In Mbed OS, each library has an `include/<library>/` subdirectory
containing headers. The recommended way to include a header is
`#include "<library>/<header>.h"` to avoid potential conflicts with
any external modules that have same names of headers.
This is not enforced yet, and both include/ and include/<component>/
are in a library's include paths, to avoid breaking preexisting
Mbed projects that don't follow the recommendation. But code within
Mbed OS should follow it at least.
This allows the entire QSPI class to be mocked/faked for unit testing
purpose, without dependencies from the real implementation such as
`qspi_free()` from the HAL.
The second byte of the sector map descriptor is the configuration ID.
On a device with non-configurable layout, the only available map
descriptor's configuration ID must be 0x00 as required by the
JESD216D standard. This value is important, because we will check
each descriptor's configuration ID when we support multiple
configurations.
Note: The test data is fake - when we modified real data of a
configurable device to become non-configurable for test purpose, we
forgot to change this field.
The SFDP functions parse SFDP data which is fetched by a callback
called `sfdp_reader` provided by {SPIF,QSPIF,OSPIF}BlockDevice.
Currently, this callback interface only takes a read address and an RX
buffer to store output data. This has been enough, because other SPI
parameters are always the same when fetching the SFDP table only -
they are just hardcoded in each reader.
But in the future we will add support for flash devices with multiple
configurations (in a subsequent commit), and to detect which
configuration is enabled, we will need to send detection commands
which require device-dependent SPI parameters:
* address size
* instruction
* dummy cycles
This commit
* turns the above SPI parameters from predefined/hardcoded values
into parameters of the callback
* lets the SFDP functions pass the above parameters to the callback
(Note: To read the SFDP table itself, those values are constants
defined by the standard, not tied to any particular device, so they
can be known to the SFDP functions)
* updates the callbacks implemented by {SPIF,QSPIF,OSPIF}BlockDevice
* updates the mock callback for unit tests and expectations
When passing an allocation size directly to `std::make_unique`,
`std::nothrow` is unavailable, so any failed allocation results in
an exception which we cannot catch because Mbed OS is compiled with
`-fno-exceptions`. To fix this, chain `std::make_unique` with
`new (std::nothrow)`, and the allocated `unique_ptr` retains the
`nullptr` property.
Macro MBED_ALIGN expands in C to _Alignas which can't be used in the
type declaration. This patch moves it to the first type definition
which makes this code compile properly in CPP and C.
The test case for multithreaded erase/program/read allocates a few
Thread objects from the heap and starts them. It has a few problems:
* To check that there will be enough heap to start a new thread, the
test case tries to allocate a dummy buffer of the thread's heap size
and then frees it, before starting the thread. Then the thread will
allocate its own stack. Such check is not reliable, because threads
that are already running also perform additional allocation (when
running `test_thread_job()`) and may take away the memory we just
checked.
* When deleting all threads in a loop, the loop boundary misses the
last thread if the last thread object was allocated but not started
(i.e. due to failed thread stack allocation check).
To fix the issues
* Start a thread without any allocation test. Following the preceding
commit "rtos: Thread: Make stack allocation failure runtime catchable",
`Thread::start()` now returns `osErrorNoMemory` if stack allocation
fails which we can handle.
* Store pointers to all threads in a zero-initialized array, and
free all elements at the end of the test.
When a Thread object's stack memory is not provided, its `start()`
member function dynamically allocates its stack from the heap. If
allocation fails, there is no way to catch it because
* `std::nothrow` is missing after the `new` keyword. As Mbed OS
is built with `-fno-exceptions` (C++ exceptions disabled), failed
allocation results in an unrecoverable fault.
* The attempted `nullptr` check, which doesn't work anyway due to
the first point, is an assertion instead of error returning.
Assertions should be used as a development tool to ensure code
behaves correctly. But out-of-memory is a completely valid runtime
situation.
This commit adds the missing `std::nothrow`, and makes `Thread::start()`
return `osErrorNoMemory` if allocation fails so the caller can handle
it.
Note: A case when a thread should never fail due to lack of memory
is the main thread. But the main thread's stack is a pre-allocated
array in the static memory, passed to the `Thread()` constructor
during thread creation, so it's not impacted by this change.
This patch contains improvements mentioned in the unresolved PR
comments:
- function names were changed from socket_sendmsg/socket_recvmsg to
socket_sendto_control/socket_recvfrom_control.
- default implementation of this functions was provided in the
NetworkStack class.
- MsgHeaderIterator accesses elements on the aligned addresses.
Change MCUboot image versioning to meet requirements below:
1. Major.Minor.Revision must be non-decremental when used to derive security counter (-s 'auto').
2. Make Major.Minor.Revision+Build incremental to identify the firmware itself through psa_fwu_query().
3. Get around MCUboot failure with TF-M underestimated MAX_BOOT_RECORD_SZ
Import mcu partition header (renamed to partition_M2354_im.h) for resolving peripheral base with security.
Though Mbed is non-secure only and needn't secure peripheral base, some BSP driver code still rely on it.
Jerome Coutant
Lingkai Dong
Martin Kojtal
Jaeden Amero
mateusz.kalinowski
Saheer
Charles
Rajkumar Kanagaraj
Chun-Chieh Li