About updating Resource File system

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
hiko_4316286
Level 4
Level 4
50 replies posted 25 replies posted 10 replies posted

There is the following description on the third page of WICED-Resource-Filesystem.pdf

"It is expected that the data stored in the filesystem is not to be changed over the lifecycle of the device."

Is it okay to think that there is no change due to the vulnerability in Resource Filesystem (filesystem.bin)?

*"Resource Filesystem" is recognized as "filesystem.bin", but if it is incorrect, please point it out.

0 Likes
19 Replies
RaktimR_11
Moderator
Moderator
Moderator
500 replies posted 250 replies posted 100 replies posted

Your understanding is correct in this regard. filesystem.bin usually consists of WiFi firmware, clm_blob, web pages etc which primarily stays same once a product is deployed; unless a new security vulnerability comes up, which will need to be fixed through an OTA.

0 Likes

Thank you for your answer.

I would like to ask an additional question.

On page 5 of [WICED-OTA.pdf], there is a note on "FileSystem Image" that says "Note: This is a read-only file system.

Can't update it with OTA, but a new vulnerability may cause the firmware to be released?

0 Likes

Can you please mention the platform you are using?

ota2 has the ability to patch the wifi firmware in case of a vulnerability. For OTA there is no straightforward way unfortunately, but there is a benevolent community user who have shared an idea on how to achieve this in ST host based platforms. Updating 4343W wifi firmware for our module via OTA

Unfortunately, the "FileSystem Image" cannot be rewritten this time because of the use of OTA.

Is it possible that the data associated with the 'FileSystem Image' that WICED has can be updated by the vulnerability?

I am asking this question because I believe that if the data is not updated due to a vulnerability, then an OTA update is not necessary.

0 Likes

Yes, it might need to be updated if there is a new vulnerability found in WLAN (802.11) firmware. Otherwise, you won't need an OTA.

In case of vulnerability, Cypress will release a patched firmware, which would need to be fixed in your deployed products through an OTA (you have to customize the existing framework with the help of the quoted thread).

0 Likes

Thank you for your response on the vulnerability.

There is confirmation about [https://community.cypress.com/thread/32268] which you have told us.

In the above, the update of "filesystem.bin" has been described, but is the update of "APPS.bin" unnecessary?

*The "APPS.bin" is automatically generated at build time, and I assume it contains external Flash addresses and so on.

0 Likes

If you don't change the existing WICED framework, there is no need to update the APPS.bin. Say you want filesystem to be separate and wifi firmware to be separate; in those cases only, you would need to update APPS.bin. For the default binary structure set by wiced, you can keep the previous APPS.bin w/o updating it, which is the most common assumption.

0 Likes

Thank you for your answer.

This time, the content of the "\fresh43xxx_Wi-Fi\resources" has been changed and built.

At this time, both "APPS.bin" and "filesystem.bin" were updated.

In this case, does this mean that "APPS.bin" and "filesystem.bin" need to be updated?

0 Likes

In that case, both needs to be updated.

0 Likes

Thank you for your answer.

"Since you said that you also need to update "APPS.bin", am I correct in my understanding that you also need to consider updating "APPS.bin" in the [https://community.cypress.com/thread/32268] that you told me about?

If correct, in which function are you referring to "APPS.bin"?

I've been looking for it, but I can't find the access to "APPS.bin"

0 Likes

I'm not sure if I understand your question correctly. If you are interested to find out about how APPS.bin is compiled, you can just use VERBOSE=1 in your make target and find out. On a high level, 43xxx_Wi-Fi/WICED/platform/MCU/wiced_apps_lut.c is compiled with the macros provided by wiced make system (Specifically, you can refer to wiced_apps.mk and the linked makefiles). And YES, if you are going for a new firmware, you would need to update the APPS.bin since that provides a look-up-table based on what resides where (loosely)

0 Likes

I have confirmed that there is a table in wiced_apps_lut.c.

You mentioned that you need to update APPS.bin in [https://community.cypress.com/thread/32268], so I would like to check the process of reading APPS.bin from external Flash, where is this done?

0 Likes

If you can find out anything, please respond.

0 Likes

Somehow, this response didn't find a way in my inbox. Apologies for the delay hence.

APPS.bin is stored at 0x0 in the ext flash. So, to read that directly, you can use the sflash_write.tcl script as present waf.sflash_write folder.

Detailed guidelines here: How to use sflash_write.tcl script embedded in WICED?  [Check the Read section]

0 Likes

Thank you for your answer.

[https://community.cypress.com/thread/32268] is not processing APPS.bin updates in the way you answered

Am I correct in recognizing that the [https://community.cypress.com/thread/32268] method does not require an update to APPS.bin?

0 Likes

Yes, you are correct in recognizing that. I am going to resolve this thread if this answers your question.

0 Likes

RaktimR_11 による書き込み:

Yes, you are correct in recognizing that. I am going to resolve this thread if this answers your question.

Thank you for your answer.

Am I correct in my understanding that an update to APPS.bin is being considered for [https://community.cypress.com/thread/32268]?

0 Likes

Raktim Roy wrote:

Your understanding is correct in this regard. filesystem.bin usually consists of WiFi firmware, clm_blob, web pages etc which primarily stays same once a product is deployed; unless a new security vulnerability comes up, which will need to be fixed through an OTA.

Actually, it's very common to update filesystem image since it's usually contains web pages.

The usually use case is to update resource data when adding new features in new firmware version.

vulnerability is just another use case.

0 Likes
AxLi_1746341
Level 7
Level 7
10 comments on KBA 5 comments on KBA First comment on KBA

hiko_4316286 wrote:

There is the following description on the third page of WICED-Resource-Filesystem.pdf

"It is expected that the data stored in the filesystem is not to be changed over the lifecycle of the device."

This is not true.

The default SDK does not implement update filesystem image, but you can implement it.

The filesystem is jsut an image (just like your application image), there is no reason it cannot be updated.

0 Likes