Any plans to merge this? Pull request was created more than a month ago.

Having OTA capability would be nice!

Do I understand it correctly that it would update the partition with micropython, but not the one with the filesystem?

Do I understand it correctly that it would update the partition with micropython, but not the one with the filesystem?

It moves the fs to its own partition, right now micropython ignores the partition table and uses space after micropython. This would corrupt a 2nd partition. You can update the fs too, but you do not need any code in mp to do it, it can be done in pure python code so this pull doesn't contain any code for it

Is the flash big enough for this? How would a typical layout with mp and fs look like?

Depends on your esp32 module. Most I work with have 4mb flash, enought for two mp partitions with 1.7mb each and a 512kb fs partition. My folder struktur is two folders at / one named "factory" and one named "ota_0". My boot.py then moves in the folder named after the boot partition and executes the boot.py and main.py there. Like that i can update the fs too, using a downloaded tar.

Thanks for explaining. C&P that to some docs file?

Updated to current master, fixed indentation. I will try to get our internal ota updater written in python added to the docu, just have to get an ok for it first. What more is needed to merge this?

I did not yet have time to publish our python side for this, but are there any plans to merge this?

@andynd: can you fix the makefile error? It's the ULP which has been added to the makefile.
Some examples of use would be nice, like:
esp.partition_find_first(1,129,None)
esp.ota_get_boot_partition()

Merged upstream master. Any idea where to put the examples? I don't want to add yet another readme file like I had to for the ulp.

I've added a README.ota.md on how to use this APIs. The code (in the README) is extracted from our product source code and some (irrelevant) parts removed. I have not tested it after I removed this parts but the production code is working so it should at most have some minor errors.

I've integrated it into my micropython tree, works just fine (after fixing the makefile merge)!
Thx for the good work, this is just what i needed!

Ps, you can't use a 512K fatvfs! The minimum for 4K sectors is 512K, but.... an additional 16K is being used for the WL (wear level). Here's what espressif said:

With 4k sector size, the smallest FAT partition size is 512K (128 sectors), plus 4 sectors used by WL, makes the minimum of 528K.

https://www.esp32.com/viewtopic.php?t=1897

Well the micropython implementation doesn't seem to have this limitation. Micropython doesn't use any of the esp-idf filesystem code.

Merged upstream master again. What is missing to finally merge this? The original PR is 7 months old.

@andynd guess it is the usual "many contributions, few reviewers/maintainers / little time" issue.

poke

more poke

Yes, because this pull request is over a year old. Unless somebody tells me he is going to merge it I will not again spend the time to fix it.

@dpgeorge ^^^

@dpgeorge: Wake up call...

@andynd : i've build my work on your pr, could you please fix the problem? I'll stalk @dpgeorge

@dpgeorge: what does it take to get this merged?

@dpgeorge ^^^

@dpgeorge : as long as this doesn’t getting merged, i won’t create the PR requested in #4436 ...
What’s the point in making PR’s if they are open more then a year?

I am watching this since quite a while and I think this project needs more core developers who are trusted enough to review and merge PRs into this project.

I don't have personal interest to become a core dev (I don't like coding in C and also do not use micropython that much, I like micropython, but basically just played with it yet), but I know there are people who would qualify (just look at the PRs and forks).

Also, considering that revision control makes it easy to also revert stuff in case something is found to be problematic, maybe PRs should be accepted more easily. New stuff can be marked experimental for a while, without any guarantees (not even for staying).

Open a ticket about this?

@ThomasWaldmann: I suspect that @dpgeorge wants to be in control and therefor doesn’t want to delegate the PR merge rights. Maybe that’s because of the breakup with pfalcon.
I don’t have the rights, so i can’t do it myself. My company is happy to pay to get this, and other PR’s, merged...
There are already three PR’s i need to get merged, so the question is who can do the merge and how much is that going to cost (in donation, contract work or whatever).

@Lisa999: The lack of progress really is super frustrating and it's a shame that pfalcon is not working at this repo any more. Maybe you can team up with pfalcon (or someone else) on his repo or find a fork where there are more activity (maybe LoBoris)?
I'd really like to see the project advancing so it would be nice to have people working together.

Sorry all for neglecting this. I'll try to make some progress here.

I think it's a good feature to have, so thanks @andynd for contributing it. But I think the way it's done, the way it is exposed at the Python level, needs to be changed.

The reason is because it looks like the approach here cannot support encrypted partitions (but please correct me if I'm wrong). That's because encrypted read/write must go through esp_partition_read/esp_partition_write (again, correct me if I'm wrong about this). If in the future encryption support was added to uPy we don't want to have to change everything, so it's good to think now how encryption would fit in.

As such my proposal would be to make the API more object-based, rather than pure function calls. In particular put emphasis on the concept of a Partition object. A Partition object would:

• contain a pointer (at the C level) to a esp_partition_t struct
• contain methods to retrieve the metadata (type, subtype, address, size, etc)
• contain methods to read/write/erase the partition

Partition objects would be created by esp_partition_find_first(), esp_ota_get_boot_partition() and esp_ota_get_running_partition(), and be passed to esp_ota_set_boot_partition() and esp_ota_get_next_update_partition().

For example the API could be:

class Partition:
    @staticmethod
    def find_first(type, subtype, label) -> Partition: ...

    def metadata(self) -> (type, subtype, address, size, label, encrypted): ...

    def readinto(self, offset, buf): ....
    def write(self, offset, buf): ....
    def erase(self, offset, size): ....

def ota_get_boot_partition() -> Partition: ...
def ota_get_running_partition() -> Partition: ...
def ota_set_boot_partition(part): ...
def ota_get_next_update_partition(part) -> Partition: ...

By having a Partition object you don't need to worry about passing the correct offsets to esp.write_flash etc. And Partition could in the future support the block protocol allowing it to have filesystems on it and be mounted, etc (so it'd replace the FlashBdev class).

See #4910 for a proposed Partition class.

@andynd: #4910 partitions support is great, is this PR still needed?

Is it posible to resolve those conflicts?

Is it posible to resolve those conflicts?

#4910 is integrated into the master branch, #3576 is obsolete now...

Where are we on this one? I got a bit lost with all those cross references... Is there documentation on how to make OTA possible?

Why is this PR still open? Is it hoping for someone to turn pieces of the README.ota.md into docs?

My guess this README.ota.md is outdated. @dpgeorge implemented the Partition Class which serves as a replacement for another Class which is used in this pull request.
I think there is no Updated README.ota.md yet.

In general: please understand that this code was written for a specific product with specific tradeoffs and making it open source was just an afterthought. Now that there is a Partition class, you can write some parts different and in a nicer way.

Please understand as well that we wanted secure (as in someone who controlles the network can not tamper with them) and not confidential (an attacker can read firmware images, they are not secret and we do not care if someone gets them). An attacker who attacks our server and steals the SSL certificate or replaces the binary was not our concern. For this scenario it is fine to transfere a hash of the update over a ssl protected connection with certificate pinning and not to do signature verification and to transmit the update chunks unencrypted.

#4910 and #5027 implemented all changes I did here in a better way, closing this PR.