif
84 
85  /* allow an early abort and look for file first */
86  for (unsigned i = 0; filenames[i] != nullptr; i++) {
87  _fw_fd = open(filenames[i], O_RDONLY);
88 
89  if (_fw_fd < 0) {
90  log("failed to open %s", filenames[i]);
91  continue;
92  }
93 
94  log("using firmware from %s", filenames[i]);
95  filename = filenames[i];
96  break;
97  }
98 
99  if (filename == NULL) {
100  log("no firmware found");
101  close(_io_fd);
102  _io_fd = -1;
103  return -ENOENT;
104  }
105 
106  _io_fd = open(PX4IO_SERIAL_DEVICE, O_RDWR);
107 
108  if (_io_fd < 0) {
109  log("could not open interface");
110  return -errno;
111  }
112 
113  /* save initial uart configuration to reset after the update */
114  struct termios t_original;
115  tcgetattr(_io_fd, &t_original);
116 
117  /* adjust line speed to match bootloader */
118  struct termios t;
119  tcgetattr(_io_fd, &t);
120  cfsetspeed(&t, 115200);
121  tcsetattr(_io_fd, TCSANOW, &t);
122 
123  /* look for the bootloader for 150 ms */
124  for (int i = 0; i < 15; i++) {
125  ret = sync();
126 
127  if (ret == OK) {
128  break;
129 
130  } else {
131  px4_usleep(10000);
132  }
133  }
134 
135  if (ret != OK) {
136  /* this is immediately fatal */
137  log("bootloader not responding");
138  tcsetattr(_io_fd, TCSANOW, &t_original);
139  close(_io_fd);
140  _io_fd = -1;
141  return -EIO;
142  }
143 
144  struct stat st;
145 
146  if (stat(filename, &st) != 0) {
147  log("Failed to stat %s - %d\n", filename, (int)errno);
148  tcsetattr(_io_fd, TCSANOW, &t_original);
149  close(_io_fd);
150  _io_fd = -1;
151  return -errno;
152  }
153 
154  fw_size = st.st_size;
155 
156  if (_fw_fd == -1) {
157  tcsetattr(_io_fd, TCSANOW, &t_original);
158  close(_io_fd);
159  _io_fd = -1;
160  return -ENOENT;
161  }
162 
163  /* do the usual program thing - allow for failure */
164  for (unsigned retries = 0; retries < 1; retries++) {
165  if (retries > 0) {
166  log("retrying update...");
167  ret = sync();
168 
169  if (ret != OK) {
170  /* this is immediately fatal */
171  log("bootloader not responding");
172  tcsetattr(_io_fd, TCSANOW, &t_original);
173  close(_io_fd);
174  _io_fd = -1;
175  return -EIO;
176  }
177  }
178 
179  ret = get_info(INFO_BL_REV, bl_rev);
180 
181  if (ret == OK) {
182  if (bl_rev <= BL_REV) {
183  log("found bootloader revision: %d", bl_rev);
184 
185  } else {
186  log("found unsupported bootloader revision %d, exiting", bl_rev);
187  tcsetattr(_io_fd, TCSANOW, &t_original);
188  close(_io_fd);
189  _io_fd = -1;
190  return OK;
191  }
192  }
193 
194  ret = erase();
195 
196  if (ret != OK) {
197  log("erase failed");
198  continue;
199  }
200 
201  ret = program(fw_size);
202 
203  if (ret != OK) {
204  log("program failed");
205  continue;
206  }
207 
208  if (bl_rev <= 2) {
209  ret = verify_rev2(fw_size);
210 
211  } else {
212  /* verify rev 3 and higher. Every version *needs* to be verified. */
213  ret = verify_rev3(fw_size);
214  }
215 
216  if (ret != OK) {
217  log("verify failed");
218  continue;
219  }
220 
221  ret = reboot();
222 
223  if (ret != OK) {
224  log("reboot failed");
225  tcsetattr(_io_fd, TCSANOW, &t_original);
226  close(_io_fd);
227  _io_fd = -1;
228  return ret;
229  }
230 
231  log("update complete");
232 
233  ret = OK;
234  break;
235  }
236 
237  /* reset uart to previous/default baudrate */
238  tcsetattr(_io_fd, TCSANOW, &t_original);
239 
240  close(_fw_fd);
241  close(_io_fd);
242  _io_fd = -1;
243 
244  // sleep for enough time for the IO chip to boot. This makes
245  // forceupdate more reliably startup IO again after update
246  up_udelay(100 * 1000);
247 
248  return ret;
249 }
250 
251 int
252 PX4IO_Uploader::recv_byte_with_timeout(uint8_t *c, unsigned timeout)
253 {
254  struct pollfd fds[1];
255 
256  fds[0].fd = _io_fd;
257  fds[0].events = POLLIN;
258 
259  /* wait <timout> ms for a character */
260  int ret = ::poll(&fds[0], 1, timeout);
261 
262  if (ret < 1) {
263 #ifdef UDEBUG
264  log("poll timeout %d", ret);
265 #endif
266  return -ETIMEDOUT;
267  }
268 
269  read(_io_fd, c, 1);
270 #ifdef UDEBUG
271  log("recv_bytes 0x%02x", c);
272 #endif
273  return OK;
274 }
275 
276 int
277 PX4IO_Uploader::recv_bytes(uint8_t *p, unsigned count)
278 {
279  int ret = OK;
280 
281  while (count--) {
282  ret = recv_byte_with_timeout(p++, 5000);
283 
284  if (ret != OK) {
285  break;
286  }
287  }
288 
289  return ret;
290 }
291 
292 void
294 {
295  uint8_t c;
296  int ret;
297 
298  do {
299  // the small recv_bytes timeout here is to allow for fast
300  // drain when rebooting the io board for a forced
301  // update of the fw without using the safety switch
302  ret = recv_byte_with_timeout(&c, 40);
303 
304 #ifdef UDEBUG
305 
306  if (ret == OK) {
307  log("discard 0x%02x", c);
308  }
309 
310 #endif
311  } while (ret == OK);
312 }
313 
314 int
316 {
317 #ifdef UDEBUG
318  log("send 0x%02x", c);
319 #endif
320 
321  if (write(_io_fd, &c, 1) != 1) {
322  return -errno;
323  }
324 
325  return OK;
326 }
327 
328 int
329 PX4IO_Uploader::send(uint8_t *p, unsigned count)
330 {
331  int ret;
332 
333  while (count--) {
334  ret = send(*p++);
335 
336  if (ret != OK) {
337  break;
338  }
339  }
340 
341  return ret;
342 }
343 
344 int
345 PX4IO_Uploader::get_sync(unsigned timeout)
346 {
347  uint8_t c[2];
348  int ret;
349 
350  ret = recv_byte_with_timeout(c, timeout);
351 
352  if (ret != OK) {
353  return ret;
354  }
355 
356  ret = recv_byte_with_timeout(c + 1, timeout);
357 
358  if (ret != OK) {
359  return ret;
360  }
361 
362  if ((c[0] != PROTO_INSYNC) || (c[1] != PROTO_OK)) {
363  log("bad sync 0x%02x,0x%02x", c[0], c[1]);
364  return -EIO;
365  }
366 
367  return OK;
368 }
369 
370 int
372 {
373  drain();
374 
375  /* complete any pending program operation */
376  for (unsigned i = 0; i < (PROG_MULTI_MAX + 6); i++) {
377  send(0);
378  }
379 
381  send(PROTO_EOC);
382  return get_sync();
383 }
384 
385 int
386 PX4IO_Uploader::get_info(int param, uint32_t &val)
387 {
388  int ret;
389 
391  send(param);
392  send(PROTO_EOC);
393 
394  ret = recv_bytes((uint8_t *)&val, sizeof(val));
395 
396  if (ret != OK) {
397  return ret;
398  }
399 
400  return get_sync();
401 }
402 
403 int
405 {
406  log("erase...");
408  send(PROTO_EOC);
409  return get_sync(10000); /* allow 10s timeout */
410 }
411 
412 
413 static int read_with_retry(int fd, void *buf, size_t n)
414 {
415  int ret;
416  uint8_t retries = 0;
417 
418  do {
419  ret = read(fd, buf, n);
420  } while (ret == -1 && retries++ < 100);
421 
422  if (retries != 0) {
423  printf("read of %u bytes needed %u retries\n",
424  (unsigned)n,
425  (unsigned)retries);
426  }
427 
428  return ret;
429 }
430 
431 int
432 PX4IO_Uploader::program(size_t fw_size)
433 {
434  uint8_t *file_buf;
435  ssize_t count;
436  int ret;
437  size_t sent = 0;
438 
439  file_buf = new uint8_t[PROG_MULTI_MAX];
440 
441  if (!file_buf) {
442  log("Can't allocate program buffer");
443  return -ENOMEM;
444  }
445 
446  ASSERT((fw_size & 3) == 0);
447  ASSERT((PROG_MULTI_MAX & 3) == 0);
448 
449  log("programming %u bytes...", (unsigned)fw_size);
450 
451  ret = lseek(_fw_fd, 0, SEEK_SET);
452 
453  while (sent < fw_size) {
454  /* get more bytes to program */
455  size_t n = fw_size - sent;
456 
457  if (n > PROG_MULTI_MAX) {
458  n = PROG_MULTI_MAX;
459  }
460 
461  count = read_with_retry(_fw_fd, file_buf, n);
462 
463  if (count != (ssize_t)n) {
464  log("firmware read of %u bytes at %u failed -> %d errno %d",
465  (unsigned)n,
466  (unsigned)sent,
467  (int)count,
468  (int)errno);
469  ret = -errno;
470  break;
471  }
472 
473  sent += count;
474 
476  send(count);
477  send(file_buf, count);
478  send(PROTO_EOC);
479 
480  ret = get_sync(1000);
481 
482  if (ret != OK) {
483  break;
484  }
485  }
486 
487  delete [] file_buf;
488  return ret;
489 }
490 
491 int
493 {
494  uint8_t file_buf[4];
495  ssize_t count;
496  int ret;
497  size_t sent = 0;
498 
499  log("verify...");
500  lseek(_fw_fd, 0, SEEK_SET);
501 
503  send(PROTO_EOC);
504  ret = get_sync();
505 
506  if (ret != OK) {
507  return ret;
508  }
509 
510  while (sent < fw_size) {
511  /* get more bytes to verify */
512  size_t n = fw_size - sent;
513 
514  if (n > sizeof(file_buf)) {
515  n = sizeof(file_buf);
516  }
517 
518  count = read_with_retry(_fw_fd, file_buf, n);
519 
520  if (count != (ssize_t)n) {
521  log("firmware read of %u bytes at %u failed -> %d errno %d",
522  (unsigned)n,
523  (unsigned)sent,
524  (int)count,
525  (int)errno);
526  }
527 
528  if (count == 0) {
529  break;
530  }
531 
532  sent += count;
533 
534  if (count < 0) {
535  return -errno;
536  }
537 
538  ASSERT((count % 4) == 0);
539 
541  send(count);
542  send(PROTO_EOC);
543 
544  for (ssize_t i = 0; i < count; i++) {
545  uint8_t c;
546 
547  ret = recv_byte_with_timeout(&c, 5000);
548 
549  if (ret != OK) {
550  log("%d: got %d waiting for bytes", sent + i, ret);
551  return ret;
552  }
553 
554  if (c != file_buf[i]) {
555  log("%d: got 0x%02x expected 0x%02x", sent + i, c, file_buf[i]);
556  return -EINVAL;
557  }
558  }
559 
560  ret = get_sync();
561 
562  if (ret != OK) {
563  log("timeout waiting for post-verify sync");
564  return ret;
565  }
566  }
567 
568  return OK;
569 }
570 
571 int
572 PX4IO_Uploader::verify_rev3(size_t fw_size_local)
573 {
574  int ret;
575  uint8_t file_buf[4];
576  ssize_t count;
577  uint32_t sum = 0;
578  uint32_t bytes_read = 0;
579  uint32_t crc = 0;
580  uint32_t fw_size_remote;
581  uint8_t fill_blank = 0xff;
582 
583  log("verify...");
584  lseek(_fw_fd, 0, SEEK_SET);
585 
586  ret = get_info(INFO_FLASH_SIZE, fw_size_remote);
587  send(PROTO_EOC);
588 
589  if (ret != OK) {
590  log("could not read firmware size");
591  return ret;
592  }
593 
594  /* read through the firmware file again and calculate the checksum*/
595  while (bytes_read < fw_size_local) {
596  size_t n = fw_size_local - bytes_read;
597 
598  if (n > sizeof(file_buf)) {
599  n = sizeof(file_buf);
600  }
601 
602  count = read_with_retry(_fw_fd, file_buf, n);
603 
604  if (count != (ssize_t)n) {
605  log("firmware read of %u bytes at %u failed -> %d errno %d",
606  (unsigned)n,
607  (unsigned)bytes_read,
608  (int)count,
609  (int)errno);
610  }
611 
612  /* set the rest to ff */
613  if (count == 0) {
614  break;
615  }
616 
617  /* stop if the file cannot be read */
618  if (count < 0) {
619  return -errno;
620  }
621 
622  /* calculate crc32 sum */
623  sum = crc32part((uint8_t *)&file_buf, sizeof(file_buf), sum);
624 
625  bytes_read += count;
626  }
627 
628  /* fill the rest with 0xff */
629  while (bytes_read < fw_size_remote) {
630  sum = crc32part(&fill_blank, sizeof(fill_blank), sum);
631  bytes_read += sizeof(fill_blank);
632  }
633 
634  /* request CRC from IO */
636  send(PROTO_EOC);
637 
638  ret = recv_bytes((uint8_t *)(&crc), sizeof(crc));
639 
640  if (ret != OK) {
641  log("did not receive CRC checksum");
642  return ret;
643  }
644 
645  ret = get_sync();
646 
647  if (ret != OK) {
648  log("did not receive CRC checksum");
649  return ret;
650  }
651 
652  /* compare the CRC sum from the IO with the one calculated */
653  if (sum != crc) {
654  log("CRC wrong: received: %d, expected: %d", crc, sum);
655  return -EINVAL;
656  }
657 
658  return OK;
659 }
660 
661 int
663 {
664  int ret;
665 
667  up_udelay(100 * 1000); // Ensure the farend is in wait for char.
668  send(PROTO_EOC);
669 
670  ret = get_sync();
671 
672  if (ret == OK) {
673  up_udelay(10 * 1000); // Ensure that we do not close UART too soon
674  }
675 
676  return ret;
677 }
678 
679 void
680 PX4IO_Uploader::log(const char *fmt, ...)
681 {
682  va_list ap;
683 
684  printf("[PX4IO] ");
685  va_start(ap, fmt);
686  vprintf(fmt, ap);
687  va_end(ap);
688  printf("\n");
689  fflush(stdout);
690 }
int get_info(int param, uint32_t &val)
int verify_rev2(size_t fw_size)
int verify_rev3(size_t fw_size)
int get_sync(unsigned timeout=40)
supported bootloader protocol
Definition: uploader.h:79
bootloader protocol revision
Definition: uploader.h:78
uint32_t bl_rev
bootloader revision
Definition: uploader.h:91
static void read(bootloader_app_shared_t *pshared)
int program(size_t fw_size)
int recv_byte_with_timeout(uint8_t *c, unsigned timeout)
Firmware uploader definitions for PX4IO.
max firmware size in bytes
Definition: uploader.h:82
protocol max is 255, must be multiple of 4
Definition: uploader.h:84
int fd
Definition: dataman.cpp:146
static void write(bootloader_app_shared_t *pshared)
int recv_bytes(uint8_t *p, unsigned count)
int send(uint8_t c)
int upload(const char *filenames[])
static int read_with_retry(int fd, void *buf, size_t n)
#define OK
Definition: uavcan_main.cpp:71
void log(const char *fmt,...)