Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Boot: Introduce new swap method using status partition #841

Closed
wants to merge 3 commits into from
Closed

Boot: Introduce new swap method using status partition #841

wants to merge 3 commits into from

Conversation

romanjoe
Copy link
Collaborator

This pull request introduces new swap mode suitable for devices with large minimum write/erase sizes. New mode is based on existing swap move algorithm but uses specially managed flash area called status partition instead of image trailer to store sectors statuses while swapping, as well as other data located in trailer.

This mode is developed using Cypress PSoC6 as hardware platform. PSoC6 has minimum write/erase size of 512 bytes, swap mode using status partition can be easily configured for use with platforms which have different min write/erase size.

Supported:

  • swap modes: test, revert, permanent
  • power safe swapping (power loss, random resets)
  • configurable minimum write/erase size
  • flash wear elimination approach (configurable)
  • swap status partition size calculations are automated and based on BOOT_MAX_IMG_SECTORS and min write/erase size
  • single and multi image mcuboot configurations supported
  • existing imgtool compatible

Considerations:

  • only tested on cypress hardware
  • sim does not support it yet, but @d3zd3z hopes to add it

Any comments, suggestions are welcome.

@romanjoe romanjoe requested a review from d3zd3z October 19, 2020 12:28
@romanjoe romanjoe force-pushed the pr/swap_status_part branch 4 times, most recently from d6112bc to 26b5112 Compare October 19, 2020 12:56
@utzig utzig mentioned this pull request Oct 29, 2020
Closed
@BohdanKovalchuk BohdanKovalchuk mentioned this pull request Nov 20, 2020
Merged
@utzig utzig added 1.8.0 RFC Request for Comments labels Jan 12, 2021
@utzig utzig self-requested a review January 12, 2021 15:28
@romanjoe romanjoe force-pushed the pr/swap_status_part branch 3 times, most recently from 297b2fb to cf96275 Compare January 25, 2021 21:41
@romanjoe
Copy link
Collaborator Author

Extracted watchdog related commit and created separate PR for that.

#931

@romanjoe romanjoe force-pushed the pr/swap_status_part branch 10 times, most recently from 57edfbd to 8da189e Compare January 28, 2021 15:55
@romanjoe romanjoe force-pushed the pr/swap_status_part branch 5 times, most recently from ea058ac to 6e7c83f Compare April 26, 2021 22:22
@romanjoe romanjoe force-pushed the pr/swap_status_part branch 3 times, most recently from 6afd303 to 010b795 Compare April 27, 2021 11:44
@tarasbor tarasbor force-pushed the pr/swap_status_part branch 4 times, most recently from 84befa4 to 3ae1386 Compare July 13, 2021 10:50
@elcritch elcritch mentioned this pull request Aug 24, 2021
Open
@d3zd3z d3zd3z added area: core Affects core functionality and removed 1.8.0 labels Aug 24, 2021
@elcritch
Copy link

This code contains a number of Cypress PSoC6 specific changes. Are they related to the new swap status partition or just details for implementing the Cypress chip? I'm going to try and get this running on NXP LPC55S69.

@d3zd3z
Copy link
Member

d3zd3z commented Aug 27, 2021

This code contains a number of Cypress PSoC6 specific changes. Are they related to the new swap status partition or just details for implementing the Cypress chip? I'm going to try and get this running on NXP LPC55S69.

One of the requested changes is to split out the new swap status code from any of the Cypress-specific changes needed to use it. It'd be great if you have time to try and get this working on the LPC55S69, which is rather similar constraints on its flash. I had mostly been focusing on getting this running in the simulator, which is also a requirement for being able to merge this.

@elcritch
Copy link

One of the requested changes is to split out the new swap status code from any of the Cypress-specific changes needed to use it. It'd be great if you have time to try and get this working on the LPC55S69, which is rather similar constraints on its flash. I had mostly been focusing on getting this running in the simulator, which is also a requirement for being able to merge this.

That sounds good; given it's blocking most of my MCU's I can probably justify spending time on it. Many of the newer automotive rated MCU's seem to have ECC flash now so it'd be useful in the future.

@d3zd3z
Copy link
Member

d3zd3z commented Aug 31, 2021

Many of the newer automotive rated MCU's seem to have ECC flash now so it'd be useful in the future.

Is 512-byte write/erase common? We've been trying to track what is in devices in #713, and it'd be nice if you have any better insight into what devices are really being used.

The code in this PR basically set set up to work with devices with small erase units (basically the same as the write size). At least the Psoc and NXP LPC devices are like that. The others with ECC generally seem to do the ECC across a smaller range of bytes, such as 8 bytes.

@elcritch
Copy link

elcritch commented Sep 8, 2021

Is 512-byte write/erase common? We've been trying to track what is in devices in #713, and it'd be nice if you have any better insight into what devices are really being used.

It seems to be the case for the NXP chips and maybe the TI chips. However, I have a couple of STM32H7 based boards (like NUCLEO-H755ZI-Q) that appear to have 32B write/128kB erase according to their flash manual. So likely those chips will need to use the current trailer method. It'd be wasteful but the upside is that those chips have 1-2k sectors at that 128k sector size (1-2MB) so in theory the trailer method should work?

The code in this PR basically set set up to work with devices with small erase units (basically the same as the write size). At least the Psoc and NXP LPC devices are like that. The others with ECC generally seem to do the ECC across a smaller range of bytes, such as 8 bytes.

It does seem more common, however, perhaps it'll need to be configured on a board-by-board case? I'm hoping to test this out more this week, but not sure if I'll be able get to it yet.

@d3zd3z
Copy link
Member

d3zd3z commented Sep 30, 2021

@elcritch you may be interested in #949 which is working on making the slightly-larger write sizes workable.

@elcritch
Copy link

elcritch commented Oct 2, 2021

@elcritch you may be interested in #949 which is working on making the slightly-larger write sizes workable.

Thanks! I'm hoping to getting back to testing MCUBoot soon. The larger write would be helpful on some of these ECC flash units.

@utzig utzig mentioned this pull request Nov 25, 2021
Merged
2 tasks
Oleksandr Shkurchenko added 3 commits December 24, 2021 00:52
bootutil: Add "Swap scratch mode with status partition"
eba0d03 
Swap scratch mode with status partition is implemented to facilitate a usage of swap mode on the devices with
a large write size of the internal and external flash memory (512B, 1024B, 4096B, 256KB, ...).
Unlike original implementation of swap scratch mode, where a status info is stored in the image trailer,
this mode introduces a special status partition in the flash memory to store a status information
about the image sectors while swapping, that guarantees a power/reset safe upgrade operation.

Signed-off-by: Oleksandr Shkurchenko <oleksandr.shkurchenko@infineon.com>
cypress: Add "Swap scratch mode with status partition" support
f4c5c49 
Add "Swap scratch mode with status partition" support to the cypress examples.

Signed-off-by: Oleksandr Shkurchenko <oleksandr.shkurchenko@infineon.com>
sim: Add "Swap scratch mode with status partition" support
85f7b33 
Update tests according to "Swap scratch mode with status partition"

Signed-off-by: Oleksandr Shkurchenko <oleksandr.shkurchenko@infineon.com>
@d3zd3z
Copy link
Member

d3zd3z commented Jan 11, 2022

@romanjoe Have you guys gathered any statistics on how much wear this change introduces, specifically to a fairly large device with 512-byte pages? It seems like this would result in a few thousand write/erase cycles on just a small number of page.

@github-actions
Copy link

This pull request has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 14 days. Note, that you can always re-open a closed pull request at any time.

@github-actions github-actions bot added the stale label Jul 11, 2022
@github-actions github-actions bot closed this Jul 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@d3zd3z d3zd3z Awaiting requested review from d3zd3z d3zd3z is a code owner

@utzig utzig Awaiting requested review from utzig

Assignees
No one assigned
Labels
area: core Affects core functionality RFC Request for Comments stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@romanjoe @elcritch @d3zd3z @utzig