[U-Boot-Users] Re: Redundant environment

Tolunay Orkun listmember at orkun.us
Fri May 5 18:42:46 CEST 2006 

Wolfgang Denk wrote:
> Dear Tolunay,
>
> in message <445691EF.1000401 at orkun.us> you wrote:
>   
>> Yes, I can do it in saveenv code to cycle twice but I would rather avoid 
>> doing unlock/re-lock/over flag byte stuff twice.
>>
>> Whichever way Wolfgang favors I am ready to work on a patch.
>>     
>
> I think adding another set of N #ifdef's to implement this feature is
> not a good idea, when a single one (to duplicate the call  to  the  C
> function) does basicly the same.
>   

OK. That makes the patch simpler.

> Ummm... sorry for being stubborn, but before you start can you please
> re-try to explain to me in which specific situations you expect  this
> patch to actually improve the reliability of operation of the device?
>   

This patch would solve the issue that exists today that when the 
"active" environment is lost/corrupted for some reason the "redundant" 
environment would contain an exact copy of the primary to have the board 
come up without requiring the need to redo the changes that was lost on 
last save. Sometimes these changes could be critical enough not to allow 
the system boot the OS properly anymore (like changes to bootcmd, 
bootargs etc).

Among the things that can cause one environment to go corrupt would be 
charge decays in memory cells in aging flash, supply variations/noise 
during erase/write and random memory corruption when power is 
interrupted while another section of flash memory is being written/erased.

Sure these could cause other problems as well like if this issue happens 
for U-Boot code the system might become un-bootable. But at least we 
have full recovery for the case when it happens within U-Boot environment.

> I am aware that some people interpreted the term "redundand  environ-
> ment"  that two identical copies of the environment were stored. This
> was obviously an unlucky choice of the name for this feature.  Please
> let's  exclude  this  "I expected to see this, now change the code to
> match my expectations" aspect for a moment. However, I still fail  to
> see  any  improvements  in  the suggested change; actually I only see
> disadvantages like doubling the number of flash erase cycles for  the
> environment sectors.
>   
I understand you concern. In our application the environment would not 
be updated occasionally so that is not a big concern for us.

Best regards,
Tolunay

More information about the U-Boot mailing list