[ECOS] problem with redboot fis/flashconfig
Neundorf, Alexander
Alexander.Neundorf@jenoptik.com
Mon Oct 4 09:06:00 GMT 2004
Hi,
as mentioned in an earlier email, we are considering using redboot as bootloader. Our endusers have to be able to run firmware updates *safely*.
After writing a new version of the firmware the fis directory has to be updated.
Now it seems the functions for writing the fis directory and for writing the flash config data aren't safe. They simply call flash_erase() and after this they call flash_program(). If the power is lost in between the data is lost and the device won't start again (since redboot won't find the fis directory).
I think what would have to be done is to implement a mechanism in redboot/fis/flashconfig so that when writing the new data a new copy is written, and when this has been successfully written, mark the new copy valid. Then redboot would need to evaluate the (new) "valid" flag of both copies when starting and choose the right one.
What do you think ? Am I wrong with this ? Has anybody already solved this problem ?
Bye
Alex
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss
More information about the Ecos-discuss
mailing list