[PATCH v10 09/15] FWU: Add boot time checks as highlighted by the FWU specification

Jassi Brar jassisinghbrar at gmail.com
Mon Sep 26 16:07:06 CEST 2022 

On Mon, Sep 26, 2022 at 5:08 AM Sughosh Ganu <sughosh.ganu at linaro.org> wrote:
>
> On Mon, 26 Sept 2022 at 08:29, Jassi Brar <jassisinghbrar at gmail.com> wrote:
> > .....
> > > +static int fwu_boottime_checks(void *ctx, struct event *event)
> > > +{
> > > +       int ret;
> > > +       struct udevice *dev;
> > > +       u32 boot_idx, active_idx;
> > > +
> > > +       ret = fwu_get_dev_mdata(&dev, NULL);
> > > +       if (ret)
> > > +               return ret;
> > > +
> > > +       ret = fwu_mdata_check(dev);
> > > +       if (ret) {
> > > +               return 0;
> > > +       }
> > > +
> > > +       /*
> > > +        * Get the Boot Index, i.e. the bank from
> > > +        * which the platform has booted. This value
> > > +        * gets passed from the ealier stage bootloader
> > > +        * which booted u-boot, e.g. tf-a. If the
> > > +        * boot index is not the same as the
> > > +        * active_index read from the FWU metadata,
> > > +        * update the active_index.
> > > +        */
> > > +       fwu_plat_get_bootidx(&boot_idx);
> > > +       if (boot_idx >= CONFIG_FWU_NUM_BANKS) {
> > > +               log_err("Received incorrect value of boot_index\n");
> > > +               return 0;
> > > +       }
> > > +
> > > +       ret = fwu_get_active_index(&active_idx);
> > > +       if (ret) {
> > > +               log_err("Unable to read active_index\n");
> > > +               return 0;
> > > +       }
> > > +
> > > +       if (boot_idx != active_idx) {
> > > +               log_info("Boot idx %u is not matching active idx %u, changing active_idx\n",
> > > +                        boot_idx, active_idx);
> > > +               ret = fwu_update_active_index(boot_idx);
> > > +               if (!ret)
> > > +                       boottime_check = 1;
> > >
> > We may not want to do anything FWU (accept, reject, modify mdata)
> > until we reboot, if we are recovering from last bad upgrade. So maybe
> > not set boottime_check
>
> Actually, the difference between the boot bank and active bank will
> happen when there is some kind of corruption on the media due to which
> the platform could not boot from the active bank(could also be due to
> repeated wd timeouts).
>
... which may have been caused by the last upgrade attempt, among other reasons.

fwu_trial_state_check() will never be called in this case and any
subsequent fwu_update_checks_pass() will pass even if we are in trial
state.

-j

More information about the U-Boot mailing list