[U-Boot] start a second kernel/filesystem if first one is corrupted
To make a more stable system I want to put a second reduced linux (kernel/rootfs) onto flash memory. This should be boot automatically, if #1 fails for any reason. I tried to add this in bootcmd, but execution will be interuppted if the first bootm failes. Is there any chance to do so? (maybe it is even possible to compile this into bootloader, in case uboot environment gets corrupted/misconfigured)
Hi,
On Wed, Jan 13, 2010 at 04:02:10PM +0100, Arno Steffen wrote:
To make a more stable system I want to put a second reduced linux (kernel/rootfs) onto flash memory. This should be boot automatically, if #1 fails for any reason. I tried to add this in bootcmd, but execution will be interuppted if the first bootm failes. Is there any chance to do so?
yes, it is possible. You should provide more information about your system and what you already tried.
In my board, i have a rather crude approach for the actual boot command: "run xilinxload&&bootm 0x80000;update;reset"
If either of xilinxload [which configures an FPGA] or bootm fails, the update command is executed to allow updating the firmware and after update a reset is performed. This works for me on a coldfire, so in theory it should be possible to replace "update" by another "bootm...".
Using bootcount on systems supporting it is a much better solution, unfortunately it is not yet implemented for coldfire.
(maybe it is even possible to compile this into bootloader, in case uboot environment gets corrupted/misconfigured)
IIRC there is a read-only option for the environment.
Regards, Wolfgang
Dear Arno Steffen,
In message 804f0d21001130702x2aaa39e8t8677d5360885caa8@mail.gmail.com you wrote:
To make a more stable system I want to put a second reduced linux (kernel/rootfs) onto flash memory. This should be boot automatically, if #1 fails for any reason.
This is a standard mode of operation, and well documented. See the example in the FAQ: http://www.denx.de/wiki/view/DULG/CommandLineParsing#Section_14.2.16.3.
I tried to add this in bootcmd, but execution will be interuppted if the first bootm failes.
You must have done something wrong.
Is there any chance to do so?
Sure.
(maybe it is even possible to compile this into bootloader, in case uboot environment gets corrupted/misconfigured)
We use redundant environment with checksums to prevent this.
Best regards,
Wolfgang Denk
@ Wolfgang W.
I am using a OMAP board with a Cortex A8
Ok, it normaly executes commands after each other. But in case the rootfs is invalid in boots kernel and ends up with kernel panic which causes a reboot. In this way the second command will not be executed bootcmd=run boot_fs1; run boot_fs2
Bootcount is a great idea, but don't know right now how to do this. Also it will stress the flash, as it has to change the environment every time it boots.
@Wolfgang D.
Although I add hush to my config file #define CONFIG_HUSH_PARSER 1 /* use "hush" command parser */
and it compiles hush.c to hush.o I get
Unknown command 'if'
Dear Arno Steffen,
In message 804f0d21001140104o3543921cx2b4422fbc8a9e6b@mail.gmail.com you wrote:
Ok, it normaly executes commands after each other. But in case the rootfs is invalid in boots kernel and ends up with kernel panic which causes a reboot. In this way the second command will not be executed bootcmd=run boot_fs1; run boot_fs2
Right, this method can only detect when the boot command fails, for example because of corrupted images. It cannot handle situations where the kernel crashes, or where the application does not start up successfully. To handle such situations you have to use the bootcount feature, usually combined with a hardware watchdog which will reset your board in cases where it just hangs.
Bootcount is a great idea, but don't know right now how to do this. Also it
Hire an expert, then.
will stress the flash, as it has to change the environment every time it boots.
No, this is wrong. Nothing neds to get written to flash when booting. The boot counter is NOT stored in the environment, but in some hardware register or other storage that is known not to change it's value during a reset.
Although I add hush to my config file #define CONFIG_HUSH_PARSER 1 /* use "hush" command parser */
and it compiles hush.c to hush.o I get
Unknown command 'if'
Can you please provide the full log, including all your input and all output? Please include the same (full input and output) for running this command:
=> echo foo || echo bar
Best regards,
Wolfgang Denk
2010/1/14 Wolfgang Denk wd@denx.de
Dear Arno Steffen,
In message 804f0d21001140104o3543921cx2b4422fbc8a9e6b@mail.gmail.com you wrote:
Ok, it normaly executes commands after each other. But in case the rootfs
is
invalid in boots kernel and ends up with kernel panic which causes a
reboot.
In this way the second command will not be executed bootcmd=run boot_fs1; run boot_fs2
Right, this method can only detect when the boot command fails, for example because of corrupted images. It cannot handle situations where the kernel crashes, or where the application does not start up successfully. To handle such situations you have to use the bootcount feature, usually combined with a hardware watchdog which will reset your board in cases where it just hangs.
Bootcount is a great idea, but don't know right now how to do this. Also
it
Hire an expert, then.
will stress the flash, as it has to change the environment every time it boots.
No, this is wrong. Nothing neds to get written to flash when booting. The boot counter is NOT stored in the environment, but in some hardware register or other storage that is known not to change it's value during a reset.
Although I add hush to my config file #define CONFIG_HUSH_PARSER 1 /* use "hush" command parser */
and it compiles hush.c to hush.o I get
Unknown command 'if'
Can you please provide the full log, including all your input and all output? Please include the same (full input and output) for running this command:
=> echo foo || echo bar
Best regards,
Wolfgang Denk
-- DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de After Goliath's defeat, giants ceased to command respect.
- Freeman Dyson
Thanks for answer. My uboot is a 2008.10 (Mistral/TI EVM board)
OMAP3 # echo foo || echo bar foo || echo bar OMAP3 # setenv check 'if imi $addr; then echo Image OK; else echo Image corrupted!!; fi' OMAP3 # run check Unknown command 'if' - try 'help' Unknown command 'then' - try 'help' Unknown command 'else' - try 'help' Unknown command 'fi' - try 'help' OMAP3 #
The line:
#define CONFIG_HUSH_PARSER 1 /* use "hush" command parser */ I put into /include/configs/omap3_evm.h
Best regards Arno
participants (3)
-
Arno Steffen -
Wolfgang Denk -
wolfgang@leila.ping.de