Dear Martin,
in message cqbedv$el6$1@sea.gmane.org you wrote:
I have plans of using u-boot as the last-and-ever-working application-firmware-upgrade (in case my Linux [from NAND] is somehow damged).
You're not the first to implement this. See the existing code.
Hence my plans are that U-boot should perform the following on startup:
- Try fetching new application-image using tftp against some hardcoded
address
Why a hardcoded address instead of the usual, configurable mechanism?
- Timeout after 2 secs if no connection (skip to pt 5) (logigs needed)
A timeout is probably not what you want. And how do you define "no connection"? There is many steps for a TFTP download which can produce errors, and you will need to handle them - a simple timeout may as well kill running download, or otherwise stuck downloads may hang your system.
- Perform some simple validation of the image - e.g. check that the
last bytes of the image is "egholm" (logics needed)
Why not use the built-in verification (through CRC checksum. timestamp, image name etc.) ? See for example board/trab/auto_update.c
I reckon there is a problem with 2) where the remainder of the script should only run in case the tftp-action went well. And the same goes for 3).
Does this idea have a future?
The ide is OK. It has been implemented before. But I disagree with your approach, at least as far as the timeout and image verification are concerned.
Best regards,
Wolfgang Denk