On whether you need to update filesystem.bin

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
hiko_4316286
Level 4
Level 4
50 replies posted 25 replies posted 10 replies posted

The update in OTA1 does not have the ability to update the external Flash filesystem.bin.

Is it correct to assume that the filesystem.bin does not need to be updated because it does not contain any security-related information?

*The intent of this question is to make sure that only the area that can be updated by OTA1 is the area that needs to be updated by the vulnerability measure, and that the external flash filesystem.bin will not be updated by the vulnerability measure.

*It is my understanding that security-related contents, such as drivers, can be updated via OTA1.

*We found out that we cannot update the filesystem.bin of the external Flash filesystem with OTA1 after mass production, so we wanted to know if the update of the filesystem.bin is necessary.

0 Likes
1 Solution

My sincere apologies for the delay and missing your responses.

The device functionality won't stop even if you don't update the filesystem.bin. All you need to make ensure is that the application update that you intend to deploy is built using the same firmware as that in the field.

Now coming to whether the filesystem.bin needs to be updated or not, it is required only if you want to update your firmware to fix these vulnerabilities that may arise in future. Otherwise, you don't need OTA update if your device looks good.

Since the ota_fr default implementation doesn't have the the ability to update the firmware and if you want those firmware fixes deployed, you need to have some sort of custom implementation to be done. In order to do this, you need to contact our local sales/marketing team and they should be able to help you.

Thanks.

View solution in original post

0 Likes
10 Replies
KotnaniK_71
Employee
Employee
50 likes received 25 likes received 10 likes received

Hi,

Can you please let me know the platform or host processor you are using?

Usually, the filesystem.bin consists of the resource information like WiFi firmware, CLM_blob, webserver components and other security related information. Also, the filesystem.bin encapsulates the whatever resource information present in the WICED resources directory.

The limitation with OTA is that only the main application system components can be updated and you can find more information in section-5 of WICED-OTA.pdf document.

Thanks.

0 Likes
Can you please let me know the platform or host processor you are using?

"That would be STM32F412.

You answered: "The limitation with OTA is that only the main application system components are updated." I have a question about.

It says that the resource will not be updated with OTA.

Is this because the resource's firmware is not updated and therefore there is no ability to update the resource in OTA?

Or, if there is an update to the resource's firmware, is there no ability to update the resource via OTA because of the content that does not need to be updated?

(Think of it as a WICED update, not as a case of a user changing a resource.)

0 Likes

If you can find out anything, please respond.

0 Likes

Hi,

Yes, the ota_fr doesn't have the ability to update firmware and only the main application can be updated via OTA which is the limitation of OTA1.

Please check the implementation in this thread Updating 4343W wifi firmware for our module via OTA suggested by one of our users in community and see if it's a possible solution for you.

If not, updating the firmware is mandatory for you, I request you to please contact our local sales/marketing team and they should be able to help you out.

Thanks.

0 Likes

When WICED is updated due to a vulnerability, it is recognized that the driver part can be updated by OTA1.

However, filesystem.bin (data in resources) cannot be updated by OTA1 and does not necessarily need to be updated.

Therefore, even if WICED is updated, filesystem.bin of external flash is recognition that it is not necessary to update.

Even if you do not update using "Updating 4343W wifi firmware for our module via OTA", it is recognition that there is no problem as operation, is it correct?

0 Likes

If you can find out anything, please respond.

0 Likes

Please answer the question, as the vulnerability will determine whether the filesystem.bin needs to be updated.

0 Likes

My sincere apologies for the delay and missing your responses.

The device functionality won't stop even if you don't update the filesystem.bin. All you need to make ensure is that the application update that you intend to deploy is built using the same firmware as that in the field.

Now coming to whether the filesystem.bin needs to be updated or not, it is required only if you want to update your firmware to fix these vulnerabilities that may arise in future. Otherwise, you don't need OTA update if your device looks good.

Since the ota_fr default implementation doesn't have the the ability to update the firmware and if you want those firmware fixes deployed, you need to have some sort of custom implementation to be done. In order to do this, you need to contact our local sales/marketing team and they should be able to help you.

Thanks.

0 Likes

KotnaniK_71 wrote:

Now coming to whether the filesystem.bin needs to be updated or not, it is required only if you want to update your firmware to fix these vulnerabilities that may arise in future. Otherwise, you don't need OTA update if your device looks good.

Since the ota_fr default implementation doesn't have the the ability to update the firmware and if you want those firmware fixes deployed, you need to have some sort of custom implementation to be done. In order to do this, you need to contact our local sales/marketing team and they should be able to help you.

Thanks.

The WICED-6.6.0 release includes several security fix in various WLAN firmware.

I believe you will get a lot similar questions regarding how to update filesystem.bin.

Why not provide a standard implementation so people can easily test and verify if it works?

0 Likes

KotnaniK_71MuraliR_36

I just notice the new wiced-6.6 release will cause problems in OTA wlan firmware because the

wlan firmware file size becomes much bigger than older sdk versions.

No matter the wlan firmware is in filesystem.bin or in a separate partition,

it will hit problem as mentioned in https://community.cypress.com/thread/55934

0 Likes