suit: Move IPUC initialization to the first op

Change flash_ipuc driver, so the memory is not initialized inside the
constructor, but on the first operation done through flash API.
Add an additional API that allows to filter out uninitialized IPUCs in
the SUIT cache RW implementation, so the logic there will not read the
memory contents that are erased upon the first IPUC flash API usage.

Ref: NCSDK-32192

Signed-off-by: Tomasz Chyrowicz <[email protected]>

Author: tomchy

drivers/flash/Kconfig

@@ -15,7 +15,7 @@ if FLASH_IPUC
 
 config FLASH_IPUC_COUNT
 	int "Number of available flash IPUC drivers"
-	default 1
+	default 4
 
 module = FLASH_IPUC
 module-str = Flash over SUIT IPUC

drivers/flash/flash_ipuc/flash_ipuc.c

@@ -40,13 +40,19 @@ struct ipuc_context {
 	uintptr_t address;
 	size_t size;
 	bool read_access;
+	bool setup_pending;
+#ifdef CONFIG_FLASH_PAGE_LAYOUT
+	struct flash_pages_layout pages_layout;
+#endif /* CONFIG_FLASH_PAGE_LAYOUT */
 };
 
 #define DEFINE_NRF_IPUC_DATA(x, _)                                                                 \
 	static struct ipuc_context ipuc_context_data_##x = {                                       \
 		.component_id = {NULL, 0},                                                         \
 		.address = 0,                                                                      \
 		.size = 0,                                                                         \
+		.setup_pending = false,                                                            \
+		.pages_layout = {0},                                                               \
 	}
 
 #define DEFINE_NRF_IPUC(x, _)                                                                      \
@@ -109,6 +115,18 @@ static int nrf_ipuc_write(const struct device *dev, off_t offset, const void *da
 		return -ENOMEM;
 	}
 
+	if (ctx->setup_pending) {
+		LOG_DBG("setup: %p:%zu", (void *)ctx->address, ctx->size);
+
+		plat_ret = suit_ipuc_write_setup(&ctx->component_id, NULL, NULL);
+		if (plat_ret != SUIT_PLAT_SUCCESS) {
+			LOG_ERR("Failed to setup IPUC for writing: %d", plat_ret);
+			return -EIO;
+		}
+
+		ctx->setup_pending = false;
+	}
+
 	LOG_DBG("write: %p:%zu", (void *)offset, len);
 
 	if (len == 0) {
@@ -182,10 +200,11 @@ static int nrf_ipuc_write(const struct device *dev, off_t offset, const void *da
 
 static int nrf_ipuc_erase(const struct device *dev, off_t offset, size_t size)
 {
-	static const uint8_t erase_block[WRITE_BLOCK_SIZE] __ALIGNED(CACHE_ALIGNMENT) = {
-		ERASE_VALUE};
+	const uint8_t erase_block[WRITE_BLOCK_SIZE] __ALIGNED(CACHE_ALIGNMENT) = {
+		[0 ... WRITE_BLOCK_SIZE - 1] = ERASE_VALUE};
 	suit_plat_err_t plat_ret = SUIT_PLAT_SUCCESS;
 	struct ipuc_context *ctx = NULL;
+	size_t bytes_erased = 0;
 
 	if (dev == NULL) {
 		return -EINVAL;
@@ -209,17 +228,48 @@ static int nrf_ipuc_erase(const struct device *dev, off_t offset, size_t size)
 		return -EIO;
 	}
 
+	if (ctx->setup_pending) {
+		/* Any write sets up the IPUC, which erases the whole area, so we may return here
+		 * immediately.
+		 */
+		return 0;
+	}
+
 	LOG_DBG("erase: %p:%zu", (void *)offset, size);
 
+	if (size == ctx->size) {
+		/* Optimize: Use write_setup() to erase the whole area with a single SSF IPC call.
+		 */
+		LOG_DBG("setup: %p:%zu", (void *)ctx->address, ctx->size);
+
+		plat_ret = suit_ipuc_write_setup(&ctx->component_id, NULL, NULL);
+		if (plat_ret != SUIT_PLAT_SUCCESS) {
+			LOG_ERR("Failed to erase IPUC through write setup: %d", plat_ret);
+			return -EIO;
+		}
+
+		return 0;
+	}
+
 	while (size > 0) {
+		bytes_erased = MIN(sizeof(erase_block), size);
 		plat_ret = suit_ipuc_write(&ctx->component_id, offset, (uintptr_t)erase_block,
-					   sizeof(erase_block), false);
+					   bytes_erased, false);
 		if (plat_ret != SUIT_PLAT_SUCCESS) {
+			LOG_ERR("Failed to erase IPUC (%p:%zu): %d",
+				(void *)(ctx->address + offset), bytes_erased, plat_ret);
 			return -EIO;
 		}
 
-		offset += sizeof(erase_block);
-		size -= sizeof(erase_block);
+		offset += bytes_erased;
+		size -= bytes_erased;
+
+		/* The erase operation generates a lot of SSF requests.
+		 * It is necessary to give some time SDFW, so it is able to feed the watchdog.
+		 */
+		if ((offset % 0x10000 == 0) && (size > 0)) {
+			k_sleep(K_MSEC(2));
+		}
 	}
 
 	return 0;
@@ -241,11 +291,31 @@ static const struct flash_parameters *nrf_ipuc_get_parameters(const struct devic
 	return &parameters;
 }
 
+#if defined(CONFIG_FLASH_PAGE_LAYOUT)
+static void nrf_ipuc_page_layout(const struct device *dev, const struct flash_pages_layout **layout,
+				 size_t *layout_size)
+{
+	struct ipuc_context *ctx = NULL;
+
+	if (dev == NULL) {
+		return;
+	}
+
+	ctx = (struct ipuc_context *)dev->data;
+
+	*layout = &ctx->pages_layout;
+	*layout_size = 1;
+}
+#endif
+
 static const struct flash_driver_api nrf_ipuc_api = {
 	.read = nrf_ipuc_read,
 	.write = nrf_ipuc_write,
 	.erase = nrf_ipuc_erase,
 	.get_parameters = nrf_ipuc_get_parameters,
+#if defined(CONFIG_FLASH_PAGE_LAYOUT)
+	.page_layout = nrf_ipuc_page_layout,
+#endif
 };
 
 static bool read_access_check(suit_manifest_role_t role)
@@ -338,7 +408,7 @@ static struct device *flash_component_ipuc(struct zcbor_string *component_id,
 
 	dev = get_free_dev();
 	if (dev == NULL) {
-		LOG_ERR("Maximum number of IPUCs reached");
+		LOG_WRN("Unable to allocate new component IPUC device - no free instances");
 		return NULL;
 	}
 
@@ -371,13 +441,6 @@ static struct device *flash_component_ipuc(struct zcbor_string *component_id,
 				continue;
 			}
 
-			plat_err = suit_ipuc_write_setup(&ctx->component_id, encryption_info,
-							 compression_info);
-			if (plat_err != SUIT_PLAT_SUCCESS) {
-				LOG_ERR("Failed to setup IPUC %d write: %d", i, plat_err);
-				break;
-			}
-
 			LOG_INF("IPUC for address range (0x%lx, 0x%x) created", ctx->address,
 				ctx->size);
 		}
@@ -388,6 +451,12 @@ static struct device *flash_component_ipuc(struct zcbor_string *component_id,
 			ctx->read_access = false;
 		}
 
+		ctx->setup_pending = true;
+#ifdef CONFIG_FLASH_PAGE_LAYOUT
+		ctx->pages_layout.pages_count = 1;
+		ctx->pages_layout.pages_size = ctx->size;
+#endif /* CONFIG_FLASH_PAGE_LAYOUT */
+
 		return dev;
 	}
 
@@ -431,8 +500,15 @@ static struct device *flash_cache_ipuc(uintptr_t min_address, uintptr_t *ipuc_ad
 	size_t i_max = 0;
 	uintptr_t range_addr;
 
+	if ((ipuc_address == NULL) || (ipuc_size == NULL)) {
+		LOG_WRN("Invalid input arguments: (0x%lx, 0x%lx)", (uintptr_t)ipuc_address,
+			(uintptr_t)ipuc_size);
+		return NULL;
+	}
+
 	dev = get_free_dev();
-	if ((dev == NULL) || (ipuc_address == NULL) || (ipuc_size == NULL)) {
+	if (dev == NULL) {
+		LOG_WRN("Unable to allocate new cache IPUC device - no free instances");
 		return NULL;
 	}
 
@@ -497,16 +573,15 @@ static struct device *flash_cache_ipuc(uintptr_t min_address, uintptr_t *ipuc_ad
 	}
 
 	if (!dry_run) {
-		plat_err = suit_ipuc_write_setup(&ctx->component_id, NULL, NULL);
-		if (plat_err != SUIT_PLAT_SUCCESS) {
-			flash_ipuc_release(dev);
-			return NULL;
-		}
-
 		LOG_INF("Cache IPUC at idx %d for address range (0x%lx, 0x%x) created", i_max,
 			ctx->address, ctx->size);
 	}
 
+	ctx->setup_pending = true;
+#ifdef CONFIG_FLASH_PAGE_LAYOUT
+	ctx->pages_layout.pages_count = 1;
+	ctx->pages_layout.pages_size = ctx->size;
+#endif /* CONFIG_FLASH_PAGE_LAYOUT */
 	*ipuc_address = ctx->address;
 	*ipuc_size = ctx->size;
 
@@ -559,3 +634,19 @@ struct device *flash_ipuc_find(uintptr_t address, size_t size, uintptr_t *ipuc_a
 
 	return NULL;
 }
+
+bool flash_ipuc_setup_pending(const struct device *dev)
+{
+	struct ipuc_context *ctx;
+
+	if (dev == NULL) {
+		return false;
+	}
+
+	ctx = (struct ipuc_context *)dev->data;
+	if (ctx->component_id.value != NULL) {
+		return ctx->setup_pending;
+	}
+
+	return false;
+}

include/drivers/flash/flash_ipuc.h

@@ -89,6 +89,13 @@ bool flash_cache_ipuc_check(uintptr_t min_address, uintptr_t *ipuc_address, size
 struct device *flash_ipuc_find(uintptr_t address, size_t size, uintptr_t *ipuc_address,
 			       size_t *ipuc_size);
 
+/**
+ * @brief Check if IPUC device was not initialized over SSF.
+ *
+ * @param[in]  dev  Reference to the IPUC device to release.
+ */
+bool flash_ipuc_setup_pending(const struct device *dev);
+
 #ifdef __cplusplus
 }
 #endif

subsys/suit/cache/src/suit_dfu_cache_helpers.c

@@ -29,14 +29,11 @@ static bool is_cache_ipuc_uninitialized(struct dfu_cache_pool *cache_pool)
 {
 	uintptr_t ipuc_address;
 	size_t ipuc_size;
-	bool ipuc_possible =
-		flash_cache_ipuc_check((uintptr_t)cache_pool->address, &ipuc_address, &ipuc_size);
+	struct device *ipuc_dev = flash_ipuc_find((uintptr_t)cache_pool->address, cache_pool->size,
+						  &ipuc_address, &ipuc_size);
 
-	if (ipuc_possible) {
-		if (flash_ipuc_find((uintptr_t)cache_pool->address, cache_pool->size, &ipuc_address,
-				    &ipuc_size) == NULL) {
-			return true;
-		}
+	if ((ipuc_dev != NULL) && (flash_ipuc_setup_pending(ipuc_dev))) {
+		return true;
 	}
 
 	return false;