aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-04-29Port cli-test to the new task API.Paul Selkirk
2017-04-29Remove exception handlders that I probably shouldn't have defined in the ↵Paul Selkirk
first place.
2017-04-29Remove rtos source files.Paul Selkirk
2017-04-27Replace the RTOS with a simple cooperative tasker.Paul Selkirk
There are no priorities and no preemption, so tasks run in a round-robin fashion, and explicitly yield control.
2017-04-17Rewrite the wait-for-ready loop in uart_send_bytes() to actually work.Paul Selkirk
2017-04-17Add a short delay to osMailAlloc, since we're no longer calling it in an ISR.Paul Selkirk
2017-04-17Use default SysTick interrupt priority.Paul Selkirk
We really don't want SysTick_Handler, which runs the task scheduler, to run at a higher priority than SVC_Handler, which runs supposedly-atomic operations like mutex locking and unlocking. I've seen a mutex lock/unlock mismatch which I think is due to interrupting rt_mut_release at a particularly inopportune moment.
2017-04-17Merge remote-tracking branch 'origin/uart_rx_thread' into ksngPaul Selkirk
2017-04-16Switch to libhal's CRC-32 code.Rob Austein
2017-04-15Missing include files, doh.Rob Austein
2017-04-15sw/stm32 Makefiles are a mess.Rob Austein
Apparently it's easier to duplicate source files into multiple project directories than to write Makefiles that do something sane. Feh.
2017-04-15Move hal_log() support to separate module.Rob Austein
2017-04-15Logging implementation for Alpha hardware.Rob Austein
2017-04-12Handle race condition while fetching key metadata for display.Rob Austein
Fetching a list of keys and all of their metadata isn't an atomic process, nor, probably, should it be, so we need to cope with things like a key being deleted via the RPC interface while we're fetching its metadata for display on the console interface.
2017-04-11Track API changes on sw/libhal pkcs8 branch.Rob Austein
2017-04-01Change RPC UART to have a high-priority thread monitoring a large(ish) DMAPaul Selkirk
buffer, because we've observed out-of-order receives under load.
2017-03-02Try to be a bit more robust in the face of normal errors.Paul Selkirk
If hal_rpc_server_dispatch() returns an XDR decode error because the request packet was too short, don't call Error_Handler() and kill the dispatch thread, just drop the request. Add more ibuf_queue entries, but don't panic and kill the dispatch thread if we can't get one, just drop the incoming character (which will lead to an XDR decode error if/when we finally get an ibuf).
2017-02-23Add --pin and --quiet options.Paul Selkirk
2017-02-23Speed up file upload enormously.Paul Selkirk
We need to start with a long serial timeout, in order to catch the reboot messages for a firmware upload (this has to be done through the bootloader). But once we start sending the file, cut the serial timeout to 1ms. (I've tested it down to 1us, but that may not work for everyone, and it doesn't improve performance in a statistically significant way.) This brings the time to upload a 4.5MB bitstream from 38:23 to 1:25.
2017-02-22Refactor flash code.Paul Selkirk
2017-02-21Use libcli return codes where appropriate; show whether PINs are set.Paul Selkirk
2017-02-21Use bulk erase in the one place it makes sense.Paul Selkirk
2017-02-20Move dangerous auto_erase functionality to where it's actually used.Paul Selkirk
2017-02-19Remove unnecessary delays in flash code.Paul Selkirk
2017-02-19Simplify spiflash test code slightly, add keystore test code.Paul Selkirk
2017-02-15Add performance tests for spiflash_n25q128.cPaul Selkirk
2017-02-15Add n25q128_erase_bulkPaul Selkirk
2017-02-02Add locking around keystore operations.Rob Austein
2016-12-23Don't wrap key number in "keystore show keys".Rob Austein
2016-12-21Initialize PINs before trying to use them in bootloader.Rob Austein
2016-12-21Rewrite core upload loop to simplify and fix race conditions.Rob Austein
The main loop in cryptech_upload:send_file() was much more complicated than necessary, and also contained some hidden assumptions about serial I/O timing which happened to fail on the first two machines I tested. We already had a perfectly good buffered-input function, so rewrote to use that, and simplified control structure in the process. In theory, the new code should work in any environment where the old one did, but this has not yet been confirmed.
2016-12-20Flush output to serial device after writing.Rob Austein
2016-12-20Merge branch 'master' into ksngRob Austein
Bootloader DFU fixes.
2016-12-20Make stm_flash_sector_num a little more efficient.Paul Selkirk
2016-12-20The bootloader upgrade reboots now, so we don't need to log out of the CLI.Paul Selkirk
2016-12-20Fix bootloader upload callback routine to write the correct number of bytes ↵Paul Selkirk
to flash. While we're at it, propagate error returns.
2016-12-20cli_receive_data: re-enable UART DMA before returning. Based on Fredrik's ↵Paul Selkirk
fix to cli-test, commit ae8ebce.
2016-12-19Merge branch 'master' into ksng.Rob Austein
Drag in UART-related changes from master.
2016-11-25Add debugging code to cryptech_upload.Rob Austein
2016-11-15Reinitialize keystore data structures after wiping keystore flash.Rob Austein
2016-11-14Track removal of hal_rpc_pkey_list().Rob Austein
2016-11-14hal_rpc_pkey_find() -> hal_rpc_pkey_open().Rob Austein
2016-11-02Wait for WIP to clear before returning from erase operations too.Rob Austein
Wrong-block-type race condition errors went away after adding the WIP check after flash write operations, then came back once (isolated incident) while running a series of tests which had written enough flash blocks that ks_flash may have finally had to erase something rather than just zeroing. Code inspection confirmed that the erase code was not waiting for WIP to clear before exiting. Difficult to prove that this was the cause of an unreproducible failure, but seems like a likely candidate given previous behavior and change should be harmless, so adding it. Timeout for this flag check is 2000 ms, which is what other erase-related WIP flag checks were already using.
2016-11-01Tweak CLI keystore commands for latest libhal RPC keystore API.Rob Austein
Using {-1} as a client handle in the CLI is a kludge, but the new stricter libhal keystore code really wants us to be consistent about this, so as long as any part of the CLI is using client {-1}, it all needs to do so. This still isn't really right, the CLI probably needs a different set of access rules than those which apply to the RPC calls, but I'm deferring that until we know what the "final" (for this branch) version of the RPC API looks like, and have done whatever refactoring might be required in the libhal keystore drivers.
2016-11-01Don't return from flash write calls until WIP flag clears.Rob Austein
Absence of this check created a nasty race condition in sw/libhal/ks_flash.c, which didn't show up until we had test code which attempted to delete a long series of keys in quick succession. I'm not aware of any sane reason why we would ever want to skip this check, so it's unconditional and applies to all of the SPI flash code, not just the keystore flash code.
2016-10-09Track changes to libhal pkey API.Rob Austein
2016-10-07Track changes to libhal RPC pkey API.Rob Austein
2016-10-07strcasecmp() is not a standard function.Rob Austein
2016-09-27"keystore erase" now clears entire keystore flash.Rob Austein
Now that we're using more than just the first few sectors of the keystore flash, we need a command to clear the whole thing. This is not quite right yet, because it doesn't yet notify libhal's ks_flash driver that the entire content of the flash has been yanked out from under it. In theory, we should be able to erase the entire flash in a single operation using the bulk erase command command (0xC7), but I couldn't get that to do anything (no error reported, no visible effect), so, for now, we erase by sectors.
2016-09-26Fix function pointer type, typo in variable name.Rob Austein