- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is the following description on the third page of WICED-Resource-Filesystem.pdf
"It is expected that the data stored in the filesystem is not to be changed over the lifecycle of the device."
Is it okay to think that there is no change due to the vulnerability in Resource Filesystem (filesystem.bin)?
*"Resource Filesystem" is recognized as "filesystem.bin", but if it is incorrect, please point it out.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your understanding is correct in this regard. filesystem.bin usually consists of WiFi firmware, clm_blob, web pages etc which primarily stays same once a product is deployed; unless a new security vulnerability comes up, which will need to be fixed through an OTA.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your answer.
I would like to ask an additional question.
On page 5 of [WICED-OTA.pdf], there is a note on "FileSystem Image" that says "Note: This is a read-only file system.
Can't update it with OTA, but a new vulnerability may cause the firmware to be released?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you please mention the platform you are using?
ota2 has the ability to patch the wifi firmware in case of a vulnerability. For OTA there is no straightforward way unfortunately, but there is a benevolent community user who have shared an idea on how to achieve this in ST host based platforms. Updating 4343W wifi firmware for our module via OTA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unfortunately, the "FileSystem Image" cannot be rewritten this time because of the use of OTA.
Is it possible that the data associated with the 'FileSystem Image' that WICED has can be updated by the vulnerability?
I am asking this question because I believe that if the data is not updated due to a vulnerability, then an OTA update is not necessary.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, it might need to be updated if there is a new vulnerability found in WLAN (802.11) firmware. Otherwise, you won't need an OTA.
In case of vulnerability, Cypress will release a patched firmware, which would need to be fixed in your deployed products through an OTA (you have to customize the existing framework with the help of the quoted thread).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your response on the vulnerability.
There is confirmation about [https://community.cypress.com/thread/32268] which you have told us.
In the above, the update of "filesystem.bin" has been described, but is the update of "APPS.bin" unnecessary?
*The "APPS.bin" is automatically generated at build time, and I assume it contains external Flash addresses and so on.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you don't change the existing WICED framework, there is no need to update the APPS.bin. Say you want filesystem to be separate and wifi firmware to be separate; in those cases only, you would need to update APPS.bin. For the default binary structure set by wiced, you can keep the previous APPS.bin w/o updating it, which is the most common assumption.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your answer.
This time, the content of the "\fresh43xxx_Wi-Fi\resources" has been changed and built.
At this time, both "APPS.bin" and "filesystem.bin" were updated.
In this case, does this mean that "APPS.bin" and "filesystem.bin" need to be updated?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In that case, both needs to be updated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your answer.
"Since you said that you also need to update "APPS.bin", am I correct in my understanding that you also need to consider updating "APPS.bin" in the [https://community.cypress.com/thread/32268] that you told me about?
If correct, in which function are you referring to "APPS.bin"?
I've been looking for it, but I can't find the access to "APPS.bin"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm not sure if I understand your question correctly. If you are interested to find out about how APPS.bin is compiled, you can just use VERBOSE=1 in your make target and find out. On a high level, 43xxx_Wi-Fi/WICED/platform/MCU/wiced_apps_lut.c is compiled with the macros provided by wiced make system (Specifically, you can refer to wiced_apps.mk and the linked makefiles). And YES, if you are going for a new firmware, you would need to update the APPS.bin since that provides a look-up-table based on what resides where (loosely)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have confirmed that there is a table in wiced_apps_lut.c.
You mentioned that you need to update APPS.bin in [https://community.cypress.com/thread/32268], so I would like to check the process of reading APPS.bin from external Flash, where is this done?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you can find out anything, please respond.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Somehow, this response didn't find a way in my inbox. Apologies for the delay hence.
APPS.bin is stored at 0x0 in the ext flash. So, to read that directly, you can use the sflash_write.tcl script as present waf.sflash_write folder.
Detailed guidelines here: How to use sflash_write.tcl script embedded in WICED? [Check the Read section]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your answer.
[https://community.cypress.com/thread/32268] is not processing APPS.bin updates in the way you answered
Am I correct in recognizing that the [https://community.cypress.com/thread/32268] method does not require an update to APPS.bin?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, you are correct in recognizing that. I am going to resolve this thread if this answers your question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RaktimR_11 による書き込み:
Yes, you are correct in recognizing that. I am going to resolve this thread if this answers your question.
Thank you for your answer.
Am I correct in my understanding that an update to APPS.bin is being considered for [https://community.cypress.com/thread/32268]?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Raktim Roy wrote:
Your understanding is correct in this regard. filesystem.bin usually consists of WiFi firmware, clm_blob, web pages etc which primarily stays same once a product is deployed; unless a new security vulnerability comes up, which will need to be fixed through an OTA.
Actually, it's very common to update filesystem image since it's usually contains web pages.
The usually use case is to update resource data when adding new features in new firmware version.
vulnerability is just another use case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hiko_4316286 wrote:
There is the following description on the third page of WICED-Resource-Filesystem.pdf
"It is expected that the data stored in the filesystem is not to be changed over the lifecycle of the device."
This is not true.
The default SDK does not implement update filesystem image, but you can implement it.
The filesystem is jsut an image (just like your application image), there is no reason it cannot be updated.