[riot-notifications] [RIOT-OS/RIOT] sys/suit: initial support for SUIT firmware updates (#11818)

Kaspar Schleiser notifications at github.com
Mon Jul 8 15:24:45 CEST 2019


### Contribution description

This PR contains initial support for updating RIOT using an implementation of [SUIT draft version 4](https://tools.ietf.org/html/draft-moran-suit-manifest-04).

This currently only supports a limited use case: one component, two slots (one active one passive). Basically, it allows SUIT compliant infrastructure and tooling to update a RIOT node.

**Note**:  The implementation should not yet be considered production ready.

The implementation is based on a draft spec that will change in the near future. The implementation has also not yet gone through any security audit.
This should still be usable for less security sensitive deployments, and by getting this into master, we hope to get more exposure and feedback going towards production readiness.

The RIOT-fp project commits to maintaining and improving this implementation.

The PR is grouped in three commits:

- one commit adding the sys/suit module, including manifest handling and a CoAP based update service
- one commit adding necessary tooling (key- and manifest-generation) to dist/tools/suit
- one commit adding ```examples/suit_update```, show-casing SUIT usage in addition to providing an automated test case.

The commit history looks quite large due to the large list of dependencies. This PR should serve as tracking PR as long as there are open dependencies.

### Testing procedure

The PR ships with an example application in ```examples/suit_update```, which includes testing instructions using an automated test, which tests updating each slot over ethos.
The test is also run by the CI.

Apart from verifying that updating works for a given node, it would be very helpful to get feedback on the documentation and whether it describes the necessary steps in your setup.

### Issues/PRs references

Depends on #11801, #11802, #11803, #11805, #11816, #11707, #11690, #11697.

You can view, comment on, or merge this pull request online at:

  https://github.com/RIOT-OS/RIOT/pull/11818

-- Commit Summary --

  * pkg/libcose: update to latest master
  * fixup! pkg/libcose: update to latest master
  * fixup! pkg/libcose: update to latest master
  * tests/pkg_libcose: update to nanocbor-based libcose
  * pkg/libcose: Update supported crypto submodules
  * fixup! fixup! pkg/libcose: update to latest master
  * murdock: allow multiple files to be sent along with a test job
  * fixup! murdock: allow multiple files to be sent along with a test job
  * fixup! fixup! murdock: allow multiple files to be sent along with a test job
  * fixup! fixup! fixup! murdock: allow multiple files to be sent along with a test job
  * riotboot: set FLASHFILE to RIOTBOOT_EXTENDED_BIN
  * riotboot: update documentation to match automatic use
  * riotboot: fix APP_VER default documentation
  * tests/riotboot_flashwrite: disable for saml1[01]-xpro
  * fixup! riotboot: fix APP_VER default documentation
  * fixup! riotboot: set FLASHFILE to RIOTBOOT_EXTENDED_BIN
  * fixup! fixup! riotboot: fix APP_VER default documentation
  * nanocoap: make coap_get_block2() actually fill struct
  * sys/riotboot: add initial image digest verification
  * dist/tools/ethos: add setup_network.sh script
  * fixup! sys/riotboot: add initial image digest verification
  * tests/riotboot: add re-flashing and image selection test
  * make/riotboot: allow slot image creation without compiling
  * fixup! tests/riotboot: add basic automatic test in python
  * riotboot: always link both slot .elf when linking
  * fixup! riotboot: always link both slot .elf when linking
  * DEPENDENCY MERGE: pr/murdock_allow_multiple_files_for_test_job (#11697)
  * DEPENDENCY MERGE: pr/always_flash_riotboot_if_required (#11690)
  * make: riotboot: ensure epoch in APP_VER is evaluated once
  * make: riotboot: add $APP_VER to image file names
  * DEPENDENCY MERGE: add_riotboot_test_script (#11707)
  * DEPENDENCY MERGE: update_pkg_libcose (#11801)
  * DEPENDENCY MERGE: misc_riotboot_fixes (#11803)
  * tools/flake8: exclude suit_manifest_encoder_04 script
  * suit: add SUIT draft v4 manifest tools
  * sys/suit: add SUIT draft v4 firmware upgrade module
  * examples/suit_update: add SUIT draft v4 example & test
  * DEPENDENCY MERGE: fix_coap_get_block2 (#11802)
  * DEPENDENCY MERGE: riotboot_add_sha256_verify (#11805)
  * DEPENDENCY MERGE: add_setup_network.sh (#11816)

-- File Changes --

    M .gitignore (3)
    M .murdock (34)
    M Makefile.dep (19)
    M Makefile.include (2)
    M bootloaders/riotboot/README.md (30)
    M dist/tools/ethos/README.md (17)
    A dist/tools/ethos/setup_network.sh (49)
    M dist/tools/flake8/check.sh (7)
    A dist/tools/suit_v4/gen_key.py (33)
    A dist/tools/suit_v4/gen_manifest.py (87)
    A dist/tools/suit_v4/sign-04.py (154)
    A dist/tools/suit_v4/suit_manifest_encoder_04.py (411)
    A dist/tools/suit_v4/test-2img.json (33)
    A examples/suit_update/Makefile (117)
    A examples/suit_update/README.md (558)
    A examples/suit_update/coap_handler.c (32)
    A examples/suit_update/main.c (77)
    A examples/suit_update/tests/01-run.py (134)
    M makefiles/boot/riotboot.mk (41)
    M makefiles/murdock.inc.mk (7)
    M makefiles/pseudomodules.inc.mk (6)
    A makefiles/suit.v4.inc.mk (103)
    M pkg/libcose/Makefile (2)
    M pkg/libcose/Makefile.dep (8)
    M pkg/libcose/Makefile.include (6)
    M pkg/libcose/patches/0001-RIOT-Use-RIOT-random_bytes-function-instead-of-rando.patch (20)
    M sys/Makefile (3)
    M sys/auto_init/auto_init.c (5)
    M sys/include/riotboot/flashwrite.h (14)
    A sys/include/suit/coap.h (108)
    A sys/include/suit/conditions.h (109)
    A sys/include/suit/v4/handlers.h (62)
    A sys/include/suit/v4/policy.h (58)
    A sys/include/suit/v4/suit.h (289)
    M sys/net/application_layer/nanocoap/nanocoap.c (27)
    A sys/riotboot/flashwrite_verify_sha256.c (51)
    A sys/suit/Makefile (9)
    A sys/suit/coap.c (508)
    A sys/suit/conditions.c (67)
    A sys/suit/v4/Makefile (4)
    A sys/suit/v4/cbor.c (280)
    A sys/suit/v4/handlers.c (544)
    A sys/suit/v4/policy.c (37)
    M tests/pkg_libcose/main.c (142)
    M tests/riotboot/Makefile (13)
    M tests/riotboot/README.md (23)
    A tests/riotboot/tests/01_test_slot_selection.sh (12)
    R tests/riotboot/tests/common/assert_slotnum.py (11)
    M tests/riotboot_flashwrite/Makefile (5)

-- Patch Links --

https://github.com/RIOT-OS/RIOT/pull/11818.patch
https://github.com/RIOT-OS/RIOT/pull/11818.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/11818
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190708/ee44fb74/attachment-0001.html>


More information about the notifications mailing list