[U-Boot] [RFC] Bootcount improvements

[Alexandre Dilly]

Hi,

I'm working on an open source automatic updater for embedded systems. The goal of this project is to split a flash memory or disk in multiple partition (2 or more) and install a new root filesystem  on an empty or outdated partition. 

After reboot, we count the boot attempts on this new version of the system and if it fails to boot, we switch back to the last working partition. This guarantees that we will eventually boot on a correct partition and that there is no chance to have an unsupervised equipment hang at the u-boot prompt.

The u-boot environment would contain the name of the partition to test and the partition to fallback to. I would rewrite the u-boot environment after installing the new partition and use  CONFIG_ENV_OFFSET_REDUND to make it powerfail-safe.

To handle the boot attempts count, I've seen the 'bootcount' driver. However, it doesn't support all cpu and memories.

I intend to improve the 'bootcount' driver by adding two features:
- add  eeprom and flash memories as places to load/save the bootcount value.
- add an environment variable  'enable_bootcount' to enable/disable bootcount from the environment (and not at compile time) to avoid writing to flash/eeprom once the partition is known to be good and thus avoid useless memory wear.

I intend to upstream these features but I would like early input/criticism/ideas. Moreover I would like to make sure this goes well into the general philosophy of U-Boot and, if it doesn't, how I can change it to have it fit.

Any suggestion is welcome

Best regards,
Alexandre Dilly