Go Down

Topic: stm32duino on raspberry (Read 4609 times) previous topic - next topic

koendv

stm32duino (arduino for stm32 arm processors) running natively on raspberry.

stm32duino for raspberrypi

zwieblum


pert

It's a shame this can't be done upstream in the original stm32duino project. Have they just refused to add ARM Linux support? As you've proven, it's not so difficult.

Failing that, you could make the installation much easier by providing a Boards Manager JSON file. Then there is no need for all this goofiness of having to manually install the hardware package (losing any other installed packages and your preferences in the process if you follow those instructions) and hard code in user-specific paths. That file would be an exact duplicate of the official stm32duino JSON file, but with the addition of the tools definitions for the arm-linux-gnueabihf host. I see you already have separate archive files hosted on GitHub for the gcc-arm-none-eabi and STM32Tools tools.

If you are interested in doing that, and have any questions, I'm happy to help.

koendv

#3
Dec 21, 2019, 01:52 pm Last Edit: Dec 21, 2019, 04:01 pm by koendv
OK. I'd like to take your advice, and create a .json file for the compiler toolchain. A .json permits a clean install of the toolchain. Also I can provide the stm32duino people with a "copy-paste" solution. I've read the "Arduino IDE 1.6.x package_index.json format specification". You have packages, an url, their size in bytes, the sha-256 checksum, fine. The questions that remain are about signing the packages.
- Why sign?
- How to sign? What's the .json syntax?
- Do all packages have to be signed?
- Do all packages have to be signed with the same signature?
IMHO, a section about signing in the package_index.json spec would not be a bad thing.

Happy Christmas!





pert

OK. I'd like to take your advice, and create a .json file for the compiler toolchain. A .json permits a clean install of the toolchain. Also I can provide the stm32duino people with a "copy-paste" solution.
Way cool!

- Why sign?
Security. The signed package prevents a package from being installed that has been modified to contain a malicious payload.

- How to sign? What's the .json syntax?
Unfortunately, there is currently no way for 3rd party packages to be signed. I had asked about that here (clearly demonstrating how clueless I am on this topic in the process):
https://github.com/arduino/Arduino/pull/9023#issuecomment-508904469
and received a nice answer from one of the Arduino developers here:
https://github.com/arduino/Arduino/pull/9023#issuecomment-510483255
Quote
Currently the signature check mechanism uses a public and private keys and consists in signing the Arduino's package_index.json server side with our private key, and checking the signature in the IDE using the Arduino's public key bundled in the IDE.

We are investigating in ways to make more secure also 3rd party cores indexes, maybe starting using our own key end ending up having some sort of CA mechanism similar to the one used by web browsers. But this is not so easy to implement so we implemented only the first bits of the feature.
- Do all packages have to be signed?
No.

- Do all packages have to be signed with the same signature?
I'm not clear on how the system will be implemented once support for signed 3rd party packages is added.

IMHO, a section about signing in the package_index.json spec would not be a bad thing.
For now, I don't think it would be helpful, since the target audience of that document is 3rd party hardware package developers, and this feature is not available to them. When the support is added for signed 3rd party packages, I'll make sure it is thoroughly documented on that page.


gitor

It's a shame this can't be done upstream in the original stm32duino project. Have they just refused to add ARM Linux support? As you've proven, it's not so difficult.

They do not refused to add the support.
https://github.com/stm32duino/Arduino_Core_STM32/issues/708

The way is to do it properly and be able to maintain it.

Go Up