Test setup

U-Boot Test Setup

When developing firmware we have to deploy it very often to the test system. U-Boot typically is loaded from an SD card. So we end up juggling the SD card to and fro a lot. This manual handling does not allow for automation. The Tizen SDWire is a board that is inserted like an SD card into the test system. The SD card itself is mounted on the board. Via an USB interface the SD card can be disconnected from the test system, updated, and reconnected to the test system.

For switching the test system on and off a relay board (e.g. the Waveshare RPi relay board) can be used. Read more

U-Boot

iSCSI booting with U-Boot and iPXE

U-Boot has only a reduced set of supported network protocols. A major gap is the lack of a TCP stack.

For booting a diskless computer this leaves us with BOOTP or DHCP to get the address of a boot script. TFTP can be used to load the boot script and the operating system kernel and initial file system (initrd).

These protocols are insecure. The client cannot validate the authenticity of the contacted servers. And the server cannot verify the identity of the client.

Furthermore the services providing the operating system loader or kernel are not the ones that the operation system will use. Especially in a SAN environment this makes updating the operating system a hassle. After installing a new kernel version the boot files have to be copied to the TFTP server directory.

The HTTPS protocol provides certificate based validation of servers. Sensitive data like passwords can be securely transmitted.

The iSCSI protocol is used for connecting storage attached networks. It provides mutual authentication using the CHAP protocol. It typically runs on a TCP transport.

Thus a better solution than DHCP/TFTP boot would be to load a boot script via HTTPS and to download any other files needed for booting via iSCSI.

An alternative to implementing these protocols in U-Boot is to use an existing software that can run on top of U-Boot. iPXE is the "swiss army knife" of network booting. It supports both HTTPS and iSCSI. It has a script engine for fine grained control of the boot process and can provide a command shell.

iPXE can be built as an EFI application (named snp.efi) which can be loaded and run by U-Boot. Read more