Age | Commit message (Collapse) | Author |
|
|
|
Fetching a list of keys and all of their metadata isn't an atomic
process, nor, probably, should it be, so we need to cope with things
like a key being deleted via the RPC interface while we're fetching
its metadata for display on the console interface.
|
|
|
|
If hal_rpc_server_dispatch() returns an XDR decode error because the
request packet was too short, don't call Error_Handler() and kill the
dispatch thread, just drop the request.
Add more ibuf_queue entries, but don't panic and kill the dispatch thread
if we can't get one, just drop the incoming character (which will lead to
an XDR decode error if/when we finally get an ibuf).
|
|
|
|
We need to start with a long serial timeout, in order to catch the reboot
messages for a firmware upload (this has to be done through the bootloader).
But once we start sending the file, cut the serial timeout to 1ms. (I've
tested it down to 1us, but that may not work for everyone, and it doesn't
improve performance in a statistically significant way.)
This brings the time to upload a 4.5MB bitstream from 38:23 to 1:25.
|
|
|
|
|
|
|
|
|
|
|
|
The main loop in cryptech_upload:send_file() was much more complicated
than necessary, and also contained some hidden assumptions about
serial I/O timing which happened to fail on the first two machines I
tested. We already had a perfectly good buffered-input function, so
rewrote to use that, and simplified control structure in the process.
In theory, the new code should work in any environment where the old
one did, but this has not yet been confirmed.
|
|
|
|
Bootloader DFU fixes.
|
|
|
|
to flash. While we're at it, propagate error returns.
|
|
fix to cli-test, commit ae8ebce.
|
|
Drag in UART-related changes from master.
|
|
|
|
|
|
|
|
|
|
Using {-1} as a client handle in the CLI is a kludge, but the new
stricter libhal keystore code really wants us to be consistent about
this, so as long as any part of the CLI is using client {-1}, it all
needs to do so.
This still isn't really right, the CLI probably needs a different set
of access rules than those which apply to the RPC calls, but I'm
deferring that until we know what the "final" (for this branch)
version of the RPC API looks like, and have done whatever refactoring
might be required in the libhal keystore drivers.
|
|
|
|
|
|
Now that we're using more than just the first few sectors of the
keystore flash, we need a command to clear the whole thing.
This is not quite right yet, because it doesn't yet notify libhal's
ks_flash driver that the entire content of the flash has been yanked
out from under it.
In theory, we should be able to erase the entire flash in a single
operation using the bulk erase command command (0xC7), but I couldn't
get that to do anything (no error reported, no visible effect), so,
for now, we erase by sectors.
|
|
|
|
receive buffer with half-complete callbacks, and raise the dma priority.
|
|
|
|
|
|
|
|
Basic stuff like "keystore show keys", "keystore delete key", and the
PIN commands all work with the new keystore code.
Some of the management commands are still broken. Some of the old
management commands were using libhal-internal APIs for which no real
equivalent exists anymore. Some of the old management commands were
doing things that, um, never could have worked as written.
|
|
|
|
|
|
(dropped characters, improper handoff of message buffers).
Fixed by
a) changing the uart receiver from interrupt to DMA mode, and
b) replacing the dispatch mutex and rpc semaphore with a mail queue
(memory pool + message queue).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
'show' commands.
|
|
as name.
|
|
A lot of the commands were just useful when testing/implementing
features for the Alpha. Remove them now that they have been merged to
projects/cli-test.
|
|
Command parser now enforces little things like mutually-exclusive
required options so we warn users who attempt something silly.
Preferred source for uploads is now the firmware tarball installed
along with the client software; we still support uploading from an
explictly-specified source file, but one must now say "-i file".
Updating the bootloader is dangerous, we now say so and also require
an additional option before we'll even attempt it. For the record,
while testing this I did manage to brick my Alpha and had to use an
ST-LINK to recover, exactly as predicted by the new dire warning.
|
|
|
|
like ssh-agent.
|
|
Also, if the UART receive callback fails to re-enable receive (because
dispatch_thread is in the middle of transmitting a response), signal
dispatch_thread to re-enable receive after it's done.
|
|
|