chris brooke wrote: > I'm working on an embedded uClinux project. I am struggling to come > up with a clean way to upgrade the kernel in a system in the field. > The goal is to allow the users to easily upgrade the kernel using FTP > or HTTP (from a PC) without ever having the system vulnerable to a > power outage. How can I do this? > Are there any other obvious upgrade schemes I could use? > I've used netflash, but that requires the kernel image to reside on a > machine that has an FTP or TFTP server (ie not stock PC).
In my project, I fetch the new flash images to RAM (/tmp actually), then put the system into a quiet state, disable watchdog, and use "flashcp" to write them. That way I can use HTTP or anything else to fetch the images. (Usually it's rsync running over a proxy tunnelled over our own remote admin protocol.) My flash image is ROMFS format, and that's mounted while the device is running normally. Obviously it's not safe to access the ROMFS while it's being flashed, so my root filesystem is in RAM, setup by /sbin/init, and the ROMFS part is mounted on /mnt/romfs which I unmount before flashing a new image, and remount after if I don't want to reboot straight away. It's not safe if there's a power outage. To make it safe against power outage, I'd need my boot loader to understand JFFS2, and have enough free space for a two images at once, at least the essential parts like kernel. JFFS2 can be updated in a power safe way, by renaming a file or symbolic link over an existing one. Or, store the boot image in a partition, and have two such partitions, and have the boot loader check which one is newest (using a datestamp in each) and strong checksum before using it - this to catch power failure aborting a flashing process. - Jamie _______________________________________________ uClinux-dev mailing list uClinux-dev@uclinux.org http://mailman.uclinux.org/mailman/listinfo/uclinux-dev This message was resent by uclinux-dev@uclinux.org To unsubscribe see: http://mailman.uclinux.org/mailman/options/uclinux-dev