This is the mail archive of the
ecos-devel@sources.redhat.com
mailing list for the eCos project.
Re: RFC: extending (reserved)
On Wed, 2004-12-15 at 04:53, Andrew Lunn wrote:
> > the problem we have with using fis create is that it isn't protected and
> > guaranteed to be there if we do an fis init. We really want to mark a
> > section of flash for the OS and leave the rest open for our end customers
> > to do with as they wish.
>
> Even if it has the same properties as redboot, the customer can still
> destroy it with fis erase and put in new contents with fis write. They
> question is how secure do you want it to be vs writing documentation
> telling customers not to delete these FIS entries and if they do don't
> be supprised if things break!
>
> How are you thinking about making it generic? Could you please explain
> your basic implementation ideas.
>
> Thanks
> Andrew
>
Agreed. I don't want to go all crazy and make it fault-tolerant
secure... just enjoy the same level of security that we currently enjoy
by globbing together our bootrom and OS sections into one reserved
partition. I would like to see them split out and show up as named fis
entries while still taking advantage of the "reserved" infrastructure.
This would also make it easier to support this board in Linux by
removing the need to have static mtd maps for splitting up the
"reserved" partition of flash.
My basic idea to implement this is to extend
CYGOPT_REDBOOT_FIS_RESERVED_BASE with something like a a
REDBOOT_FIS_RESERVED_PARTITION structure, and possibly with a
CYGNUM_REDBOOT_FIS_RESERVED_PARTITIONS_NR. A machine's cdl may define
multiple reserved fis entries that all must fit between flash_start and
CYGNUM_REDBOOT_FLASH_RESERVED_BASE. From there all that is needed is to
patch fis_init and fis_delete.
The machine's (or would this belong in a platform's flash cdl file?) cdl
file would define each image's base, size, and name.