pub struct BootLoader<ACTIVE: NorFlash, DFU: NorFlash, STATE: NorFlash> { /* private fields */ }
Expand description

BootLoader works with any flash implementing embedded_storage.

Implementations§

source§

impl<ACTIVE: NorFlash, DFU: NorFlash, STATE: NorFlash> BootLoader<ACTIVE, DFU, STATE>

source

pub fn new(config: BootLoaderConfig<ACTIVE, DFU, STATE>) -> Self

Create a new instance of a bootloader with the flash partitions.

  • All partitions must be aligned with the PAGE_SIZE const generic parameter.
  • The dfu partition must be at least PAGE_SIZE bigger than the active partition.
source

pub fn prepare_boot( &mut self, aligned_buf: &mut [u8] ) -> Result<State, BootError>

Perform necessary boot preparations like swapping images.

The DFU partition is assumed to be 1 page bigger than the active partition for the swap algorithm to work correctly.

The provided aligned_buf argument must satisfy any alignment requirements given by the partition flashes. All flash operations will use this buffer.

SWAPPING

Assume a flash size of 3 pages for the active partition, and 4 pages for the DFU partition. The swap index contains the copy progress, as to allow continuation of the copy process on power failure. The index counter is represented within 1 or more pages (depending on total flash size), where a page X is considered swapped if index at location (X + WRITE_SIZE) contains a zero value. This ensures that index updates can be performed atomically and avoid a situation where the wrong index value is set (page write size is “atomic”).

PartitionSwap IndexPage 0Page 1Page 3Page 4
Active0123-
DFU0321X

The algorithm starts by copying ‘backwards’, and after the first step, the layout is as follows:

PartitionSwap IndexPage 0Page 1Page 3Page 4
Active1121-
DFU13213

The next iteration performs the same steps

PartitionSwap IndexPage 0Page 1Page 3Page 4
Active2121-
DFU23223

And again until we’re done

PartitionSwap IndexPage 0Page 1Page 3Page 4
Active3321-
DFU33123
REVERTING

The reverting algorithm uses the swap index to discover that images were swapped, but that the application failed to mark the boot successful. In this case, the revert algorithm will run.

The revert index is located separately from the swap index, to ensure that revert can continue on power failure.

The revert algorithm works forwards, by starting copying into the ‘unused’ DFU page at the start.

PartitionRevert IndexPage 0Page 1Page 3Page 4
Active3121-
DFU33123
PartitionRevert IndexPage 0Page 1Page 3Page 4
Active3121-
DFU33223
PartitionRevert IndexPage 0Page 1Page 3Page 4
Active3123-
DFU33213

Auto Trait Implementations§

§

impl<ACTIVE, DFU, STATE> RefUnwindSafe for BootLoader<ACTIVE, DFU, STATE>
where ACTIVE: RefUnwindSafe, DFU: RefUnwindSafe, STATE: RefUnwindSafe,

§

impl<ACTIVE, DFU, STATE> Send for BootLoader<ACTIVE, DFU, STATE>
where ACTIVE: Send, DFU: Send, STATE: Send,

§

impl<ACTIVE, DFU, STATE> Sync for BootLoader<ACTIVE, DFU, STATE>
where ACTIVE: Sync, DFU: Sync, STATE: Sync,

§

impl<ACTIVE, DFU, STATE> Unpin for BootLoader<ACTIVE, DFU, STATE>
where ACTIVE: Unpin, DFU: Unpin, STATE: Unpin,

§

impl<ACTIVE, DFU, STATE> UnwindSafe for BootLoader<ACTIVE, DFU, STATE>
where ACTIVE: UnwindSafe, DFU: UnwindSafe, STATE: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.