[U-Boot-Users] Safe firmware updates

Wolfgang Denk wd at denx.de
Fri Feb 17 01:29:54 CET 2006


In message <9D8FC3304AA0924E9CD0A211DFEDCBAB0164D7AF at bespin.apdcomms.co.uk> you wrote:
> 
> We are implementing facility for automatic firmware upgrades (either the
> Linux uImage or cramfs) on our embedded device. However there is a
> requirement that the device is not broken by (the user for example)
> disconnecting the power supply at any stage during the flash update.

This is not new. It's actually a astandrard requirement.

> In the absence of a backup battery, I guess the boot loader would have
> to be modified to cope with this. Has anybody produced a solution
> already?

There is no need to change anything. U-Boot is perfectly  capable  of
supporting such requirements.

> 4) 'update' routine checks specified flash location for new upgrade
> image with valid CRC. If no image found or has bad CRC it returns,
> control passes to next command in bootcmd, and Linux boots normally.
> 
> 5) 'update' routine erases target area of flash, and then copies content
> of upgrade image to target location.

Why would you do that if the new image is already in flash? Just swap
boot addresses...

> Any comments?

Your design is much too complicated. Keep it simple.

Best regards,

Wolfgang Denk

-- 
Software Engineering:  Embedded and Realtime Systems,  Embedded Linux
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
"Data is a lot like humans: It is  born.  Matures.  Gets  married  to
other  data, divorced. Gets old. One thing that it doesn't do is die.
It has to be killed."                                 - Arthur Miller




More information about the U-Boot mailing list