This is the mail archive of the ecos-discuss@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Failsafe Firmware Updates


On Tue, May 16, 2006 at 10:40:21AM +1000, Stewart Heitmann wrote:
> Can Redboot be setup to boot a second linux image
> in case the first one fails to boot?
> 
> I want to be able to upgrade my firware in the field,
> and if the new firmware fails to boot then I would
> like Redboot to revert to a factory-default firmware
> image as a fallback position (on the next power-up).
> 
> So how can Redboot tell if the previous boot failed?
> And if it can tell, how does it then change its own
> config settings? The boot scripts don't appear to
> support conditional statements of any kind.

Actually, there is kind of support for conditional actions. If the
load fails, the exec will do nothing. So you build a chain

load -m file /boot/vmlinuz
exec
load -m file /boot/vmlinuz.old
exec

I don't know is if linux itself can return. The z in vmlimunz means it
is compressed. If the decompression fails i don't know if it just
panic's or does it return back to the caller? 

Also, what is your definition of a boot failling? The kernel failed to
load? The kernel failed to initialize? The root filesystem failed to
mount? init failed to spawn? Tetris could not be found?

What solution you adopt will depend on how you define failed to
boot...

        Andrew

-- 
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]