Add swap using offset mode #2162
Conversation
nordicjm
force-pushed
the
swaplesserase
branch
5 times, most recently
from
1f86386 to
484d0f5
Compare
|
@nordicjm this is a very nice improvement. There are some minor documentation nits. A further possible improvement could be to place the swap state (image trailer) in the update image slot (this will not be erased during the swap, and thus the image could go up to the slot size - trailer size). |
nordicjm
force-pushed
the
swaplesserase
branch
from
484d0f5 to
b6b32c5
Compare
I left it in the first as with the "move" slot being moved to the second image, the overhead in both slots is now about equal (swap status in primary, move slot in secondary). However I'm not sure if this mode will actually be finished, the simulator is a giant fight and lots of edge cases need handling in application code to account for the secondary slot image being at either offset, and as of right now the simulator failures make no sense to me |
nordicjm
force-pushed
the
swaplesserase
branch
5 times, most recently
from
f61a84d to
546b5b5
Compare
|
Some food for further thoughts: I have created a similar approach outside of mcuboot, by using a different terminology: The image update moves one sector from image to backup followed by a move from update to image, when the update is finished the old image is in the backup slot and the new image is in the image slot. A restore is a move from the backup slot to the image slot. The method also allows removing the "swap with scratch" as the "scratch" sector can be defined as the first sector of the backup image. For devices that have plenty of flash the backup slot can also be defined separate from the update slot to enhance the life and keep flash wear equal for all slots (update erases all flash only once). |
nordicjm
force-pushed
the
swaplesserase
branch
from
546b5b5 to
678cb93
Compare
The plan is that swap using scratch will be removed in the coming future, but as it stands right now this would not work, e.g. on an stm32 where the sector sizes are 32KiB, 32KiB, 64KiB, 128KiB, 128KiB - making it the first sector give a scratch size of 32KiB which means you can't complete a single swap. The idea is that MCUboot's "sector size" will not be the flash sector size in future, it will be able to be configured so in the case of the stm32 will be 128KiB, in the case of a device with internal and external flash whereby internal flash has 2KiB sectors and external flash has 8KiB sectors, both will be 8KiB - once this change is made it means that swap using scratch can be removed entirely because despite the device have different sector sizes, the move is done in multiples of the largest sector size. The added benefit of this is that the code is smaller and swap status area is smaller too |
nordicjm
force-pushed
the
swaplesserase
branch
3 times, most recently
from
769bca3 to
9e28dea
Compare
|
Hi @nordicjm |
When building for existing products where the bootloader is configured in swap using move mode, other than that swap using offset should become the new default |
nordicjm
force-pushed
the
swaplesserase
branch
2 times, most recently
from
d12d10d to
8cf39b8
Compare
Refactors some functions so that the state variable is present in it Signed-off-by: Jamie McCrae <[email protected]>
nordicjm
force-pushed
the
swaplesserase
branch
from
8cf39b8 to
9fa2367
Compare
Adds a new variation of the swap using move mode, named swap using offset, whereby instead of moving all the sectors in the primary image, the sectors in the secondary image are offset instead. This fastens image swapping time both for updates and reverts as each sector in both slots is erased only once, which also reduces flash wear, and uses less swap status bits to represent Signed-off-by: Jamie McCrae <[email protected]>
Adds support for using this mode to zephyr Signed-off-by: Jamie McCrae <[email protected]>
Adds support for getting the sector size of less sectors than are in an image, which mirrors support in zephyr and allows getting just the size of the first sector in an image Signed-off-by: Jamie McCrae <[email protected]>
Enables testing this new mode Signed-off-by: Jamie McCrae <[email protected]>
Fixes not using a pointer as a pointer Signed-off-by: Jamie McCrae <[email protected]>
Adds details on how this new mode works Signed-off-by: Jamie McCrae <[email protected]>
Adds a note about this new algorithm being added Signed-off-by: Jamie McCrae <[email protected]>
Fixes some comments which had typos or were not formatted correctly Signed-off-by: Jamie McCrae <[email protected]>
Adds support for serial recovery of images when MCUboot is set to swap using offset mode Signed-off-by: Jamie McCrae <[email protected]>
nordicjm
force-pushed
the
swaplesserase
branch
from
9fa2367 to
e09365f
Compare
| #ifdef MCUBOOT_SWAP_USING_OFFSET | ||
| , uint32_t start_off | ||
| #endif |
There was a problem hiding this comment.
For the future: We should just rewrite the code to take this param anyway and ignore it when not used.
| #ifdef MCUBOOT_SWAP_USING_OFFSET | ||
| , uint32_t start_off | ||
| #endif |
| #if defined(MCUBOOT_SWAP_USING_OFFSET) && defined(MCUBOOT_SERIAL_RECOVERY) | ||
| , uint32_t start_off | ||
| #endif |
| off = boot_img_sector_size(state, BOOT_SECONDARY_SLOT, 0); | ||
| } | ||
|
|
||
| rc = flash_area_read(fap, off, out_hdr, sizeof *out_hdr); |
There was a problem hiding this comment.
I think that convention in MCUboot is to use () after sizeof.
| a smaller swap status area size. | ||
|
|
||
| When using this algorithm the maximum image size available for the application | ||
| will be the smallest of the following: |
| up by having the update image written in the second sector in | ||
| the update slot, which offers a faster update process and | ||
| requires a smaller swap status area | ||
| - Made swap using offset the default algorithm for Zephyr builds |
There was a problem hiding this comment.
This is set as default if preferred... as it was with the move alg before
Fixes #2134
165KiB update using swap using move on nrf5340dk: 18 seconds
182KiB update using swap using offset on nrf5340dk: 13 seconds