Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

boot: bootutil: Fix last sector index computation for swap-offset #2214

Merged
merged 1 commit into from
Feb 24, 2025
Merged

boot: bootutil: Fix last sector index computation for swap-offset #2214

merged 1 commit into from
Feb 24, 2025

Conversation

taltenbach
Copy link
Contributor

@taltenbach taltenbach commented Feb 22, 2025
edited
Loading

I'm currently trying to modify the simulator to test upgrades with the largest possible images for all possible upgrade strategies (currently this is not made for some strategies such as swap-offset). While playing with the simulator I noticed the swap-offset upgrade was failing if an image is large enough to use all the available sectors.

Let's consider this very simple scenario, with slots containing a single sector for the firmware image:

            PRIMARY                               SECONDARY
   +-----------------------+              +-----------------------+
   |        Firmware       |   Sector 0   |        (empty)        |
   +-----------------------+              +-----------------------+
   |        Trailer        |   Sector 1   |        Firmware       |
   +-----------------------+              +-----------------------+
                               Sector 2   |        Trailer        |
                                          +-----------------------+

Here, the swap-offset needs to swap a single sector and the index of the last sector of the primary slot to be swapped is 0.

However, the find_last_idx is in fact returning 1. And in the general case, it is returning the number of sectors to swap rather than the index of the last sector to swap.

In swap_run, this is causing the swap to be aborted because of a supposedly too large image if the image uses all the available sectors:

        if (last_idx >= first_trailer_idx) {
            BOOT_LOG_WRN("Not enough free space to run swap upgrade");
            BOOT_LOG_WRN("required %d bytes but only %d are available",
                         (last_idx + 1) * sector_sz,
                         first_trailer_idx * sector_sz);
            bs->swap_type = BOOT_SWAP_TYPE_NONE;
            return;
        }

@taltenbach
boot: bootutil: Fix last sector index computation for swap-offset
90fd59d 
When using swap-offset, the index of the last sector of the primary slot
that have to be swapped is computed at the beginning of the upgrade
process. This computation was in fact returning the number of sector to
swap rather than the index of the last sectpr (so N+1 instead of N).
This was causing the upgrade to fail for large image, using all the
available sectors.

Signed-off-by: Thomas Altenbach <[email protected]>
@nordicjm nordicjm merged commit 7330df7 into mcu-tools:main Feb 24, 2025
58 checks passed
@taltenbach taltenbach deleted the fix/swap-offset-last-sector-idx branch February 24, 2025 11:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nordicjm nordicjm nordicjm approved these changes

@davidvincze davidvincze Awaiting requested review from davidvincze davidvincze is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@taltenbach @nordicjm