[U-Boot] [PATCH 2/4] env_nand.c: support falling back to redundant env when writing
Phil Sutter
phil.sutter at viprinet.com
Fri Dec 7 12:53:34 CET 2012
Scott,
On Thu, Dec 06, 2012 at 12:18:39PM -0600, Scott Wood wrote:
> On 11/28/2012 03:06:00 PM, Phil Sutter wrote:
> > Hi,
> >
> > On Tue, Nov 27, 2012 at 04:04:15PM -0600, Scott Wood wrote:
> > > On 11/21/2012 06:59:19 AM, Phil Sutter wrote:
> > > > Without this patch, when the currently chosen environment to be
> > > > written
> > > > has bad blocks, saveenv fails completely. Instead, when there is
> > > > redundant environment fall back to the other copy. Environment
> > reading
> > > > needs no adjustment, as the fallback logic for incomplete writes
> > > > applies
> > > > to this case as well.
> > > >
> > > > Signed-off-by: Phil Sutter <phil.sutter at viprinet.com>
> > >
> > > Isn't this what CONFIG_ENV_RANGE is supposed to deal with?
> >
> > Yes, that is more or less what is supposed to help for cases like
> > this.
> > But given the fact that CONFIG_ENV_RANGE needs to span multiple erase
> > pages which in our case are 128k in size, this is quite a deal.
> > Especially since one needs to have multiple pages for both normal and
> > redundant environment to be really sure.
>
> And *that* is what CONFIG_ENV_OFFSET_OOB is supposed to deal with. :-)
Good to know, I already wondered what exactly this option is there for.
> Though at the moment redundant environment is not supported with
> CONFIG_ENV_OFFSET_OOB.
I will have a look at it now, because that could be an elegant solution
for both of us I think.
> > But, we already have a fixed hashmap in field, so using
> > CONFIG_ENV_RANGE
> > is simply no option.
>
> That's relevant to what you put in your product, but it shouldn't be
> the basis of how mainline U-Boot does things for all boards.
Yes, of course. That was merely me explaining myself, not so much of a
real point in matters of what should go mainline and what not.
> > > Redundant environment is to deal with other problems such as a power
> > > failure during saveenv. If you just fall back to the other copy,
> > > you're silently losing the redundancy.
> >
> > The alternative to silently losing redundancy in case one of the
> > blocks
> > in either normal or redundant env areas turns bad is to not being able
> > to save the environment at all anymore. I'd prefer dropping the
> > redundancy but still having a working system then. ;)
>
> Another alternative is to noisily lose redundancy.
Would that be an acceptable alternative from your point of view? Having
CONFIG_ENV_OFFSET_OOB in mind, there may be situations where all blocks
of either one of the redundant environments get bad (quite artificial, I
know). Losing redundancy in exchange for keeping env writeability could
still be an option then. What do you think?
Best wishes,
Phil Sutter
Software Engineer
--
Viprinet Europe GmbH
Mainzer Str. 43
55411 Bingen am Rhein
Germany
Phone/Zentrale: +49 6721 49030-0
Direct line/Durchwahl: +49 6721 49030-134
Fax: +49 6721 49030-109
phil.sutter at viprinet.com
http://www.viprinet.com
Registered office/Sitz der Gesellschaft: Bingen am Rhein, Germany
Commercial register/Handelsregister: Amtsgericht Mainz HRB44090
CEO/Geschäftsführer: Simon Kissel
More information about the U-Boot
mailing list