Read Only Operating Systems

by on March 20, 2014

kernal panic

Hi all
Most robots have a computer inside that is responsible for controlling the robot. Many robots will have multiple computers, each responsible for a different part of the robot. How do you make sure that the operating system and possibly the software that runs the robot does not get corrupt (and avoid kernel panics)? To solve this problem we can make the robots computer be read only (RO), or only part of the computer be read only.

How does a standard computer become corrupt? In a robot the computers will often be abused and not shut down properly, be subject to a noisy power supply that can cause sudden restarts, and batteries dying. In all of these cases the computer dies before the operating system (OS) has a chance to save it’s state. If the operating system is in the middle of writing to a file, that file can additionally become corrupt.It is important to note that an error caused by a power failure might not be immediately noticeable and only show up when a file is needed sometime in the future. Modern operating systems (file systems) are far better at handling this then they were in the past, however this can still be a problem. For example with new disk types (such as flash) the errors can be different based on how that technology handles writing and deleting data.

Another benefit to using a read only file system is that when the computer reboots it will be in a known state. This can be important if the robot gets in a bad situation and you just want to reboot to clear out any faults (known or unknown).

There are several ways of setting up a read only system. You can either have separate partitions (or drives); one for the operating system and software, and then another writable partition for storing files that need to modified by the OS, logs and data. Alternatively the files that need to be writable for the OS and logs can be put on a RAM disk. One useful feature in a RO OS is the ability to switch to a read-write mode so you can make changes, save the changes, and then switch back to the read-only mode (for this reason I do not use UnionFS for this application like some others do).

Purchase One

Setting up a RO OS can be tricky. One way to get around this is to purchase an embedded computer that already comes loaded with a RO operating system such as from Technologic Systems when running in fastboot mode.

Build One (Linux)

When setting up a RO OS from scratch you should use a proven stable file format such as ext3 (use ext3!). There are two directories that need to be kept writable (assuming Debian); /home and /var. You can have those two directories put onto a writable partition, or use tmpfs to create a temporary location in RAM. In /ets/fstab you can add the ro option to your root file system and declare the two tmpfs directories, followed by copying the old contents of /var and /home to the new tmpfs versions of those directories.

If you want you can edit /etc/fstab to just mount the root partition with the RO option, and then have your startup script (it must happen early in the startup) do:

mount -o remount,size=1G /home
mount -o remount,size=1G /var
cp -r /home_contents /home
cp -r /var_contents /var

Where *_contents is a copy on the RO root partition of what should be loaded. Also make sure you have enough RAM to create the partitions above (with the size= parameter) and still run your software. This startup script can be placed in /etc/rc*.d/ (actually placed in /etc/init.d/ and symlinked to rc*.d) and use a small number so it happens right after /ets/fstab gets loaded.

To make changes you can switch to read-write mode by typing “mount -o remount,rw /” and back to read-only mode when you are done with “mount -o remount,ro /”. To install new software you might need to install to the /var directory and then replace /var_contents/ with the updated version.

The reason I said above that this can be tricky is that you are almost guaranteed to get some errors after the above steps during boot that need to be fixed. The errors usually require you make that item not force the root partition to be read-write, or move certain files to the tmpfs portion of the system. Common items that might need to be put in tmpfs can be things like /tmp, /root, and /etc/mtab.

USB Based

Another option is to have a USB stick that plugs into the computer that get booted to. In Ubuntu you can use the Startup Disk Creator tool to create a bootable USB stick from an image. Once you have the bootable USB stick you can put items onto the drive and modify the boot script to load whatever you put on the USB stick.

If you do not want to use the Startup Disk Creator, and want more control to create your own release of the operating system, you can check out a site devoted to the subject.

Windows

So far I have focused on Linux. Unfortunately I do not know how and have never done it in Windows. If you have experience with this please let us know below in the comments. With several Google searches it seems like you can make ROM (ie read only) versions of Windows CE with the ROM Run-Time Image tool that is found within the Binary Image Creation tool.


Post image from: http://upload.wikimedia.org/wikipedia/commons/2/2b/Ubuntu-linux-kernel-panic-by-jpangamarca.JPG

Liked it? Take a second to support David Kohanbash on Patreon!
Become a patron at Patreon!

Comments

Leave a Reply