[U-Boot] [PATCH v2 3/7] spl: nand: support redundant u-boot image
Scott Wood
oss at buserror.net
Sat Jun 4 03:15:16 CEST 2016
On Wed, 2016-06-01 at 13:23 +0200, Boris Brezillon wrote:
> On modern NAND it's more than recommended to have a backup copy of the
> u-boot binary to recover from corruption: bitflips are quite common on
> MLC NANDs, and the read-disturbance will corrupt your u-boot partitition
> more quickly than what you would see on an SLC NAND.
Wouldn't the same happen to the SPL itself? Or is the boot block implemented
in a different, more robust manner?
> Add an extra Kconfig option to specify the offset of the redundant u-boot
> image.
>
> Signed-off-by: Boris Brezillon <boris.brezillon at free-electrons.com>
> Acked-by: Hans de Goede <hdegoede at redhat.com>
> ---
> common/spl/spl_nand.c | 8 ++++++++
> drivers/mtd/nand/Kconfig | 6 ++++++
> 2 files changed, 14 insertions(+)
>
> diff --git a/common/spl/spl_nand.c b/common/spl/spl_nand.c
> index 612bd4a..0bf0848 100644
> --- a/common/spl/spl_nand.c
> +++ b/common/spl/spl_nand.c
> @@ -12,6 +12,9 @@
>
> #ifndef CONFIG_SYS_NAND_U_BOOT_OFFS
> #define CONFIG_SYS_NAND_U_BOOT_OFFS CONFIG_SPL_NAND_U_BOOT_OFFS
> +#define CONFIG_SYS_NAND_U_BOOT_OFFS_REDUND
> CONFIG_SPL_NAND_U_BOOT_OFFS_REDUND
> +#else
> +#define CONFIG_SYS_NAND_U_BOOT_OFFS_REDUND CONFIG_SYS_NAND_U_BOOT_OFFS
> #endif
>
> #if defined(CONFIG_SPL_NAND_RAW_ONLY)
> @@ -111,6 +114,11 @@ int spl_nand_load_image(void)
> #endif
> /* Load u-boot */
> err = spl_nand_load_element(CONFIG_SYS_NAND_U_BOOT_OFFS, header);
> +#if CONFIG_SYS_NAND_U_BOOT_OFFS != CONFIG_SYS_NAND_U_BOOT_OFFS_REDUND
> + if (err)
> + err =
> spl_nand_load_element(CONFIG_SYS_NAND_U_BOOT_OFFS_REDUND,
> + header);
> +#endif
If one of the images has failed, doesn't it need to be reflashed before the
other one goes bad as well? How does the failure get communicated to later
parts of the system that would be responsible for such reflashing?
-Scott
More information about the U-Boot
mailing list