I’ll add a +1 here. Especially for the ‘Maker’ market, etc. where access to a JTAG programmer may be cost prohibitive. least common denominator (serial, typically over USB) is a great thing.
Having a bootloader that will *always* run, and is accessible via serial, makes debugging bad firmware a lot easier, makes recovering a bricked device possible, and makes simple programming of a device easy. If developers don’t have to re-flash a bootloader, but just send over a new app, that makes things simple for developers. Especially for the relatively inexperienced developer who will have a greater tendency to send over a bad image and cause havoc on the device. I’d also advocate for a separate process for flashing a new bootloader just to add an extra level of protection in case someone *does* alter the bootloader code, flash it, and it’s bad. What I’m saying is that we should make it very hard, if almost impossible, for software to kill hardware. Best regards, dg > On Jun 7, 2016, at 1:37 PM, Kevin Townsend <ke...@adafruit.com> wrote: > > I think I would probably argue as well that the bootloader should be able to > run completely independent with no user image flashed, with the ability to > flash a first image over serial, but that's just my own opinion and biased > expectations in a bootloader. Obviously, I'm curious to hear what everyone > else thinks! > > There should perhaps also be an options for a fail-safe mechanism to boot > into 'bootloader only' mode (polling a pin at startup) where no firmware is > executed, but you can still talk to the bootloader via the 'newtmgr' tool to > flash an image, etc. > > BLE complicates things, but keeping 'serial' as a baseline in the core > bootloader image should add a great deal more resilience to mynewt devices, > particularly if you're devices cost several hundreds dollars per unit and > aren't just say $30 nodes that you can pull out and replace. > > K. -- David G. Simmons (919) 534-5099 Web • Blog • Linkedin • Twitter • GitHub /** Message digitally signed for security and authenticity. * If you cannot read the PGP.sig attachment, please go to * http://www.gnupg.com/ Secure your email!!! * Public key available at keyserver.pgp.com **/ ♺ This email uses 100% recycled electrons. Don't blow it by printing! There are only 2 hard things in computer science: Cache invalidation, naming things, and off-by-one errors.
signature.asc
Description: Message signed with OpenPGP using GPGMail
