subsys: allow to resume FOTA process

[edmont]

Persist minimal OTA session metadata and reuse DFU progress state
so interrupted Zigbee FOTA downloads can resume after reboot.

KRKNWK-21784

[Copilot]

Pull request overview

This PR adds support for resuming interrupted Zigbee OTA (FOTA) downloads after reboot by persisting minimal OTA session metadata in Zephyr settings and restoring DFU multi-image progress so downloads can continue from the previous offset.

Changes:

• Add persisted “resume state” (settings) and restore logic to restart an in-progress Zigbee OTA download after reboot/rejoin.
• Extend DFU multi-target writer integration to expose offset/reset hooks needed for progress restore.
• Adjust Kconfig to introduce a resume option and default-enable a settings backend (NVS/ZMS) based on flash type.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
subsys/lib/zigbee_scenes/Kconfig	Removes direct imply NVS from scenes (backend now handled centrally).
subsys/lib/zigbee_fota/src/zigbee_fota.c	Implements settings-backed resume state save/restore and integrates it into OTA/DFU flow.
subsys/lib/zigbee_fota/src/dfu_multi_target.c	Adds DFU writer offset/reset hooks (behind save-progress config).
subsys/lib/zigbee_fota/Kconfig	Introduces ZIGBEE_FOTA_DOWNLOAD_RESUME option and selects required dependencies.
subsys/Kconfig	Adds default backend selection (NVS vs ZMS) when Zigbee scenes/resume are enabled.

Comments suppressed due to low confidence (1)

subsys/lib/zigbee_fota/src/zigbee_fota.c:604

• The new gap check only rejects file_offset > current_offset, which allows file_offset < current_offset (duplicate/rewound fragments). With the current offset-to-DFU calculation, this can underflow (unsigned wrap) and/or re-write already-flashed data, corrupting the DFU stream. Either restore the strict file_offset != current_offset rejection, or explicitly handle file_offset < current_offset by skipping already-processed bytes before calling dfu_multi_image_write().

	if (ota->upgrade.receive.file_offset > current_offset) {
		LOG_WRN("OTA transfer gap. Expected: %d, received: %d",
			current_offset,
			ota->upgrade.receive.file_offset);
		return ZB_ZCL_OTA_UPGRADE_STATUS_ERROR;
	}

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Documentation Preview

The documentation has been built successfully. You can view the preview here: preview

Generated at: 2026-05-13 09:18:01 UTC with commit 84baa93.

Expand to view changed pages

File	Preview
docs/lib/zigbee_fota.rst	View

---

Note: The preview will be available after GitHub Pages deployment completes (usually 1-2 minutes). Ensure that generated at timestamp is up to date. If the Pull Request is stale for more than 30 days, the preview may be deleted. In this case, please update the Pull Request, or re-run the Build Documentation workflow to generate a new preview.

[kkasperczyk-no]

LGTM, just one more thing that came to my mind. If someone have used scenes before and will perform the DFU, the settings key name is going to change and data will be lost.

If you think it's a real threat we could do:

1. Inform in migration guide that someone needs to set back define to use old key name (easier option)
2. Implement auto-migration code that will copy existing entries and assign it with new key names (cool, but more complex and harder to maintain)