Menu
▾
▴
[Amforth-devel] Protected Amforth
|
From: <an...@ki...> - 2010-05-26 15:48:51
|
Guys Been doing some thinking on bits of the conversations going off recently about protecting the Amforth Core from accidental overwrite. (Useful in some cases, particularly teaching scenarios and new starters). Thought I should throw them into the ring for discussion. Creating protection is as I understand it a three step process. 1. Rearrange the core words (or at least everything needed to compile and load the rest. etc into the boot-loader area as if it were a large boot-loader. 2. Tweak the interrupts and reset vectors (maybe the reset ISR too) and code to deal with the new location and prepare for a boot-loader start (That is actually the Amforth core system). This pseudo boot loader does in fact boot but doesn't pass off execution to anything unless turnkey is setup to do so. Turnkey or a rewritable template turnkey would have to live in the normal flash area so it could be rewritten if necessary. 3. Set the boot vector option in the fuses to make it boot from the top of flash (boot loader boot) rather than the bottom (Usual or non boot loader boot). Activating protection is a case of setting the appropriate fuses etc to lock down the boot-loader/upper flash area. Notes/thoughts. A. I don't think it is a good idea to issue the images and or templates with the protection activated. I have a nasty feeling invoking full protection will make it impossible to reprogram the boot-loader section ever again. Implementors may need/want to upgrade the core image and may optionally want to return their boards to service as a full arduino with the Arduino boot-loader. Particularly if they used it as a development platform and then built a dedicated Amforth board/device. B. Creating templates and images ready for protection to be optionally activated is a good idea. Documenting protection activation in a readme.txt file or the user guides etc is I think a good idea too. C. Issues I can see with this is that not all devices have as big a boot loader area. (Don't quote me on this, I could be wrong and would have to go through all the data sheets to be sure) D. It may be worth considering creating a word like "FactoryReset" or something that lives in the core/Boot-loader section and after confirmation wipes/purges/re-initializes the non core/Boot-loader section. Restoring the board/chip to a clean state. (Good for classroom scenarios and new starters) E. Making the ability to clone the current state of the device ie a "clone" word, part of the protected core/boot-loader would be optimal. There are arguments for not doing this and making it optional. Personally I favor the idea that it becomes an intrinsic part of all Amforth implementations. (Today forthduino, tomorrow the world, "Go forth and multiply" is a mangled biblical quote that springs to mind) F. Given all of the above we could be struggling in 8k of boot-loader unless something or other could me done with the current core set to make space. OK enough very poor puns on words. Thoughts for what they are worth..... Cheers Andy kirby |
