Open
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new OTA demonstrator project (dm-wolfssl-ota-client-with-zephyr) for FRDM-MCXN947 that combines Zephyr (Non-Secure), wolfSSL/wolfMQTT, and wolfBoot (Secure world) to download and apply firmware updates via MQTT.
Changes:
- Introduces Zephyr-based OTA client app that downloads an update image into wolfBoot slot1 and triggers an update.
- Adds a host-side “fwserver” tool to publish an erase command + firmware chunks over MQTT/TLS.
- Adds a Dockerized Mosquitto broker setup plus wolfBoot patch/config and demo documentation/assets.
Reviewed changes
Copilot reviewed 39 out of 42 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| dm-wolfssl-ota-client-with-zephyr/wolfbootConfig/0001-Update-configs-and-memory-map.patch | wolfBoot patch adjusting SAU regions, ENET non-secure IRQs, flash origin, and RAM layout. |
| dm-wolfssl-ota-client-with-zephyr/wolfbootConfig/.config | wolfBoot build configuration for MCXN947 + TrustZone settings and partitions. |
| dm-wolfssl-ota-client-with-zephyr/src/user_settings.h | wolfSSL/wolfMQTT configuration header tuned for Zephyr + TLS + algorithms. |
| dm-wolfssl-ota-client-with-zephyr/src/system_init_ns.c | Early non-secure SoC init hook for MCXN947 (coprocessors/ECC/cache/glitch detect). |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/mqttport.h | wolfMQTT portability layer additions for Zephyr sockets/filesystem wrappers. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/mqttport.c | Zephyr filesystem wrapper implementation for wolfMQTT examples. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/mqttnet.h | Network context definitions and init/deinit declarations for wolfMQTT client side. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/mqttexample.h | Shared example context/types and defaults used by the OTA client. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/mqttexample.c | Shared helpers including TLS setup/verify callback and file-loading helper. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/fwclient.h | Firmware client public API definitions. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/fwclient.c | OTA client implementation: erase/update-slot writing, chunking, and update trigger. |
| dm-wolfssl-ota-client-with-zephyr/src/mqttClient/firmware.h | Firmware transfer protocol definitions (topics, headers, QoS, sizes). |
| dm-wolfssl-ota-client-with-zephyr/src/main.c | Zephyr app entry: network bring-up + OTA client invocation + wolfBoot trigger. |
| dm-wolfssl-ota-client-with-zephyr/sample.yaml | Zephyr sample metadata and test tags. |
| dm-wolfssl-ota-client-with-zephyr/prj.conf | Zephyr Kconfig for networking, wolfSSL/wolfMQTT, and non-secure TrustZone build. |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/dockerfile | Container recipe for Mosquitto-based test broker. |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/server.key | Broker TLS private key (currently committed). |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/server.csr | Broker CSR used for generating the certificate. |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/server.crt | Broker TLS server certificate. |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/ca.srl | CA serial file for certificate issuance. |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/ca.key | CA private key (currently committed). |
| dm-wolfssl-ota-client-with-zephyr/mqttBroker/certs/ca.crt | CA certificate for broker TLS chain. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/mqttport.h | Host-side wolfMQTT port header for fwserver build. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/mqttport.c | Host-side port implementation (filesystem wrappers). |
| dm-wolfssl-ota-client-with-zephyr/fwserver/mqttnet.h | Host-side network context/type definitions for fwserver. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/mqttexample.h | Host-side example context/types and defaults. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/mqttexample.c | Host-side TLS setup/verify callback and helpers. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/fwserver.h | fwserver public API header (currently naming/guard mismatch). |
| dm-wolfssl-ota-client-with-zephyr/fwserver/fwserver.c | fwserver implementation: publish erase command + chunked firmware messages. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/firmware.h | Host-side firmware protocol definitions and publish delay. |
| dm-wolfssl-ota-client-with-zephyr/fwserver/CMakeLists.txt | Standalone CMake build for fwserver linking against wolfMQTT/wolfSSL tree. |
| dm-wolfssl-ota-client-with-zephyr/dm-wolfssl-ota-client-with-zephyr.xml | Demo metadata descriptor for the Application Code Hub ecosystem. |
| dm-wolfssl-ota-client-with-zephyr/app.overlay | DT overlay overriding memory/partitions and ENET MAC behavior for wolfBoot map. |
| dm-wolfssl-ota-client-with-zephyr/README.md | End-to-end setup/run documentation for wolfBoot + Zephyr OTA demo. |
| dm-wolfssl-ota-client-with-zephyr/LICENSE.txt | License text for the demo’s distribution. |
| dm-wolfssl-ota-client-with-zephyr/Images/mcxn-OTA.svg | Sequence diagram asset for OTA flow. |
| dm-wolfssl-ota-client-with-zephyr/CMakeLists.txt | Zephyr app build configuration and wolfBoot NSC linkage wiring. |
| .gitignore | Adds **/svd to ignored outputs. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds OTA Demonstrator with wolfSSL products, Zephyr and TrustZone.
It's stored in new dm-wolfssl-ota-client-with-zephyr folder and tested on MCXN947.
OTA Demo consists of the following things: