Hi,

Power disconnect during firmware update:

We are implementing facility for automatic firmware upgrades (either the Linux uImage or cramfs) on our embedded device. However there is a requirement that the device is not broken by (the user for example) disconnecting the power supply at any stage during the flash update.

In the absence of a backup battery, I guess the boot loader would have to be modified to cope with this. Has anybody produced a solution already?

If not I’m considering adding a command to u-boot. ‘update’ could work as follows:

1) Linux application / scripts are responsible for downloading the firmware upgrade, then erasing and copying into an image in free area of the flash with CRC.

2) Linux reboots the device, so u-boot can take over.

3) ‘update’ command is called early in bootcmd script.

4) ‘update’ routine checks specified flash location for new upgrade image with valid CRC. If no image found or has bad CRC it returns, control passes to next command in bootcmd, and Linux boots normally.

5) ‘update’ routine erases target area of flash, and then copies content of upgrade image to target location.

6) ‘update’ routine erases upgrade image to prevent upgrade attempt on subsequent boots.

Power cut during stage 1 would result in original firmware remaining.

Power cut during stages 2 to 5 would result in firmware upgrade when power is restored.

Power cut during state 6 would result in new firmware remaining. (as partial erase of update image would have bad CRC).

Maybe the upgrade (cramfs, kernel uImage, etc) could be stored in another uImage with a new type.

Any comments?

Ian