eive/eive-obsw
eive
/
eive-obsw
12
3
Fork 0
Code Issues 3 Pull Requests 1 Releases 117 Wiki Activity

Reboot File Handling #154

Merged
meierj merged 27 commits from mueller/reboot-file-handling into develop 2022-03-01 17:24:27 +01:00
Conversation 1 Commits 27 Files Changed 41 +2580 -108
muellerr commented 2022-02-25 11:37:05 +01:00
Owner
Copy Link

Some more information can be found here:

https://egit.irs.uni-stuttgart.de/redmine/projects/eive-flight-manual/wiki/OBC_Reboot_Handler

This PR requires a cross-compile rootfs update or a manual update of libxiphos.h.

It also might require setting up the build folder again because of a new linker flag.
Need to update CI cross-compile rootfs because of bugs in libxiphos.h.

There is a deciated unittest which was coded and run in VS code to verify the correctness of the reboot alorithms without the need for hardware specific libraries.

Some more information can be found here: https://egit.irs.uni-stuttgart.de/redmine/projects/eive-flight-manual/wiki/OBC_Reboot_Handler This PR requires a cross-compile rootfs update or a manual update of `libxiphos.h`. It also might require setting up the build folder again because of a new linker flag. Need to update CI cross-compile rootfs because of bugs in `libxiphos.h`. There is a deciated unittest which was coded and run in VS code to verify the correctness of the reboot alorithms without the need for hardware specific libraries.
muellerr added 2 commits 2022-02-25 11:37:05 +01:00
EIVE/eive-obsw/pipeline/head This commit looks good Details
00bd6e260a
fsfw and tmtc update
EIVE/eive-obsw/pipeline/head There was a failure building this commit Details
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
3a6c7e3183
separate branch for reboot file handling
muellerr changed title from Reboot File Handling to WIP: Reboot File Handling 2022-02-25 11:37:21 +01:00
muellerr added 1 commit 2022-02-25 13:20:47 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
55618e381c
update README
muellerr added 2 commits 2022-02-25 13:24:47 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
da78e57dd3
cleanDocker
muellerr added this to the v1.9.0 milestone 2022-02-26 16:56:54 +01:00
muellerr added 1 commit 2022-02-28 13:29:26 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
ba68c80d6b
Merge remote-tracking branch 'origin/develop' into mueller/reboot-file-handling
muellerr added 1 commit 2022-02-28 14:13:39 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
042acc1a23
reboot logic unittest init
muellerr added 1 commit 2022-02-28 15:59:36 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
ff35986a16
fsfw update
muellerr added 1 commit 2022-02-28 16:05:36 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
8e6d8a6fa8
use catch2 main
muellerr added 1 commit 2022-02-28 16:35:30 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
a2bc72a798
improved mount logic, create conf folder is missing
muellerr added 1 commit 2022-02-28 16:47:44 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
8c2c402821
continued tests, first fixes
muellerr added 1 commit 2022-02-28 16:48:16 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
8e8fe3d0c9
some more fixes
muellerr added 1 commit 2022-02-28 16:55:51 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
d4dcd8c03f
added missing command
muellerr added 1 commit 2022-02-28 19:53:02 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
0d1ff8585c
various bugfixes from unittest
muellerr added 1 commit 2022-02-28 20:24:44 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
165e6e829e
bugfix by inspection
muellerr added 1 commit 2022-02-28 20:27:26 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
1c17aac544
added last unittests
muellerr changed title from WIP: Reboot File Handling to Reboot File Handling 2022-02-28 20:27:50 +01:00
muellerr requested review from meierj 2022-02-28 20:28:27 +01:00
muellerr added 1 commit 2022-02-28 20:35:06 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
65961695de
small README
muellerr changed title from Reboot File Handling to WIP: Reboot File Handling 2022-02-28 20:36:42 +01:00
meierj reviewed 2022-03-01 10:16:47 +01:00
bsp_q7s/core/CoreController.cpp Outdated
@ -1104,0 +1280,4 @@
}
void CoreController::determineAndExecuteReboot(RebootFile &rf, bool &needsReboot,
xsc::Chip &tgtChip, xsc::Copy &tgtCopy) {
meierj commented 2022-03-01 10:16:47 +01:00
Owner
Copy Link

There might be the unlikely but nevertheless possible case that one of the firmware images is corrupted and all reboot counters except for the counter of the partition containing the corrupted firmware reached the maximum reboot count. I think this could lead in the current configuration to a scenario where the OBSW tries to boot from the partition with the corrupted firmware (because the reboot counter for this image is the only one not set to max reboot counts) but always ends in another image because the Xiphos bootloader prevents booting the corrupted image (according to datasheet performs integrity check by means of a CRC and md5sum).
Just my thoughts on this. Maybe you already considered this scenario.

There might be the unlikely but nevertheless possible case that one of the firmware images is corrupted and all reboot counters except for the counter of the partition containing the corrupted firmware reached the maximum reboot count. I think this could lead in the current configuration to a scenario where the OBSW tries to boot from the partition with the corrupted firmware (because the reboot counter for this image is the only one not set to max reboot counts) but always ends in another image because the Xiphos bootloader prevents booting the corrupted image (according to datasheet performs integrity check by means of a CRC and md5sum). Just my thoughts on this. Maybe you already considered this scenario.
muellerr added 1 commit 2022-03-01 11:58:00 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
daa3b0084a
extended reboot file handling
muellerr added 1 commit 2022-03-01 13:05:55 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
b279434ef0
update gitignore
muellerr added 2 commits 2022-03-01 13:35:38 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
684d9b8059
repoint fsfw
muellerr added 1 commit 2022-03-01 14:44:56 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
e1112f1903
extension for additional safety
muellerr added 1 commit 2022-03-01 14:51:14 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
84367f8424
small tweak
muellerr changed title from WIP: Reboot File Handling to Reboot File Handling 2022-03-01 14:51:28 +01:00
muellerr commented 2022-03-01 14:52:00 +01:00
Author
Owner
Copy Link

There is now an additional safety mechanism in place to prevent reboot loops onto images which fail before the OBSW is reached

There is now an additional safety mechanism in place to prevent reboot loops onto images which fail before the OBSW is reached
muellerr added 1 commit 2022-03-01 14:56:23 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
be122038ed
small but important bugfix
muellerr added 1 commit 2022-03-01 15:07:07 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
9e03f9babe
apply clang format to unittest folder as well
muellerr added 2 commits 2022-03-01 15:23:04 +01:00
EIVE/eive-obsw/pipeline/pr-develop There was a failure building this commit Details
EIVE/eive-obsw/pipeline/head There was a failure building this commit Details
23e2c5ffc8
repoint fsfw
meierj approved these changes 2022-03-01 17:23:51 +01:00
meierj merged commit 81915f1772 into develop 2022-03-01 17:24:27 +01:00
muellerr deleted branch mueller/reboot-file-handling 2022-03-03 15:43:56 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
meierj
Labels
Clear labels   
OPS TODO

Issues identified by OPS

  
api change

API change

  
breaking api change

API change which can break existing code

  
bug

Something is not working

  
documentation

Documentation

  
duplicate

This issue or pull request already exists

  
feature

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No Label
OPS TODO
api change
breaking api change
bug
documentation
duplicate
feature
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
v1.9.0
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: eive/eive-obsw#154
No description provided.
Delete Branch "mueller/reboot-file-handling"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?