Re: PWM API

2016-04-04 Thread p...@wrada.com 
Thanks for your patience everyone.

I went to write the PWM drivers for Arduino Zero and learned a lot that I
wanted to share.

1) First, I agree that we should set duty cycle in fractional 16-bit.  I
experimented with it and found your observations correct.
2) Arduino (SAMD21G) has two different types of PWM hardware internally,
TC and TCC. There is a key difference that will affect even this simple
API.
3) The multichannel support is challenging to abstract in a Hal, so I
suspect folks that need that will need a specific API for their control
purpose (I.e. synchronous Steppers)

The TC (when running in 16-bit mode) supports only the CC register
(Capture).  This allows us to set the duty cycle of the PWM waveform, the
but period must be specified by the source CLOCK and a binary divide
ratio.   That means that setting of accurate frequency is not really
possible (other than to a factor of 2-16 depending on your luck). For
example, with an 8 Mhz clock driving the PWM, we get frequencies of 122 Hz
(800/65536) for the PWM. I can increase the GCLK, but that seems to
give flicker free operation and is the default config of the device. You
can divide this down, but that produces geometrically lower frequencies.
NOTE: when running in 8-bit mode, you can have control over both the CC
and period values and we could get better freq control, but the resolution
is quite poor.  There’s another gotcha with the TC channels.  Each TC
drives two PWM channels, but there is only a single source clock (and a
single period in 8-bit mode) for the two of them so two TC channels cannot
set coarse frequency independently. This is evident on Arduino zero D10
and D12 (also A1 and A2) which run off the same TC.

The TCC (when running in 16-bit mode) supports the CC and period register.
This allows very fined grained control over the PWM frequency and duty
cycle. There is one more catch which is the TCC supports 4 CC channels but
only has one source clock and one Period register (Arduino D13 and D11 and
also A3,A4,D9).   

Which brings me to the discussion here…

Since there is only one source clock per TC or TCC device, I set the
source clock divider in the BSP.  This is the reasonable place to set this
as its the place where you know what is routed where on your board and
what freqs you want. The BSP also sets the source clock frequency.

I created the following API,modifying my proposal taking the advice of the
folks on this thread:

struct hal_pwm* hal_pwm_init(enum system_device_id sysid);
Int hal_pwm_off(struct hal_pwm *ppwm);
Int hal_pwm_enable_duty_cycle(struct hal_pwm *ppwm, uint16_t fraction);
Int hal_pwm_enable_waveform(struct hal_pwm *ppwm, uint32_t on_clocks);
Int hal_pwm_get_clock_freq(struct hal_pwm *ppwm);
Int hal_pwm_get_resolution_bits(struct hal_pwm *ppwm);

NOTE: There are two different ways to enable the device.  One based on
duty cycle and another base on source clocks (exact).

Someone on the thread suggested setting frequency and duty_cycle in a
single Api, but some of the Arduino devices don’t support setting
frequency (see above) and some do, so I though that the API would be
better split.  But, this brings up all the concerns with Greg and Will
below, mainly “What if you had a separate API for frequency and duty etc)…

My desire to make beeps that sound like donkey kong is too strong (go
runtime), so I want to allow an API that sets the frequency.


So based on the following assumptions, I will propose something new.
1) the BSP will set the frequency into the right ballpark since some
controller don’t have fine grained frequency control
2) Aside from that, any super fine tuning of frequency is likely to be for
audio control or other non duty cycle based operation
3) Anyone doing anything super fancy with these multi-channel controllers
will likely use the direct hardware API or a future more complicated
abstractions

I propose to:
1) remove the hal_pwm_enable_waveform (which I wanted) accepting that the
16-bit duty cycle is plenty of fine-grained control

Add one of the two following APIs with a note that they are not supported
on all controllers.

1) hal_pwm_enable_freq(struct hal_pwm *ppwm, uint32_t freq_hz); ― set the
frequency in Hz with 50 % duty cycle.
2) hal_pwm_enable_freq(struct hal_pwm *ppwm, uint32_t freq_hz, uint16_t
duty); ― set the frequency in Hz and duty cycle as fractional 16-bit value;

But either of these begs the question.

1) What if I set the frequency with either of these Apis and then call
hal_pwm_enable_duty_cycle.  Does it reset the frequency or just change the
duty cycle?  How do I restore the default frequency.  Seems like I would
have to do the former (reset the freq).

My plan if I don’t hear better advice, will be to implement #1 and
document that you can set frequency or duty cycle dynamically in the API
but to both. #1.


Paul



On 3/31/16, 2:33 PM, "will sanfilippo"  wrote:

>Comments…
>
>> On Mar 31, 2016, at 1:59 AM, Greg Stein  wrote:
>> 
>> On Mar 30, 2016 11:48 PM

Re: Testing rhe libs/shell

2016-04-04 Thread Nges B 
Ok .I got it.
Thanks

On 4/5/16, Sterling Hughes  wrote:
>
>>
>> FROM:
>>
>>  repository.apache-mynewt-core:
>>  type: github
>>  vers: 0-latest
>>  user: apache
>>  repo: incubator-mynewt-core
>>
>> TO:
>>
>>  repository.apache-mynewt-core:
>>  type: github
>>  vers: 0.0.0
>>  user: apache
>>  repo: incubator-mynewt-core
>>
>> Note that the develop branch my be broken at any time, so it is only
>> recommended for testing and development.  Also, it is likely to be
>> incompatible with non-develop-branches of other repositories (e.g., newt
>> tool and arduino repo).
>>
>
> Also note, that 0-dev works.  I added a tag for that the other day, for
> remote projects that want to track dev.
>
> Sterling
>


-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Re: Testing rhe libs/shell

2016-04-04 Thread Sterling Hughes 




FROM:

 repository.apache-mynewt-core:
 type: github
 vers: 0-latest
 user: apache
 repo: incubator-mynewt-core

TO:

 repository.apache-mynewt-core:
 type: github
 vers: 0.0.0
 user: apache
 repo: incubator-mynewt-core

Note that the develop branch my be broken at any time, so it is only
recommended for testing and development.  Also, it is likely to be
incompatible with non-develop-branches of other repositories (e.g., newt
tool and arduino repo).



Also note, that 0-dev works.  I added a tag for that the other day, for 
remote projects that want to track dev.


Sterling

Re: Testing rhe libs/shell

2016-04-04 Thread Christopher Collins 
On Mon, Apr 04, 2016 at 11:55:54PM +0100, Nges B wrote:
> in a new created project , the newt test all fails the libs/json .
> the jlibs/json was not corrected on that repository.
> Thanks

It looks like this particular fix was already pushed to the develop
branch on 2016-03-21 (e8a365bd766ac2963ca9c757175889caf5f12461).

The reason you still see the test failure in a newly created project is
that newt's default behavior is to use the mynewt_0_8_0_b2_tag, not the
develop branch.  The json unit test fix will be visible by default in
the next release of the core repository.

If you want to try out the fix, you can configure your project to use
the develop branch of core.  Do this by changing your project.yml file
to use core 0.0.0 as follows:

FROM:

repository.apache-mynewt-core:
type: github
vers: 0-latest
user: apache
repo: incubator-mynewt-core

TO:

repository.apache-mynewt-core:
type: github
vers: 0.0.0
user: apache
repo: incubator-mynewt-core

Note that the develop branch my be broken at any time, so it is only
recommended for testing and development.  Also, it is likely to be
incompatible with non-develop-branches of other repositories (e.g., newt
tool and arduino repo).

Thanks for submitting the pull request.  As this particular fix was
already implemented, I will close the request, but please submit more if
you find other issues

Chris

Re: Testing rhe libs/shell

2016-04-04 Thread aditi hilbert 
Nges,

That unfortunately (or fortunately) will keep changing as the project evolves. 
So the right thing to do it to make it clear that it’s a snapshot at a certain 
point in time. I can make that clear. Thanks!

aditi
> On Apr 4, 2016, at 3:50 PM, Nges B  wrote:
> 
> you can do it.
> also when you run tree in a newly created project, you have
> 6directoies and 11filles not 10files as in DOcumentation :)
> 
> On 4/4/16, Nges B  wrote:
>> But it seems to be magic :)
>> I would I have love too but it seems more complicated that I taught.
>> Thanks
>> 
>> On 4/4/16, Aditi  wrote:
>>> Indeed. I can change that. Or you can generate a pull request on the
>>> github
>>> mirror if you want to test run the patch process for documentation.
>>> 
>>> Thanks,
>>> Aditi
>>> 
>>> Sent from my iPhone
>>> 
 On Apr 4, 2016, at 2:15 PM, Nges B  wrote:
 
 we can put something like  'newt test @apache-mynewt-core/libs/os'
 thanks
 
 
> On 4/4/16, Nges B  wrote:
> Hi everyone.
> There seems to be no test for libs/shell
> 
> But in Documentation , tutorials for beginners give 'test  newt test
> @apache-mynewt-core/libs/shell'  as an example. I think it will e
> better if we can change it , It can confuse newbies.
> Thanks
> --
> "A Gal is a Dream with a Plan and a Dateline"
> 
> Do On to Others what you will like them to do on to you.'The Golden
> Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record
 
 
 --
 "A Gal is a Dream with a Plan and a Dateline"
 
 Do On to Others what you will like them to do on to you.'The Golden
 Rule'
 Mozilla Regional Ambassador Lead Cameroon.
 Software Deloper,
 Web Designer and Developer.
 Music DJ . Artiste at Casky Black's Record
>>> 
>> 
>> 
>> --
>> "A Gal is a Dream with a Plan and a Dateline"
>> 
>> Do On to Others what you will like them to do on to you.'The Golden Rule'
>> Mozilla Regional Ambassador Lead Cameroon.
>> Software Deloper,
>> Web Designer and Developer.
>> Music DJ . Artiste at Casky Black's Record
>> 
> 
> 
> -- 
> "A Gal is a Dream with a Plan and a Dateline"
> 
> Do On to Others what you will like them to do on to you.'The Golden Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record

Re: Testing rhe libs/shell

2016-04-04 Thread Nges B 
in a new created project , the newt test all fails the libs/json .
the jlibs/json was not corrected on that repository.
Thanks

On 4/4/16, Nges B  wrote:
> you can do it.
> also when you run tree in a newly created project, you have
> 6directoies and 11filles not 10files as in DOcumentation :)
>
> On 4/4/16, Nges B  wrote:
>> But it seems to be magic :)
>> I would I have love too but it seems more complicated that I taught.
>> Thanks
>>
>> On 4/4/16, Aditi  wrote:
>>> Indeed. I can change that. Or you can generate a pull request on the
>>> github
>>> mirror if you want to test run the patch process for documentation.
>>>
>>> Thanks,
>>> Aditi
>>>
>>> Sent from my iPhone
>>>
 On Apr 4, 2016, at 2:15 PM, Nges B  wrote:

 we can put something like  'newt test @apache-mynewt-core/libs/os'
 thanks


> On 4/4/16, Nges B  wrote:
> Hi everyone.
> There seems to be no test for libs/shell
>
> But in Documentation , tutorials for beginners give 'test  newt test
> @apache-mynewt-core/libs/shell'  as an example. I think it will e
> better if we can change it , It can confuse newbies.
> Thanks
> --
> "A Gal is a Dream with a Plan and a Dateline"
>
> Do On to Others what you will like them to do on to you.'The Golden
> Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record


 --
 "A Gal is a Dream with a Plan and a Dateline"

 Do On to Others what you will like them to do on to you.'The Golden
 Rule'
 Mozilla Regional Ambassador Lead Cameroon.
 Software Deloper,
 Web Designer and Developer.
 Music DJ . Artiste at Casky Black's Record
>>>
>>
>>
>> --
>> "A Gal is a Dream with a Plan and a Dateline"
>>
>> Do On to Others what you will like them to do on to you.'The Golden Rule'
>> Mozilla Regional Ambassador Lead Cameroon.
>> Software Deloper,
>> Web Designer and Developer.
>> Music DJ . Artiste at Casky Black's Record
>>
>
>
> --
> "A Gal is a Dream with a Plan and a Dateline"
>
> Do On to Others what you will like them to do on to you.'The Golden Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record
>


-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Re: Testing rhe libs/shell

2016-04-04 Thread Nges B 
you can do it.
also when you run tree in a newly created project, you have
6directoies and 11filles not 10files as in DOcumentation :)

On 4/4/16, Nges B  wrote:
> But it seems to be magic :)
> I would I have love too but it seems more complicated that I taught.
> Thanks
>
> On 4/4/16, Aditi  wrote:
>> Indeed. I can change that. Or you can generate a pull request on the
>> github
>> mirror if you want to test run the patch process for documentation.
>>
>> Thanks,
>> Aditi
>>
>> Sent from my iPhone
>>
>>> On Apr 4, 2016, at 2:15 PM, Nges B  wrote:
>>>
>>> we can put something like  'newt test @apache-mynewt-core/libs/os'
>>> thanks
>>>
>>>
 On 4/4/16, Nges B  wrote:
 Hi everyone.
 There seems to be no test for libs/shell

 But in Documentation , tutorials for beginners give 'test  newt test
 @apache-mynewt-core/libs/shell'  as an example. I think it will e
 better if we can change it , It can confuse newbies.
 Thanks
 --
 "A Gal is a Dream with a Plan and a Dateline"

 Do On to Others what you will like them to do on to you.'The Golden
 Rule'
 Mozilla Regional Ambassador Lead Cameroon.
 Software Deloper,
 Web Designer and Developer.
 Music DJ . Artiste at Casky Black's Record
>>>
>>>
>>> --
>>> "A Gal is a Dream with a Plan and a Dateline"
>>>
>>> Do On to Others what you will like them to do on to you.'The Golden
>>> Rule'
>>> Mozilla Regional Ambassador Lead Cameroon.
>>> Software Deloper,
>>> Web Designer and Developer.
>>> Music DJ . Artiste at Casky Black's Record
>>
>
>
> --
> "A Gal is a Dream with a Plan and a Dateline"
>
> Do On to Others what you will like them to do on to you.'The Golden Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record
>


-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Re: Testing rhe libs/shell

2016-04-04 Thread Nges B 
But it seems to be magic :)
I would I have love too but it seems more complicated that I taught.
Thanks

On 4/4/16, Aditi  wrote:
> Indeed. I can change that. Or you can generate a pull request on the github
> mirror if you want to test run the patch process for documentation.
>
> Thanks,
> Aditi
>
> Sent from my iPhone
>
>> On Apr 4, 2016, at 2:15 PM, Nges B  wrote:
>>
>> we can put something like  'newt test @apache-mynewt-core/libs/os'
>> thanks
>>
>>
>>> On 4/4/16, Nges B  wrote:
>>> Hi everyone.
>>> There seems to be no test for libs/shell
>>>
>>> But in Documentation , tutorials for beginners give 'test  newt test
>>> @apache-mynewt-core/libs/shell'  as an example. I think it will e
>>> better if we can change it , It can confuse newbies.
>>> Thanks
>>> --
>>> "A Gal is a Dream with a Plan and a Dateline"
>>>
>>> Do On to Others what you will like them to do on to you.'The Golden
>>> Rule'
>>> Mozilla Regional Ambassador Lead Cameroon.
>>> Software Deloper,
>>> Web Designer and Developer.
>>> Music DJ . Artiste at Casky Black's Record
>>
>>
>> --
>> "A Gal is a Dream with a Plan and a Dateline"
>>
>> Do On to Others what you will like them to do on to you.'The Golden Rule'
>> Mozilla Regional Ambassador Lead Cameroon.
>> Software Deloper,
>> Web Designer and Developer.
>> Music DJ . Artiste at Casky Black's Record
>


-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Re: Image signatures

2016-04-04 Thread Aditi 
EC operations would be significantly smaller. They key size equivalent to RSA 
2048 but would be 256 bits in EC. So that could be another option.

Thanks,
Aditi

Sent from my iPhone

> On Apr 4, 2016, at 12:49 PM, marko kiiskila  wrote:
> 
> Hi,
> 
> I started work on signed images, and there’s few things I’m wondering how to 
> go about.
> 
> The way this would work is that you would start by creating a RSA key-pair 
> (2048 bits).
> 
> You’d sign the image by computing RSA signature over the image hash (SHA256), 
> and store
> it a TLV at the end of the image. Bootloader would be built with the public 
> key of this
> image signing key, and it would verify it before allowing the image to boot.
> 
> The impact of this on the bootloader is ~7k of additional text, so it’s use 
> should be optional.
> That comes from code to parse the public key and RSA itself. And the public 
> key itself.
> 
> The image header contains a flag that says that this image contains this kind 
> of signature,
> as well as the total length of all TLVs in the end. Image hash is computed 
> over this header.
> 
> Signature data itself is stored in PKCS 1.5 format.
> 
> I also added a keyid field, and you can use this to facilitate the use of 
> multiple image signing
> keys. You could use this to facilitate the use of image signing keys of 
> different security
> level. I.e. you would have a separate image signing key for building 
> ‘production’ builds as
> opposed to ‘development’ builds.
> 
> Production signing key would be stored somewhere safe with controlled access, 
> while
> development key could have more lax restrictions. Then you’d have different 
> bootloader
> versions, dev boot loaders would allow it to boot images that are signed with 
> production keys,
> or with development keys. Production boot loaders would only allow it to boot 
> images signed
> with production keys only.
> 
> This way you can do in-house development/QA using images signed with dev 
> keys, without
> having to worry about those images being bootable by products in the field.
> 
> On to my questions:
> 1) Any reviews of this code would be much appreciated! Bugs in this code 
> would be (very) bad.
> 2) How should this be incorporated into build system? Specifically, how to 
> control
> - whether bootloader expects signed images, and if so, whether it’s a dev 
> bootloader, or
>  production bootloader?
> - where should the public key for bootloader be stored? Note that this 
> probably would be
>  per-product specific.
> 
> Comments, suggestions are welcome

Re: Testing rhe libs/shell

2016-04-04 Thread Aditi 
Indeed. I can change that. Or you can generate a pull request on the github 
mirror if you want to test run the patch process for documentation. 

Thanks,
Aditi

Sent from my iPhone

> On Apr 4, 2016, at 2:15 PM, Nges B  wrote:
> 
> we can put something like  'newt test @apache-mynewt-core/libs/os'
> thanks
> 
> 
>> On 4/4/16, Nges B  wrote:
>> Hi everyone.
>> There seems to be no test for libs/shell
>> 
>> But in Documentation , tutorials for beginners give 'test  newt test
>> @apache-mynewt-core/libs/shell'  as an example. I think it will e
>> better if we can change it , It can confuse newbies.
>> Thanks
>> --
>> "A Gal is a Dream with a Plan and a Dateline"
>> 
>> Do On to Others what you will like them to do on to you.'The Golden Rule'
>> Mozilla Regional Ambassador Lead Cameroon.
>> Software Deloper,
>> Web Designer and Developer.
>> Music DJ . Artiste at Casky Black's Record
> 
> 
> -- 
> "A Gal is a Dream with a Plan and a Dateline"
> 
> Do On to Others what you will like them to do on to you.'The Golden Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record

Re: Image signatures

2016-04-04 Thread marko kiiskila 

> On Apr 4, 2016, at 12:49 PM, marko kiiskila  wrote:
> 
> Hi,
> 
> I started work on signed images, and there’s few things I’m wondering how to 
> go about.
> 
> The way this would work is that you would start by creating a RSA key-pair 
> (2048 bits).
> 
> You’d sign the image by computing RSA signature over the image hash (SHA256), 
> and store
> it a TLV at the end of the image. Bootloader would be built with the public 
> key of this
> image signing key, and it would verify it before allowing the image to boot.
> 
> The impact of this on the bootloader is ~7k of additional text, so it’s use 
> should be optional.
> That comes from code to parse the public key and RSA itself. And the public 
> key itself.
> 
> The image header contains a flag that says that this image contains this kind 
> of signature,
> as well as the total length of all TLVs in the end. Image hash is computed 
> over this header.
> 
> Signature data itself is stored in PKCS 1.5 format.
> 
> I also added a keyid field, and you can use this to facilitate the use of 
> multiple image signing
> keys. You could use this to facilitate the use of image signing keys of 
> different security
> level. I.e. you would have a separate image signing key for building 
> ‘production’ builds as
> opposed to ‘development’ builds.
> 
> Production signing key would be stored somewhere safe with controlled access, 
> while
> development key could have more lax restrictions. Then you’d have different 
> bootloader
> versions, dev boot loaders would allow it to boot images that are signed with 
> production keys,
> or with development keys. Production boot loaders would only allow it to boot 
> images signed
> with production keys only.
> 
> This way you can do in-house development/QA using images signed with dev 
> keys, without
> having to worry about those images being bootable by products in the field.
> 
> On to my questions:
> 1) Any reviews of this code would be much appreciated! Bugs in this code 
> would be (very) bad.
> 2) How should this be incorporated into build system? Specifically, how to 
> control
> - whether bootloader expects signed images, and if so, whether it’s a dev 
> bootloader, or
>  production bootloader?
> - where should the public key for bootloader be stored? Note that this 
> probably would be
>  per-product specific.

E.g. we could store public key(s) in a package which exports 2 symbols: pointer 
to array
of keys, and the number of elements in that given array. It would export 
feature ‘IMAGE_KEYS’.

Then, if you’re building a bootloader with such a package included, then image 
signatures
are required.

This way user could check this in, and manage it’s inclusion in the bootloader 
any which
they want. I.e. could depend on the target, BSP, app or any other.

Re: Testing rhe libs/shell

2016-04-04 Thread Nges B 
we can put something like  'newt test @apache-mynewt-core/libs/os'
thanks


On 4/4/16, Nges B  wrote:
> Hi everyone.
> There seems to be no test for libs/shell
>
> But in Documentation , tutorials for beginners give 'test  newt test
> @apache-mynewt-core/libs/shell'  as an example. I think it will e
> better if we can change it , It can confuse newbies.
> Thanks
> --
> "A Gal is a Dream with a Plan and a Dateline"
>
> Do On to Others what you will like them to do on to you.'The Golden Rule'
> Mozilla Regional Ambassador Lead Cameroon.
> Software Deloper,
> Web Designer and Developer.
> Music DJ . Artiste at Casky Black's Record
>


-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Testing rhe libs/shell

2016-04-04 Thread Nges B 
Hi everyone.
There seems to be no test for libs/shell

But in Documentation , tutorials for beginners give 'test  newt test
@apache-mynewt-core/libs/shell'  as an example. I think it will e
better if we can change it , It can confuse newbies.
Thanks
-- 
"A Gal is a Dream with a Plan and a Dateline"

Do On to Others what you will like them to do on to you.'The Golden Rule'
Mozilla Regional Ambassador Lead Cameroon.
Software Deloper,
Web Designer and Developer.
Music DJ . Artiste at Casky Black's Record

Image signatures

2016-04-04 Thread marko kiiskila 
Hi,

I started work on signed images, and there’s few things I’m wondering how to go 
about.

The way this would work is that you would start by creating a RSA key-pair 
(2048 bits).

You’d sign the image by computing RSA signature over the image hash (SHA256), 
and store
it a TLV at the end of the image. Bootloader would be built with the public key 
of this
image signing key, and it would verify it before allowing the image to boot.

The impact of this on the bootloader is ~7k of additional text, so it’s use 
should be optional.
That comes from code to parse the public key and RSA itself. And the public key 
itself.

The image header contains a flag that says that this image contains this kind 
of signature,
as well as the total length of all TLVs in the end. Image hash is computed over 
this header.

Signature data itself is stored in PKCS 1.5 format.

I also added a keyid field, and you can use this to facilitate the use of 
multiple image signing
keys. You could use this to facilitate the use of image signing keys of 
different security
level. I.e. you would have a separate image signing key for building 
‘production’ builds as
opposed to ‘development’ builds.

Production signing key would be stored somewhere safe with controlled access, 
while
development key could have more lax restrictions. Then you’d have different 
bootloader
versions, dev boot loaders would allow it to boot images that are signed with 
production keys,
or with development keys. Production boot loaders would only allow it to boot 
images signed
with production keys only.

This way you can do in-house development/QA using images signed with dev keys, 
without
having to worry about those images being bootable by products in the field.

On to my questions:
1) Any reviews of this code would be much appreciated! Bugs in this code would 
be (very) bad.
2) How should this be incorporated into build system? Specifically, how to 
control
- whether bootloader expects signed images, and if so, whether it’s a dev 
bootloader, or
  production bootloader?
- where should the public key for bootloader be stored? Note that this probably 
would be
  per-product specific.

Comments, suggestions are welcome

Re: os_eventq_get() + timeout

2016-04-04 Thread Vipul Rahane 
+1 for option#2 and Sterlings implementation.
Next request by someone might be to have a timeout per eventq. 

  
> On Apr 4, 2016, at 12:09 PM, Sterling Hughes  wrote:
> 
> hi,
> 
> On 4/4/16 11:59 AM, marko kiiskila wrote:
>> 
>>> On Apr 4, 2016, at 11:33 AM, Sterling Hughes  wrote:
>>> 
 I don’t think the select() kind of mask is a good idea. eventq_XXX is more
 like kqueue() rather than select(). I don’t think there are that many 
 places
 where you’d want to mask out some events and not others. Especially
 as this’ll mean that there will presumably will mean that events will get
 delivered out of order.
 
>>> 
>>> Would you prefer that eventq_poll() poll multiple eventq and return when an 
>>> event is available on one of them, or there is a timeout?   I can 
>>> understand wanting to preserve ordering on the queue, and things getting 
>>> confusing if app code isn't smart about this.
>>> 
>>> However, I think it is a fairly common access mechanism to want to grab 
>>> only certain events from a queue.  Imagine a case where you send a packet, 
>>> and you are waiting for a response, and you only want to pull events 
>>> related to response from the eventq, even if you have multiple events that 
>>> can run through that queue.  I see two options for handling this neatly:
>>> 
>>> 1- Have a mask, and only pull events off that queue which match the mask
>>> 2- Have eventq_poll() take multiple event queues, so that you can poll 
>>> multiple queues at once.
>>> 
>>> What do you think?
>>> 
>> 
>> Converting an array of integers to bit mask in the caller, and doing the 
>> reverse
>> in the callee is not too great.
>> 
>> Option 2 sounds much, much better.
>> 
> 
> OK, cool.
> 
> So, this is the API I'm thinking of:
> 
> struct os_event *
> os_eventq_poll(struct os_eventq **evq, int n, os_time_t timo);
> 
> Where evq is an array of eventq to poll, and n is the number of elements in 
> that array.  timo represents the timeout in ticks, across all the eventqs.
> 
> This function returns NULL on no events within timo, or the first available 
> event if not.   timo can be OS_WAIT_FOREVER, if caller wishes to sleep until 
> an event becomes available.
> 
> Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread marko kiiskila 

> On Apr 4, 2016, at 12:09 PM, Sterling Hughes  wrote:
> 
> hi,
> 
> On 4/4/16 11:59 AM, marko kiiskila wrote:
>> 
>>> On Apr 4, 2016, at 11:33 AM, Sterling Hughes  wrote:
>>> 
 I don’t think the select() kind of mask is a good idea. eventq_XXX is more
 like kqueue() rather than select(). I don’t think there are that many 
 places
 where you’d want to mask out some events and not others. Especially
 as this’ll mean that there will presumably will mean that events will get
 delivered out of order.
 
>>> 
>>> Would you prefer that eventq_poll() poll multiple eventq and return when an 
>>> event is available on one of them, or there is a timeout?   I can 
>>> understand wanting to preserve ordering on the queue, and things getting 
>>> confusing if app code isn't smart about this.
>>> 
>>> However, I think it is a fairly common access mechanism to want to grab 
>>> only certain events from a queue.  Imagine a case where you send a packet, 
>>> and you are waiting for a response, and you only want to pull events 
>>> related to response from the eventq, even if you have multiple events that 
>>> can run through that queue.  I see two options for handling this neatly:
>>> 
>>> 1- Have a mask, and only pull events off that queue which match the mask
>>> 2- Have eventq_poll() take multiple event queues, so that you can poll 
>>> multiple queues at once.
>>> 
>>> What do you think?
>>> 
>> 
>> Converting an array of integers to bit mask in the caller, and doing the 
>> reverse
>> in the callee is not too great.
>> 
>> Option 2 sounds much, much better.
>> 
> 
> OK, cool.
> 
> So, this is the API I'm thinking of:
> 
> struct os_event *
> os_eventq_poll(struct os_eventq **evq, int n, os_time_t timo);
> 
> Where evq is an array of eventq to poll, and n is the number of elements in 
> that array.  timo represents the timeout in ticks, across all the eventqs.
> 
> This function returns NULL on no events within timo, or the first available 
> event if not.   timo can be OS_WAIT_FOREVER, if caller wishes to sleep until 
> an event becomes available.
> 
> Sterling

+1

flash circular buffer

2016-04-04 Thread marko kiiskila 
Hi,

I implemented this and want to know what you guys think of the interface.

FCB is a facility that allows you to store blobs of data in flash a bit like
a FIFO. You always append things in the end, and you start reading
things from beginning.

This is to be used when you want to e.g. keep a log of events and have them
persist over a system reset.

Data always gets added in the end; you would start by calling
fcb_append() with the amount of data you’ll want to add. That function
reserves space in the flash, and would return you info about where in
the flash data would be. After that, you would write the data element to
that location, and finish by calling fcb_append_finish(). This function 
finalizes
the write by computing a checksum over the data, and appending the checkup
to the end. That is how user is protected against partial writes (system reset
before all data gets in).

For inspecting the data in flash, there’s 2 options: either fcb_walk(),
or fcb_getnext().

fcb_walk() walks over the data elements in the flash, calling user specified
callback for every (completed) element it encounters. If you want to
stop the walk, you can tell it using non-zero return code from your callback.

fcb_getnext() can be used similarly to fcb_walk(), it takes as a parameter
the location of previous element, and gives you in return the location of
next element in the circular buffer.

Flash sectors fill up eventually. The way you’d deal with this is by erasing
data a sector at a time, calling fcb_rotate() erases the data in the oldest
sector you’ve been using.

So for a rolling log you would keep appending data until you can fit no
more, then erase the oldest one and add some more.

For places where you download/upload the data periodically, you would erase
the sector once data from it has been stored somewhere safe.

Any comments, suggestions?
—
M

Re: os_eventq_get() + timeout

2016-04-04 Thread Sterling Hughes 

hi,

On 4/4/16 11:59 AM, marko kiiskila wrote:



On Apr 4, 2016, at 11:33 AM, Sterling Hughes  wrote:


I don’t think the select() kind of mask is a good idea. eventq_XXX is more
like kqueue() rather than select(). I don’t think there are that many places
where you’d want to mask out some events and not others. Especially
as this’ll mean that there will presumably will mean that events will get
delivered out of order.



Would you prefer that eventq_poll() poll multiple eventq and return when an 
event is available on one of them, or there is a timeout?   I can understand 
wanting to preserve ordering on the queue, and things getting confusing if app 
code isn't smart about this.

However, I think it is a fairly common access mechanism to want to grab only 
certain events from a queue.  Imagine a case where you send a packet, and you 
are waiting for a response, and you only want to pull events related to 
response from the eventq, even if you have multiple events that can run through 
that queue.  I see two options for handling this neatly:

1- Have a mask, and only pull events off that queue which match the mask
2- Have eventq_poll() take multiple event queues, so that you can poll multiple 
queues at once.

What do you think?



Converting an array of integers to bit mask in the caller, and doing the reverse
in the callee is not too great.

Option 2 sounds much, much better.



OK, cool.

So, this is the API I'm thinking of:

struct os_event *
os_eventq_poll(struct os_eventq **evq, int n, os_time_t timo);

Where evq is an array of eventq to poll, and n is the number of elements 
in that array.  timo represents the timeout in ticks, across all the 
eventqs.


This function returns NULL on no events within timo, or the first 
available event if not.   timo can be OS_WAIT_FOREVER, if caller wishes 
to sleep until an event becomes available.


Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread marko kiiskila 

> On Apr 4, 2016, at 11:33 AM, Sterling Hughes  wrote:
> 
>> I don’t think the select() kind of mask is a good idea. eventq_XXX is more
>> like kqueue() rather than select(). I don’t think there are that many places
>> where you’d want to mask out some events and not others. Especially
>> as this’ll mean that there will presumably will mean that events will get
>> delivered out of order.
>> 
> 
> Would you prefer that eventq_poll() poll multiple eventq and return when an 
> event is available on one of them, or there is a timeout?   I can understand 
> wanting to preserve ordering on the queue, and things getting confusing if 
> app code isn't smart about this.
> 
> However, I think it is a fairly common access mechanism to want to grab only 
> certain events from a queue.  Imagine a case where you send a packet, and you 
> are waiting for a response, and you only want to pull events related to 
> response from the eventq, even if you have multiple events that can run 
> through that queue.  I see two options for handling this neatly:
> 
> 1- Have a mask, and only pull events off that queue which match the mask
> 2- Have eventq_poll() take multiple event queues, so that you can poll 
> multiple queues at once.
> 
> What do you think?
> 

Converting an array of integers to bit mask in the caller, and doing the reverse
in the callee is not too great.

Option 2 sounds much, much better.

Newt package, package search & new

2016-04-04 Thread Sterling Hughes 

Heya,

I'm going to put a little work into newt, and how we compose projects 
with it.  I think there are a couple of areas  where I think we could 
improve:


1- "newt new" currently fetches 
github.com/apache/incubator-mynewt-blinky as a project skeleton.  I 
think there should be configurable skeletons, and the default 
(incubator-mynewt-blinky) should come bundled with the go src, so that 
you don't need internet access to create a new project skeleton.


This should make newt general purpose enough to use with any project, 
not just our OS.  While primarily useful for our OS at the moment, I 
think we want newt to stand on its own as a build & package management 
tool for embedded contexts.


2- To newt install -v, you should be able to specify a local directory 
that contains the necessary remote repositories, so if you want to 
install the new project skeleton without internet access, you can.


3- We should add a new command: newt pkg new, which can create a new 
package in the local repository, I'm thinking the format should be:


$ newt pkg new drivers/rgbled

Which will create a new package in /drivers/rgbled, along 
with the pkg.yml file and src and include headers. Additional options to 
this command should be a package type (default is lib), and the skeleton 
will change depending on what type is specified (e.g. bsp, or app.)


4- Package search directories.  Currently, there is a hardcoded set of 
package search directories in the base of the project, specifically:


var PackageSearchDirs []string = []string{
"apps/",
"compiler/",
"fs/",
"libs/",
"net/",
"hw/bsp/",
"hw/mcu/",
"hw/mcu/stm",
"hw/drivers/",^[[>1;95;0c
"hw/",
"project/",
"targets/",
"sys/",
}

And then additional package directories can be specified by adding them 
to the project.pkg_dirs configuration variable in project.yml.


We could have newt pkg new automatically add non-standard directories to 
project.pkg_dirs, but it occurs to me that we may be too restrictive on 
this for no reason.   The base of our core repository is as follows:


total 88
-rw-r--r--   1 sterling  staff531 Apr  1 17:46 DISCLAIMER
-rw-r--r--   1 sterling  staff  16360 Apr  1 17:46 LICENSE
-rw-r--r--   1 sterling  staff254 Apr  1 17:46 NOTICE
-rw-r--r--   1 sterling  staff   9703 Apr  1 17:46 README.md
-rw-r--r--   1 sterling  staff   1713 Apr  1 17:46 RELEASE_NOTES.md
drwxr-xr-x  11 sterling  staff374 Apr  1 17:46 apps
drwxr-xr-x   5 sterling  staff170 Apr  1 17:46 compiler
drwxr-xr-x   4 sterling  staff136 Apr  1 17:46 fs
drwxr-xr-x   5 sterling  staff170 Apr  1 17:46 hw
drwxr-xr-x  17 sterling  staff578 Apr  1 17:46 libs
drwxr-xr-x   3 sterling  staff102 Apr  1 17:46 net
-rw-r--r--   1 sterling  staff825 Apr  1 17:46 project.yml
drwxr-xr-x   6 sterling  staff204 Apr  1 17:46 sys
drwxr-xr-x   3 sterling  staff102 Apr  1 17:46 targets

As you can see, every directory here contains packages in them.  I think 
it would be better to, by default, search all directories for packages, 
and provide a configuration directive to ignore directories.


Thoughts?

Cheers,

Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread Sterling Hughes 



On 4/4/16 10:50 AM, marko kiiskila wrote:

Hi,

You get the timeout functionality by adding an timeout event on your own
to get the same functionality. Would not be a big burden.

However, this kind of convenience function should be ok. You could
even have that guy implement it this way, as opposed to adding additional
code to eventq_get() itself.



Yeah, I think many people want to use this.


I don’t think the select() kind of mask is a good idea. eventq_XXX is more
like kqueue() rather than select(). I don’t think there are that many places
where you’d want to mask out some events and not others. Especially
as this’ll mean that there will presumably will mean that events will get
delivered out of order.



Would you prefer that eventq_poll() poll multiple eventq and return when 
an event is available on one of them, or there is a timeout?   I can 
understand wanting to preserve ordering on the queue, and things getting 
confusing if app code isn't smart about this.


However, I think it is a fairly common access mechanism to want to grab 
only certain events from a queue.  Imagine a case where you send a 
packet, and you are waiting for a response, and you only want to pull 
events related to response from the eventq, even if you have multiple 
events that can run through that queue.  I see two options for handling 
this neatly:


1- Have a mask, and only pull events off that queue which match the mask
2- Have eventq_poll() take multiple event queues, so that you can poll 
multiple queues at once.


What do you think?

Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread marko kiiskila 
Hi,

You get the timeout functionality by adding an timeout event on your own
to get the same functionality. Would not be a big burden.

However, this kind of convenience function should be ok. You could
even have that guy implement it this way, as opposed to adding additional
code to eventq_get() itself.

I don’t think the select() kind of mask is a good idea. eventq_XXX is more
like kqueue() rather than select(). I don’t think there are that many places
where you’d want to mask out some events and not others. Especially
as this’ll mean that there will presumably will mean that events will get
delivered out of order.

> On Apr 4, 2016, at 9:13 AM, will sanfilippo  wrote:
> 
> I would not break BC; I would add a different function. Not sure what I would 
> call it but wouldnt it just have a timeout, in ticks, associated with it? For 
> example: os_eventq_wait(&my_evq, timeout_in_os_ticks). What is the purpose of 
> the mask btw? Something to do with returning an error if it times out or some 
> way of selecting particular events?
> 
> Will
> 
>> On Apr 4, 2016, at 8:14 AM, Sterling Hughes  wrote:
>> 
>> Hey,
>> 
>> I'm looking at: https://issues.apache.org/jira/browse/MYNEWT-8
>> 
>> I'm wondering if I should break BC on this one, and add a new parameter, or 
>> add a new function call:
>> 
>> - os_eventq_select()
>> 
>> OS_EVENTQ_MASK(my_mask, EVENT_T_TIMER);
>> OS_EVENTQ_MASK(my_mask, EVENT_T_DATA);
>> 
>> /* timeout after 200 ticks */
>> ev = os_eventq_select(&my_evq, &my_mask, 200);
>> 
>> Thoughts?
>> 
>> Sterling
>> 
>> PS: For the uninitiated, os_eventq_get() works as follows.
>> 
>> In your task, you create an eventq with os_eventq_init(), and then you wait 
>> (forever) on os_eventq_get().
>> 
>> If you (currently) want to not wait forever, you can use a callout, which 
>> will post an event to the eventq after a certain time expires.
>> 
>> while (1) {
>>   ev = os_eventq_get(&my_evq);
>>   switch (ev->ev_type) {
>>   case EVENT_T_DATA: /* read data from socket */
>>recv_data();
>>   case EVENT_T_TIMER: /* timer expired */
>>os_callout_reset(&my_callout, &my_evq, 20);
>>   }
>> }
>

Re: os_eventq_get() + timeout

2016-04-04 Thread will sanfilippo 
Sounds good to me
+1

> On Apr 4, 2016, at 9:16 AM, Sterling Hughes 
>  wrote:
> 
> 
> 
>> On Apr 4, 2016, at 9:13 AM, will sanfilippo  wrote:
>> 
>> I would not break BC; I would add a different function. Not sure what I 
>> would call it but wouldnt it just have a timeout, in ticks, associated with 
>> it? For example: os_eventq_wait(&my_evq, timeout_in_os_ticks). What is the 
>> purpose of the mask btw? Something to do with returning an error if it times 
>> out or some way of selecting particular events?
> 
> Right, it would allow you to quickly poll for a set/type of events.  Select 
> is a common UNIX call which does the same thing (the other being poll()).
> 
> I think it's useful to search the queue for a type of event, so if we're 
> adding a new call with timeout, I think we should add that functionality. 
> 
> Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread Sterling Hughes 


> On Apr 4, 2016, at 9:13 AM, will sanfilippo  wrote:
> 
> I would not break BC; I would add a different function. Not sure what I would 
> call it but wouldnt it just have a timeout, in ticks, associated with it? For 
> example: os_eventq_wait(&my_evq, timeout_in_os_ticks). What is the purpose of 
> the mask btw? Something to do with returning an error if it times out or some 
> way of selecting particular events?

Right, it would allow you to quickly poll for a set/type of events.  Select is 
a common UNIX call which does the same thing (the other being poll()).

I think it's useful to search the queue for a type of event, so if we're adding 
a new call with timeout, I think we should add that functionality. 

Sterling

Re: os_eventq_get() + timeout

2016-04-04 Thread will sanfilippo 
I would not break BC; I would add a different function. Not sure what I would 
call it but wouldnt it just have a timeout, in ticks, associated with it? For 
example: os_eventq_wait(&my_evq, timeout_in_os_ticks). What is the purpose of 
the mask btw? Something to do with returning an error if it times out or some 
way of selecting particular events?

Will

> On Apr 4, 2016, at 8:14 AM, Sterling Hughes  wrote:
> 
> Hey,
> 
> I'm looking at: https://issues.apache.org/jira/browse/MYNEWT-8
> 
> I'm wondering if I should break BC on this one, and add a new parameter, or 
> add a new function call:
> 
> - os_eventq_select()
> 
> OS_EVENTQ_MASK(my_mask, EVENT_T_TIMER);
> OS_EVENTQ_MASK(my_mask, EVENT_T_DATA);
> 
> /* timeout after 200 ticks */
> ev = os_eventq_select(&my_evq, &my_mask, 200);
> 
> Thoughts?
> 
> Sterling
> 
> PS: For the uninitiated, os_eventq_get() works as follows.
> 
> In your task, you create an eventq with os_eventq_init(), and then you wait 
> (forever) on os_eventq_get().
> 
> If you (currently) want to not wait forever, you can use a callout, which 
> will post an event to the eventq after a certain time expires.
> 
>  while (1) {
>ev = os_eventq_get(&my_evq);
>switch (ev->ev_type) {
>case EVENT_T_DATA: /* read data from socket */
> recv_data();
>case EVENT_T_TIMER: /* timer expired */
> os_callout_reset(&my_callout, &my_evq, 20);
>}
>  }

os_eventq_get() + timeout

2016-04-04 Thread Sterling Hughes 

Hey,

I'm looking at: https://issues.apache.org/jira/browse/MYNEWT-8

I'm wondering if I should break BC on this one, and add a new parameter, 
or add a new function call:


- os_eventq_select()

OS_EVENTQ_MASK(my_mask, EVENT_T_TIMER);
OS_EVENTQ_MASK(my_mask, EVENT_T_DATA);

/* timeout after 200 ticks */
ev = os_eventq_select(&my_evq, &my_mask, 200);

Thoughts?

Sterling

PS: For the uninitiated, os_eventq_get() works as follows.

In your task, you create an eventq with os_eventq_init(), and then you 
wait (forever) on os_eventq_get().


If you (currently) want to not wait forever, you can use a callout, 
which will post an event to the eventq after a certain time expires.


  while (1) {
ev = os_eventq_get(&my_evq);
switch (ev->ev_type) {
case EVENT_T_DATA: /* read data from socket */
  recv_data();
case EVENT_T_TIMER: /* timer expired */
  os_callout_reset(&my_callout, &my_evq, 20);
}
  }