This is the mail archive of the ecos-discuss@sources.redhat.com mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

problem with redboot fis/flashconfig


Hi,

as mentioned in an earlier email, we are considering using redboot as bootloader. Our endusers have to be able to run firmware updates *safely*.
After writing a new version of the firmware the fis directory has to be updated.
Now it seems the functions for writing the fis directory and for writing the flash config data aren't safe. They simply call flash_erase() and after this they call flash_program(). If the power is lost in between the data is lost and the device won't start again (since redboot won't find the fis directory).

I think what would have to be done is to implement a mechanism in redboot/fis/flashconfig so that when writing the new data a new copy is written, and when this has been successfully written, mark the new copy valid. Then redboot would need to evaluate the (new) "valid" flag of both copies when starting and choose the right one.

What do you think ? Am I wrong with this ? Has anybody already solved this problem ?

Bye
Alex

--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]