A caution on firmware update
Mitch Bradley
wmb at firmworks.com
Thu Jan 11 12:14:35 EST 2007
The long-run plan for firmware update does not involve USB at all. The
OS puts a signed image on NAND FLASH, the firmware sees and validates
it, and updates the SPI FLASH.
ron minnich wrote:
> We've done several tens of thousands of FLASH updates here at LANL
> over the last 5 years. I also am in touch with other labs with the
> same level of experience.
>
> The experiences of us all are basically the same.
>
> The most reliable way to update FLASH on a massive scale is via the
> OS, viz. Linux. I have routinely updated 1024 nodes at a time in 30
> seconds with no need for console intervention.
>
> The most unreliable way to update FLASH is via BIOS mechanisms. If USB
> is involved, multiply the problems by a large number. Console
> interaction causes further issues.
>
> Every single company that comes in here with a BIOS-based FLASH update
> mechanism -- save one -- is eventually convinced to give us an
> OS-based FLASH update mechanism, due to problems with the BIOS-based
> mechanisms. One Very Large Vendor, who had been strongly pushing their
> BIOS-based update mechanism, recently told us they had created an
> OS-based FLASH update mechanism.
>
> The one company that did not change, has caused us enormous trouble,
> as we had to scour store shelves for USB sticks that would work with
> the BIOS. This is not uncommon with USB. I just had a brand-new system
> in here last month, and had to go through 3 keyboards before I found
> one that would work with the BIOS -- new bios, new keyboards.
>
> The single two most common phrases we hear from a vendor -- "We have
> not seen this" and "Nobody else is reporting this problem" -- are the
> two phrases I've been hearing w.r.t. my inability to update my FLASH
> :-) While this is a sign of progress -- it means OLPC is a real
> product -- it should also be taken as a warning -- things are going to
> happen that you can't anticipate, understand, or reproduce.
> Flexibility is paramount. You're going to be working on a scale few
> have seen.
>
> If you are trying to set up some sort of protection from BIOS to
> enable/disable flash upgrades, a useful thing to do is to require that
> some BIOS command be run that allows FLASH writes, e.g.:
> ok enable-flash-write
> Warning: FLASH can now be written from the OS or applications
> ok boot
>
> I would not even have bothered to mention this, but I've still got an
> OLPC that can't use any of my USB sticks. It's not so much my problem
> that concerns me -- I can work around my problem -- it's the fact that
> my little problem might become OLPC's big problem on a very large
> scale. I still think it would be useful to rethink the FLASH update
> mechanism.
>
> thanks
>
> ron
> _______________________________________________
> Devel mailing list
> Devel at laptop.org
> http://mailman.laptop.org/mailman/listinfo/devel
>
More information about the Devel
mailing list