Implement filesystem-based partition state access and CLI tools

.github/workflows/test-filesystem.yml

@@ -0,0 +1,46 @@
+name: Test Filesystem
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+  build-lib-fs-example:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Install build dependencies
+        run: sudo apt-get update && sudo apt-get install -y build-essential
+
+      - name: Set simulation config and build signed boot partition
+        run: |
+          cp config/examples/sim.config .config
+          make clean
+          make
+
+      - name: Check for internal_flash.dd
+        run: |
+          if [ ! -f internal_flash.dd ]; then
+            echo "Error: internal_flash.dd not found. Build may have failed."
+            exit 1
+          fi
+
+      - name: Switch to library_fs config
+        run: cp config/examples/library_fs.config .config
+
+      - name: Clean and build lib-fs
+        run: |
+          make clean
+          make lib-fs
+
+      - name: Mark BOOT partition as SUCCESS
+        run: ./lib-fs success
+
+      - name: Verify BOOT partition integrity and authenticity
+        run: ./lib-fs verify-boot

.gitignore

@@ -118,6 +118,7 @@ tools/tpm/policy_create
 tools/tpm/policy_sign
 config/*.ld
 test-lib
+lib-fs
 
 # Elf preprocessing tools
 tools/squashelf/**
@@ -275,3 +276,7 @@ language.settings.xml
 /**/build
 /**/build-**
 
+# Eclipse
+.cproject
+.project
+.settings/

Makefile

@@ -164,6 +164,10 @@ ifeq ($(TARGET),library)
     MAIN_TARGET:=libwolfboot.a
 endif
 
+ifeq ($(TARGET),library_fs)
+    MAIN_TARGET:=libwolfboot.a
+endif
+
 ifeq ($(TARGET),raspi3)
     MAIN_TARGET:=wolfboot.bin
 endif
@@ -214,6 +218,10 @@ test-lib: libwolfboot.a hal/library.o
 	@echo "\t[BIN] $@"
 	$(Q)$(CC) $(CFLAGS) -o $@ hal/library.o libwolfboot.a
 
+lib-fs: libwolfboot.a hal/library_fs.o hal/filesystem.o
+	@echo "\t[BIN] $@"
+	$(Q)$(CC) $(CFLAGS) -o $@ hal/library_fs.o hal/filesystem.o libwolfboot.a
+
 wolfboot.efi: wolfboot.elf
 	@echo "\t[BIN] $@"
 	$(Q)$(OBJCOPY) -j .rodata -j .text -j .sdata -j .data \
@@ -440,6 +448,8 @@ clean:
 	$(Q)rm -f tools/keytools/otp/otp-keystore-gen
 	$(Q)rm -f .stack_usage
 	$(Q)rm -f $(WH_NVM_BIN) $(WH_NVM_HEX)
+	$(Q)rm -f test-lib
+	$(Q)rm -f lib-fs
 	$(Q)$(MAKE) -C test-app clean V=$(V)
 	$(Q)$(MAKE) -C tools/check_config -s clean
 	$(Q)$(MAKE) -C stage1 -s clean

arch.mk

@@ -1109,8 +1109,13 @@ ifeq ($(ARCH),sim)
   USE_GCC_HEADLESS=0
   LD = gcc
   ifneq ($(TARGET),library)
+  ifneq ($(TARGET),library_fs)
     UPDATE_OBJS:=src/update_flash.o
   endif
+  endif
+  ifeq ($(TARGET),library_fs)
+    UPDATE_OBJS += hal/filesystem.o
+  endif
   LD_START_GROUP=
   LD_END_GROUP=
   BOOT_IMG=test-app/image.elf
@@ -1326,6 +1331,14 @@ ifeq ($(TARGET),library)
   NO_LOADER=1
 endif
 
+ifeq ($(TARGET),library_fs)
+  EXT_FLASH=1
+  # Force all partitions to be marked as external
+  NO_XIP=1
+  NO_SWAP_EXT=
+endif
+
+
 ## Set default update object
 ifneq ($(WOLFBOOT_NO_PARTITIONS),1)
   ifeq ($(UPDATE_OBJS),)

config/examples/library_fs.config

@@ -0,0 +1,24 @@
+ARCH=sim
+TARGET=library_fs
+
+SIGN?=ED25519
+HASH?=SHA256
+IMAGE_HEADER_SIZE?=256
+DEBUG=0
+SPMATH?=0
+SPMATHALL?=0
+
+# Flash Partition Filename
+WOLFBOOT_PARTITION_FILENAME=\"internal_flash.dd\"
+EXT_FLASH=1
+
+# Flash Sector Size
+WOLFBOOT_SECTOR_SIZE=0x1000
+# Application Partition Size
+WOLFBOOT_PARTITION_SIZE=0x40000
+# Location in flash for boot partition
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x80000
+# Location in flash for update partition
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x100000
+# Location in flash for swap
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x180000

config/examples/zynqmp.config

@@ -63,6 +63,8 @@ WOLFBOOT_SECTOR_SIZE=0x20000
 # Application Partition Size
 WOLFBOOT_PARTITION_SIZE=0x2A00000
 # Location in Flash for wolfBoot
+WOLFBOOT_ORIGIN=0x0
+# Location in Flash for Primary Boot Partition
 WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x800000
 # Load Partition to RAM Address
 WOLFBOOT_LOAD_ADDRESS?=0x10000000

docs/lib.md

@@ -21,7 +21,7 @@ of the manifest header.
 
 
 On success, zero is returned. If the image does not contain a valid 'magic number' at the beginning
-of the manifest, or if the size of the image is bigger than `WOLFBOOT_PARTITION_SIZE`, -1 is returned. 
+of the manifest, or if the size of the image is bigger than `WOLFBOOT_PARTITION_SIZE`, -1 is returned.
 
 
 If the `open_image_address` operation is successful, two other functions can be invoked:
@@ -123,3 +123,98 @@ Firmware Valid
 booting 0x5609e3526590(actually exiting)
 ```
 
+## Library mode: Partition Manager CLI Example
+
+An example application using filesystem access is provided in `hal/library_fs.c`.
+
+The CLI application `lib-fs` allow querying partition states, triggering updates, and marking the boot partition as successful.
+
+### Building the lib-fs example
+
+To generate and verify a signed boot partition using simulation and library_fs targets, follow these steps.
+You can run these steps using the provided script at `tools/scripts/build_lib_fs_example.sh`:
+
+```
+./tools/scripts/build_lib_fs_example.sh
+```
+
+Alternatively, you can perform the steps manually as described below:
+
+Step 1: Copy the configuration for simulation and build the signed boot partition:
+```
+cp config/examples/sim.config .config
+make
+```
+This will generate a file with a signed boot partition named `internal_flash.dd`.
+
+Step 2: Change the target back to `library_fs`:
+```
+cp config/examples/library_fs.config .config
+```
+
+Step 3: Ensure that the partition layout in `sim.config` matches the layout in `library_fs.config`.
+
+Step 4: Clean previous build artifacts and build the CLI application:
+```
+make clean
+make lib-fs
+```
+This will produce the `lib-fs` executable.
+
+Step 5: Mark the BOOT partition as successfully loaded:
+```
+./lib-fs success
+```
+
+Step 6: Verify the integrity and authenticity of the BOOT partition:
+```
+./lib-fs verify-boot
+```
+
+### Using the Partition Manager CLI
+
+The example configuration points the binary to access `/dev/mtd0` for partition data. You can simulate this file path with `modprobe mtdram total_size=16384 erase_size=128`. You may need to adjust the file permissions to allow read/write access.
+
+Run the application with one of the supported commands:
+
+```
+./lib-fs <command>
+```
+
+Available commands:
+
+- `status`         : Show state of all partitions
+- `get-boot`       : Get BOOT partition state
+- `get-update`     : Get UPDATE partition state
+- `update-trigger` : Trigger an update (sets UPDATE partition to UPDATING)
+- `success`        : Mark BOOT partition as SUCCESS
+- `verify-boot`    : Verify integrity and authenticity of BOOT partition
+- `verify-update`  : Verify integrity and authenticity of UPDATE partition
+- `help`           : Show usage information
+
+#### Example usage
+
+Show all partition states:
+```
+./lib-fs status
+```
+
+Trigger an update:
+```
+./lib-fs update-trigger
+```
+
+Mark the boot partition as successful:
+```
+./lib-fs success
+```
+
+Verify BOOT partition:
+```
+./lib-fs verify-boot
+```
+
+Verify UPDATE partition:
+```
+./lib-fs verify-update
+```