Re: [U-Boot] Rescue /alternative boot
Dear Albert,
2010/6/9 Albert ARIBAUD albert.aribaud@free.fr:
If the user is able to do something stupid then you should avoid it, e.g. not give the user the ability to alter the u-boot environment by making it
In fact, the normal user doesn't have access to change it. But even I can make faults.
You should consider accessibility to the bootloader prompt as a critical requirement before considering resiliency -- actually, access to U-boot is a last-resort, but good, response to the resiliency requirement.
I am not free to change this anymore. So I have to find another way via network.
Why can you not trust the u-boot environment? Maybe hardening the system against user-induced environment changes would help avoid the condition in the first place.
The system must be ready for updates - and they might go wrong, even by a typo.
- howto handle boot/kernel parameters? I only know the way via
environment variables
As Wolfgang pointed out, read the manual: passing parameters does not depend on how you got the image in the first place, and works the same whether you use TFTP, flash or hard disks.
In manual I just can see how to set commandline parameters. Everything ( I understand until now) is controled via environment. I have to put some code (before the environment is read) into uboot source to force a tftpboot with in-compiled parameters. And I don't have a clue howto and where to do this. It is not enough to set some default environment, as this becomes active only if CRC is failed. This will not help against a typo in the setting.
Best regards Arno
Dear Arno Steffen,
In message AANLkTim0KjSnkOhhm9Yst8xjtNM4yINO38S35qBxdES9@mail.gmail.com you wrote:
The system must be ready for updates - and they might go wrong, even by a typo.
Then you must design the system to be robust and ready for such procedures; for example, you want to have a hardware watchdog that resets the board if something goes wrong.
In manual I just can see how to set commandline parameters. Everything ( I understand until now) is controled via environment. I have to put some code (before the environment is read) into uboot source to force a tftpboot with in-compiled parameters. And I don't have a clue howto and where to do this. It is not enough to set some default environment, as this becomes active only if CRC is failed. This will not help against a typo in the setting.
The aforementioned "env default" command would alow to manually reset the environment to default settings, for example as last resort of recovery after a certain number of watchdog resets has been detected.
But if your environment is really hosed, including the backup copy, then you are probably lost anyway. Foir example, how would you communicate over Ethernet, when there is no longer a valid MAC address in your environment?
Best regards,
Wolfgang Denk
participants (2)
-
Arno Steffen -
Wolfgang Denk