Skip to content

April 20th, 2021
Compare
Choose a tag to compare
@theacodes theacodes released this 21 Apr 03:51
· 249 commits to main since this release
2021.04.20
d4e1f4b

This is a critical bugfix release for Castor & Pollux's firmware, Gemini ♊️.

NOTE: We have released a newer version with additional safeguards, download here

YOU SHOULD INSTALL THIS VERSION OR NEWER AS SOON AS POSSIBLE. It fixes a bug that can brick your module (more details below).

👉 Most users should download gemini-firmware-2021.04.20-release.uf2 👈

Please follow the firmware upgrade instructions in the user's guide to upgrade your device's firmware.

About the files

  • The uf2 files can be installed using the firmware upgrade instructions in the user's guide.
  • The elf files and are for testing & debugging and can be programmed using an appropriate debug probe.
  • The release builds are built without debugging information.
  • The debug builds are built with debugging information.

Build identifier

Each release of the firmware has a unique build ID. This ID can be seen when using the online settings editor and allows finding the exact firmware version on your device. The build IDs for this version are:

  • Release: 2021.04.20 (release) on 04/21/2021 03:36 UTC with gcc 10.2.1 by stargirl@stargirls-mbp.lan
  • Debug: 2021.04.20 (debug) on 04/21/2021 03:36 UTC with gcc 10.2.1 by stargirl@stargirls-mbp.lan

Changes from 2021.03.9

User_guide:

  • Add burn-in testing information
  • Use winterjs for the settings editor.

Firmware:

  • Check bootloader write protection fuses during initialization
  • Remove tests for libwinter's midi core and bezier, as they're now in the libwinter repository

User guide:

  • Fix typo
  • Add warranty information
  • Fix broken anchor link (#12)

Factory:

  • Small tweaks to the monitor and calibration scripts.

Other:

  • Create funding.yml

Detailed explanation of critical bug

Castor & Pollux actually has two separate programs on it: a small bootloader and the firmware (this repository). The bootloader is the Adafruit uf2-samdx1. The bootloader has two roles: make it easy to upgrade the firmware over USB and provide a failsafe in the event of a bad firmware upgrade.

In order to be a proper failsafe, the bootloader's code needs to be protected in case there's a bug in the firmware that could lead to corruption. Castor & Pollux's microcontroller has a feature for this called bootloader protection. It's a persistent setting that prevents any writes to the bootloader's code unless a very specific sequence is used.

We had been working under the assumption that the bootloader would enable this setting automatically and that we wouldn't need to enable it manually. However, we were mistaken; the bootloader only enables this setting in two very specific circumstances that wouldn't usually occur during normal operation. This means that bootloader protection is disabled and it's possible to corrupt the bootloader.

We have observed bootloader corruption on at least three modules. While this corruption won't harm the module's hardware, it will soft brick the module and the only way to repair it is to restore the bootloader using a hardware programmer/debugger.

Assets 6
Loading