Verify firmware does not work after update #7757
Description
Board
ESP32-Wrover-E
Device Description
ESP32-Wrover-E (16mb flash 8mb psram)
Hardware Configuration
SPI,ETH,I2C,Serialheavy usages
Version
latest master (checkout manually)
IDE Name
PlatformIO
Operating System
Windows 11
Flash frequency
80mhz
PSRAM enabled
yes
Upload speed
115200
Description
PLATFORM: Espressif 32 (6.0.0) > Espressif ESP-WROVER-KIT
HARDWARE: ESP32 240MHz, 320KB RAM, 4MB Flash
DEBUG: Current (ftdi) On-board (ftdi) External (cmsis-dap, esp-bridge, esp-prog, iot-bus-jtag, jlink, minimodule, olimex-arm-usb-ocd, olimex-arm-usb-ocd-h, olimex-arm-usb-tiny-h, olimex-jtag-tiny, tumpa)
PACKAGES:
- framework-arduinoespressif32 @ 3.20006.221224 (2.0.6)
- tool-esptoolpy @ 1.40400.0 (4.4.0)
- toolchain-xtensa-esp32 @ 8.4.0+2021r2-patch5
LDF: Library Dependency Finder -> https://bit.ly/configure-pio-ldf
LDF Modes: Finder ~ chain, Compatibility ~ softI have overwritten the default verifyRollbackLater() function for my own to gain more controll over the firmware rollback process. It was working pretty good so far, but after an update it does not work anymore.
My application called verifyFirmware() after startup at several seconds to ensure the new firmware is not crashing.
If this function never called and the esp crashes, my application rolls back to it's previous state.
How it worked previously:
If ota_state == ESP_OTA_IMG_PENDING_VERIFY then we verified the firmware and saved the running address to flash.
Now it's just prints [SYSTEM] - Verifying firmware... and nothing more.
Below is the relevant functions.
Sketch
/*
* This function is used to overwrite espressif's verifyRollbackLater() function.
* The espressif's version is returning false, and performing a verify before the
* app can start.
*/
extern "C" bool verifyRollbackLater(){
return true;
}
/*
* Setting the latest partition address value.
* Used to identify if the current firmware is
* not the same as the old one for rollback.
*/
void Sys::setLastPartitionAddress(){
const esp_partition_t *running = esp_ota_get_running_partition();
config.lastFirmwareAddress = running->address;
}
/*
* This function is called after startup at FIRMWARE_CHECK_MS time. ( See Sys.h )
* It will verify the firmware if no crash happens during initializations.
* If the firmware is not verified and the chip is crashing, it will rollback to
* a previous stable version.
*/
void Sys::verifyFirmware(){
if( !shouldCheckFirmware ){ return; }
if( (millis() - startMS) <= FIRMWARE_CHECK_MS ){ return; }
shouldCheckFirmware = false;
if( isDebugOn ){
debug.print(DEBUG_INFO,"[SYSTEM] - Verifying firmware...\n");
}
const esp_partition_t *running = esp_ota_get_running_partition();
esp_ota_img_states_t ota_state;
if (esp_ota_get_state_partition(running, &ota_state) == ESP_OK) {
if (ota_state == ESP_OTA_IMG_PENDING_VERIFY) {
if (esp_ota_mark_app_valid_cancel_rollback() == ESP_OK) {
if( isDebugOn ){
debug.print(DEBUG_INFO, "[System] - Firmware is stable. Rollback disabled.\n");
}
config.isFirmwareValid = true;
config.currFirmwareAddress = running->address;
debug.logJson(DEBUG_INFO, "[System] - Firmware verified.");
} else {
if( isDebugOn ){
debug.print(DEBUG_WARN, "[System] - Failed to disable rollback\n");
}
debug.logJson(DEBUG_INFO, "[System] - Failed to disable rollback");
shouldCheckFirmware = true;
}
}
}else{
if( isDebugOn ){
debug.print(DEBUG_ERROR,"[System] - OTA partition has no record in OTA data\n");
}
}
}Debug Message
No debug message but it should print [System] - Firmware verified. or [System] - Failed to disable rollback but nothing gets printed.
Other Steps to Reproduce
Just overwrite the verifyRollbackLater()
I have checked existing issues, online documentation and the Troubleshooting Guide
- I confirm I have checked existing issues, online documentation and Troubleshooting guide.