[FL-2263] Flasher service & RAM exec (#1006)

* WIP on stripping fw
* Compact FW build - use RAM_EXEC=1 COMPACT=1 DEBUG=0
* Fixed uninitialized storage struct; small fixes to compact fw
* Flasher srv w/mocked flash ops
* Fixed typos & accomodated FFF changes
* Alternative fw startup branch
* Working load & jmp to RAM fw
* +manifest processing for stage loader; + crc verification for stage payload
* Fixed questionable code & potential leaks
* Lowered screen update rate; added radio stack update stubs; working dfu write
* Console EP with manifest & stage validation
* Added microtar lib; minor ui fixes for updater
* Removed microtar
* Removed mtar #2
* Added a better version of microtar
* TAR archive api; LFS backup & restore core
* Recursive backup/restore
* LFS worker thread
* Added system apps to loader - not visible in UI; full update process with restarts
* Typo fix
* Dropped BL & f6; tooling for updater WIP
* Minor py fixes
* Minor fixes to make it build after merge
* Ported flash workaround from BL + fixed visuals
* Minor cleanup
* Chmod + loader app search fix
* Python linter fix
* Removed usb stuff & float read support for staged loader == -10% of binary size
* Added backup/restore & update pb requests
* Added stub impl to RPC for backup/restore/update commands
* Reworked TAR to use borrowed Storage api; slightly reduced build size by removing `static string`; hidden update-related RPC behind defines
* Moved backup&restore to storage
* Fixed new message types
* Backup/restore/update RPC impl
* Moved furi_hal_crc to LL; minor fixes
* CRC HAL rework to LL
* Purging STM HAL
* Brought back minimal DFU boot mode (no gui); additional crc state checks
* Added splash screen, BROKEN usb function
* Clock init rework WIP
* Stripped graphics from DFU mode
* Temp fix for unused static fun
* WIP update picker - broken!
* Fixed UI
* Bumping version
* Fixed RTC setup
* Backup to update folder instead of ext root
* Removed unused scenes & more usb remnants from staged loader
* CI updates
* Fixed update bundle name
* Temporary restored USB handler
* Attempt to prevent .text corruption
* Comments on how I spent this Saturday
* Added update file icon
* Documentation updates
* Moved common code to lib folder
* Storage: more unit tests
* Storage: blocking dir open, differentiate file and dir when freed.
* Major refactoring; added input processing to updater to allow retrying on failures (not very useful prob). Added API for extraction of thread return value
* Removed re-init check for manifest
* Changed low-level path manipulation to toolbox/path.h; makefile cleanup; tiny fix in lint.py
* Increased update worker stack size
* Text fixes in backup CLI
* Displaying number of update stages to run; removed timeout in handling errors
* Bumping version
* Added thread cleanup for spawner thread
* Updated build targets to exclude firmware bundle from 'ALL'
* Fixed makefile for update_package; skipping VCP init for update mode (ugly)
* Switched github build from ALL to update_package
* Added +x for dist_update.sh
* Cli: add total heap size to "free" command
* Moved (RAM) suffix to build version instead of git commit no.
* DFU comment
* Some fixes suggested by clang-tidy
* Fixed recursive PREFIX macro
* Makefile: gather all new rules in updater namespace. FuriHal: rename bootloader to boot, isr safe delays
* Github: correct build target name in firmware build
* FuriHal: move target switch to boot
* Makefile: fix firmware flash
* Furi, FuriHal: move kernel start to furi, early init
* Drop bootloader related stuff
* Drop cube. Drop bootloader linker script.
* Renamed update_hl, moved constants to #defines
* Moved update-related boot mode to separate bitfield
* Reworked updater cli to single entry point; fixed crash on tar cleanup
* Added Python replacement for dist shell scripts
* Linter fixes for dist.py +x
* Fixes for environment suffix
* Dropped bash scripts
* Added dirty build flag to version structure & interfaces
* Version string escapes
* Fixed flag logic in dist.py; added support for App instances being imported and not terminating the whole program
* Fixed fw address in ReadMe.md
* Rpc: fix crash on double screen start
* Return back original boot behavior and fix jump to system bootloader
* Cleanup code, add error sequence for RTC
* Update firmware readme
* FuriHal: drop boot, restructure RTC registers usage and add header register check
* Furi goes first
* Toolchain: add ccache support
* Renamed update bundle dir

Co-authored-by: DrZlo13 <who.just.the.doctor@gmail.com>
Co-authored-by: あく <alleteam@gmail.com>

applications/updater/util/update_task.c

@@ -0,0 +1,226 @@
+#include "update_task.h"
+#include "update_task_i.h"
+
+#include <furi.h>
+#include <furi_hal.h>
+#include <storage/storage.h>
+#include <toolbox/path.h>
+#include <update_util/dfu_file.h>
+#include <update_util/lfs_backup.h>
+#include <update_util/update_operation.h>
+
+static const char* update_task_stage_descr[] = {
+    [UpdateTaskStageProgress] = "...",
+    [UpdateTaskStageReadManifest] = "Loading update manifest",
+    [UpdateTaskStageValidateDFUImage] = "Checking DFU file",
+    [UpdateTaskStageFlashWrite] = "Writing flash",
+    [UpdateTaskStageFlashValidate] = "Validating",
+    [UpdateTaskStageRadioWrite] = "Writing radio stack",
+    [UpdateTaskStageRadioCommit] = "Applying radio stack",
+    [UpdateTaskStageLfsBackup] = "Backing up LFS",
+    [UpdateTaskStageLfsRestore] = "Restoring LFS",
+    [UpdateTaskStageComplete] = "Complete",
+    [UpdateTaskStageError] = "Error",
+};
+
+static void update_task_set_status(UpdateTask* update_task, const char* status) {
+    if(!status) {
+        if(update_task->state.stage >= COUNT_OF(update_task_stage_descr)) {
+            status = "...";
+        } else {
+            status = update_task_stage_descr[update_task->state.stage];
+        }
+    }
+    string_set_str(update_task->state.status, status);
+}
+
+void update_task_set_progress(UpdateTask* update_task, UpdateTaskStage stage, uint8_t progress) {
+    if(stage != UpdateTaskStageProgress) {
+        update_task->state.stage = stage;
+        update_task->state.current_stage_idx++;
+        update_task_set_status(update_task, NULL);
+    }
+
+    if(progress > 100) {
+        progress = 100;
+    }
+
+    update_task->state.progress = progress;
+    if(update_task->status_change_cb) {
+        (update_task->status_change_cb)(
+            string_get_cstr(update_task->state.status),
+            progress,
+            update_task->state.current_stage_idx,
+            update_task->state.total_stages,
+            update_task->state.stage == UpdateTaskStageError,
+            update_task->status_change_cb_state);
+    }
+}
+
+static void update_task_close_file(UpdateTask* update_task) {
+    furi_assert(update_task);
+    if(!storage_file_is_open(update_task->file)) {
+        return;
+    }
+
+    storage_file_close(update_task->file);
+}
+
+static bool update_task_check_file_exists(UpdateTask* update_task, string_t filename) {
+    furi_assert(update_task);
+    string_t tmp_path;
+    string_init_set(tmp_path, update_task->update_path);
+    path_append(tmp_path, string_get_cstr(filename));
+    bool exists =
+        (storage_common_stat(update_task->storage, string_get_cstr(tmp_path), NULL) == FSE_OK);
+    string_clear(tmp_path);
+    return exists;
+}
+
+bool update_task_open_file(UpdateTask* update_task, string_t filename) {
+    furi_assert(update_task);
+    update_task_close_file(update_task);
+
+    string_t tmp_path;
+    string_init_set(tmp_path, update_task->update_path);
+    path_append(tmp_path, string_get_cstr(filename));
+    bool open_success = storage_file_open(
+        update_task->file, string_get_cstr(tmp_path), FSAM_READ, FSOM_OPEN_EXISTING);
+    string_clear(tmp_path);
+    return open_success;
+}
+
+static void update_task_worker_thread_cb(FuriThreadState state, void* context) {
+    UpdateTask* update_task = context;
+
+    if(state != FuriThreadStateStopped) {
+        return;
+    }
+
+    int32_t op_result = furi_thread_get_return_code(update_task->thread);
+    if(op_result == UPDATE_TASK_NOERR) {
+        osDelay(UPDATE_DELAY_OPERATION_OK);
+        furi_hal_power_reset();
+    }
+}
+
+UpdateTask* update_task_alloc() {
+    UpdateTask* update_task = malloc(sizeof(UpdateTask));
+
+    update_task->state.stage = UpdateTaskStageProgress;
+    update_task->state.progress = 0;
+    string_init(update_task->state.status);
+
+    update_task->manifest = update_manifest_alloc();
+    update_task->storage = furi_record_open("storage");
+    update_task->file = storage_file_alloc(update_task->storage);
+    update_task->status_change_cb = NULL;
+
+    FuriThread* thread = update_task->thread = furi_thread_alloc();
+
+    furi_thread_set_name(thread, "UpdateWorker");
+    furi_thread_set_stack_size(thread, 5120);
+    furi_thread_set_context(thread, update_task);
+
+    furi_thread_set_state_callback(thread, update_task_worker_thread_cb);
+    furi_thread_set_state_context(thread, update_task);
+#ifdef FURI_RAM_EXEC
+    UNUSED(update_task_worker_backup_restore);
+    furi_thread_set_callback(thread, update_task_worker_flash_writer);
+#else
+    UNUSED(update_task_worker_flash_writer);
+    furi_thread_set_callback(thread, update_task_worker_backup_restore);
+#endif
+
+    return update_task;
+}
+
+void update_task_free(UpdateTask* update_task) {
+    furi_assert(update_task);
+
+    furi_thread_join(update_task->thread);
+
+    furi_thread_free(update_task->thread);
+    update_task_close_file(update_task);
+    storage_file_free(update_task->file);
+    update_manifest_free(update_task->manifest);
+
+    furi_record_close("storage");
+    string_clear(update_task->update_path);
+
+    free(update_task);
+}
+
+bool update_task_init(UpdateTask* update_task) {
+    furi_assert(update_task);
+    string_init(update_task->update_path);
+    return true;
+}
+
+bool update_task_parse_manifest(UpdateTask* update_task) {
+    furi_assert(update_task);
+    update_task_set_progress(update_task, UpdateTaskStageReadManifest, 0);
+    bool result = false;
+    string_t manifest_path;
+    string_init(manifest_path);
+
+    do {
+        update_task_set_progress(update_task, UpdateTaskStageProgress, 10);
+        if(!update_operation_get_current_package_path(
+               update_task->storage, update_task->update_path)) {
+            break;
+        }
+
+        path_concat(
+            string_get_cstr(update_task->update_path),
+            UPDATE_MANIFEST_DEFAULT_NAME,
+            manifest_path);
+        update_task_set_progress(update_task, UpdateTaskStageProgress, 30);
+        if(!update_manifest_init(update_task->manifest, string_get_cstr(manifest_path))) {
+            break;
+        }
+
+        update_task_set_progress(update_task, UpdateTaskStageProgress, 50);
+        if(!string_empty_p(update_task->manifest->firmware_dfu_image) &&
+           !update_task_check_file_exists(update_task, update_task->manifest->firmware_dfu_image)) {
+            break;
+        }
+
+        update_task_set_progress(update_task, UpdateTaskStageProgress, 70);
+        if(!string_empty_p(update_task->manifest->radio_image) &&
+           !update_task_check_file_exists(update_task, update_task->manifest->radio_image)) {
+            break;
+        }
+
+        update_task_set_progress(update_task, UpdateTaskStageProgress, 100);
+        result = true;
+    } while(false);
+
+    string_clear(manifest_path);
+    return result;
+}
+
+void update_task_set_progress_cb(UpdateTask* update_task, updateProgressCb cb, void* state) {
+    update_task->status_change_cb = cb;
+    update_task->status_change_cb_state = state;
+}
+
+bool update_task_start(UpdateTask* update_task) {
+    furi_assert(update_task);
+    return furi_thread_start(update_task->thread);
+}
+
+bool update_task_is_running(UpdateTask* update_task) {
+    furi_assert(update_task);
+    return furi_thread_get_state(update_task->thread) == FuriThreadStateRunning;
+}
+
+UpdateTaskState const* update_task_get_state(UpdateTask* update_task) {
+    furi_assert(update_task);
+    return &update_task->state;
+}
+
+UpdateManifest const* update_task_get_manifest(UpdateTask* update_task) {
+    furi_assert(update_task);
+    return update_task->manifest;
+}

applications/updater/util/update_task.h

@@ -0,0 +1,66 @@
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <update_util/update_manifest.h>
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <m-string.h>
+
+#define UPDATE_DELAY_OPERATION_OK 600
+#define UPDATE_DELAY_OPERATION_ERROR INT_MAX
+
+typedef enum {
+    UpdateTaskStageProgress,
+    UpdateTaskStageReadManifest,
+    UpdateTaskStageValidateDFUImage,
+    UpdateTaskStageFlashWrite,
+    UpdateTaskStageFlashValidate,
+    UpdateTaskStageRadioWrite,
+    UpdateTaskStageRadioCommit,
+    UpdateTaskStageLfsBackup,
+    UpdateTaskStageLfsRestore,
+    UpdateTaskStageComplete,
+    UpdateTaskStageError,
+} UpdateTaskStage;
+
+typedef struct {
+    UpdateTaskStage stage;
+    uint8_t progress;
+    uint8_t current_stage_idx;
+    uint8_t total_stages;
+    string_t status;
+} UpdateTaskState;
+
+typedef struct UpdateTask UpdateTask;
+
+typedef void (*updateProgressCb)(
+    const char* status,
+    const uint8_t stage_pct,
+    const uint8_t idx_stage,
+    const uint8_t total_stages,
+    bool failed,
+    void* state);
+
+UpdateTask* update_task_alloc();
+
+void update_task_free(UpdateTask* update_task);
+
+bool update_task_init(UpdateTask* update_task);
+
+void update_task_set_progress_cb(UpdateTask* update_task, updateProgressCb cb, void* state);
+
+bool update_task_start(UpdateTask* update_task);
+
+bool update_task_is_running(UpdateTask* update_task);
+
+UpdateTaskState const* update_task_get_state(UpdateTask* update_task);
+
+UpdateManifest const* update_task_get_manifest(UpdateTask* update_task);
+
+#ifdef __cplusplus
+}
+#endif

applications/updater/util/update_task_i.h

@@ -0,0 +1,24 @@
+#pragma once
+
+#include <storage/storage.h>
+
+#define UPDATE_TASK_NOERR 0
+#define UPDATE_TASK_FAILED -1
+
+typedef struct UpdateTask {
+    UpdateTaskState state;
+    string_t update_path;
+    UpdateManifest* manifest;
+    FuriThread* thread;
+    Storage* storage;
+    File* file;
+    updateProgressCb status_change_cb;
+    void* status_change_cb_state;
+} UpdateTask;
+
+void update_task_set_progress(UpdateTask* update_task, UpdateTaskStage stage, uint8_t progress);
+bool update_task_parse_manifest(UpdateTask* update_task);
+bool update_task_open_file(UpdateTask* update_task, string_t filename);
+
+int32_t update_task_worker_flash_writer(void* context);
+int32_t update_task_worker_backup_restore(void* context);

applications/updater/util/update_task_workers.c

@@ -0,0 +1,148 @@
+#include "update_task.h"
+#include "update_task_i.h"
+
+#include <furi.h>
+#include <furi_hal.h>
+#include <storage/storage.h>
+#include <toolbox/path.h>
+#include <update_util/dfu_file.h>
+#include <update_util/lfs_backup.h>
+#include <update_util/update_operation.h>
+
+#define CHECK_RESULT(x) \
+    if(!(x)) {          \
+        break;          \
+    }
+
+#define STM_DFU_VENDOR_ID 0x0483
+#define STM_DFU_PRODUCT_ID 0xDF11
+/* Written into DFU file by build pipeline */
+#define FLIPPER_ZERO_DFU_DEVICE_CODE 0xFFFF
+
+static const DfuValidationParams flipper_dfu_params = {
+    .device = FLIPPER_ZERO_DFU_DEVICE_CODE,
+    .product = STM_DFU_PRODUCT_ID,
+    .vendor = STM_DFU_VENDOR_ID,
+};
+
+static void update_task_dfu_progress(const uint8_t progress, void* context) {
+    UpdateTask* update_task = context;
+    update_task_set_progress(update_task, UpdateTaskStageProgress, progress);
+}
+
+static bool page_task_compare_flash(
+    const uint8_t i_page,
+    const uint8_t* update_block,
+    uint16_t update_block_len) {
+    const size_t page_addr = furi_hal_flash_get_base() + furi_hal_flash_get_page_size() * i_page;
+    return (memcmp(update_block, (void*)page_addr, update_block_len) == 0);
+}
+
+/* Verifies a flash operation address for fitting into writable memory
+ */
+static bool check_address_boundaries(const size_t address) {
+    const size_t min_allowed_address = furi_hal_flash_get_base();
+    const size_t max_allowed_address = (size_t)furi_hal_flash_get_free_end_address();
+    return ((address >= min_allowed_address) && (address < max_allowed_address));
+}
+
+int32_t update_task_worker_flash_writer(void* context) {
+    furi_assert(context);
+    UpdateTask* update_task = context;
+    bool success = false;
+    DfuUpdateTask page_task = {
+        .address_cb = &check_address_boundaries,
+        .progress_cb = &update_task_dfu_progress,
+        .task_cb = &furi_hal_flash_program_page,
+        .context = update_task,
+    };
+
+    update_task->state.current_stage_idx = 0;
+    update_task->state.total_stages = 4;
+
+    do {
+        CHECK_RESULT(update_task_parse_manifest(update_task));
+
+        if(!string_empty_p(update_task->manifest->firmware_dfu_image)) {
+            update_task_set_progress(update_task, UpdateTaskStageValidateDFUImage, 0);
+            CHECK_RESULT(
+                update_task_open_file(update_task, update_task->manifest->firmware_dfu_image));
+            CHECK_RESULT(
+                dfu_file_validate_crc(update_task->file, &update_task_dfu_progress, update_task));
+
+            const uint8_t valid_targets =
+                dfu_file_validate_headers(update_task->file, &flipper_dfu_params);
+            if(valid_targets == 0) {
+                break;
+            }
+
+            update_task_set_progress(update_task, UpdateTaskStageFlashWrite, 0);
+            CHECK_RESULT(dfu_file_process_targets(&page_task, update_task->file, valid_targets));
+
+            page_task.task_cb = &page_task_compare_flash;
+
+            update_task_set_progress(update_task, UpdateTaskStageFlashValidate, 0);
+            CHECK_RESULT(dfu_file_process_targets(&page_task, update_task->file, valid_targets));
+        }
+
+        update_task_set_progress(update_task, UpdateTaskStageComplete, 100);
+
+        furi_hal_rtc_set_boot_mode(FuriHalRtcBootModePostUpdate);
+
+        success = true;
+    } while(false);
+
+    if(!success) {
+        update_task_set_progress(update_task, UpdateTaskStageError, update_task->state.progress);
+    }
+
+    return success ? UPDATE_TASK_NOERR : UPDATE_TASK_FAILED;
+}
+
+int32_t update_task_worker_backup_restore(void* context) {
+    furi_assert(context);
+    UpdateTask* update_task = context;
+    bool success = false;
+
+    FuriHalRtcBootMode boot_mode = furi_hal_rtc_get_boot_mode();
+    if((boot_mode != FuriHalRtcBootModePreUpdate) && (boot_mode != FuriHalRtcBootModePostUpdate)) {
+        // no idea how we got here. Clear to normal boot
+        furi_hal_rtc_set_boot_mode(FuriHalRtcBootModeNormal);
+        return UPDATE_TASK_NOERR;
+    }
+
+    update_task->state.current_stage_idx = 0;
+    update_task->state.total_stages = 1;
+
+    if(!update_operation_get_current_package_path(update_task->storage, update_task->update_path)) {
+        return UPDATE_TASK_FAILED;
+    }
+
+    string_t backup_file_path;
+    string_init(backup_file_path);
+    path_concat(
+        string_get_cstr(update_task->update_path), LFS_BACKUP_DEFAULT_FILENAME, backup_file_path);
+
+    if(boot_mode == FuriHalRtcBootModePreUpdate) {
+        update_task_set_progress(update_task, UpdateTaskStageLfsBackup, 0);
+        furi_hal_rtc_set_boot_mode(FuriHalRtcBootModeNormal); // to avoid bootloops
+        if((success =
+                lfs_backup_create(update_task->storage, string_get_cstr(backup_file_path)))) {
+            furi_hal_rtc_set_boot_mode(FuriHalRtcBootModeUpdate);
+        }
+    } else if(boot_mode == FuriHalRtcBootModePostUpdate) {
+        update_task_set_progress(update_task, UpdateTaskStageLfsRestore, 0);
+        furi_hal_rtc_set_boot_mode(FuriHalRtcBootModeNormal);
+        success = lfs_backup_unpack(update_task->storage, string_get_cstr(backup_file_path));
+    }
+
+    if(success) {
+        update_task_set_progress(update_task, UpdateTaskStageComplete, 100);
+    } else {
+        update_task_set_progress(update_task, UpdateTaskStageError, update_task->state.progress);
+    }
+
+    string_clear(backup_file_path);
+
+    return success ? UPDATE_TASK_NOERR : UPDATE_TASK_FAILED;
+}