[PATCH v2 2/2] fwu: Mark failed bank as invalid during rollback

[Kory Maincent]

When boot_idx differs from active_idx at boot time, it indicates a
rollback scenario where the firmware update failed and the system
reverted to the previous working bank. In this case, mark the failed
bank (active_idx) as invalid to prevent future boot attempts from that
bank.

Signed-off-by: Kory Maincent <kory.maincent at bootlin.com>
---
 lib/fwu_updates/fwu.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 0f5ef2ba515..37c613014d1 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -766,6 +766,12 @@ static int fwu_boottime_checks(void)
 	if (boot_idx != active_idx) {
 		log_info("Boot idx %u is not matching active idx %u, changing active_idx\n",
 			 boot_idx, active_idx);
+
+		ret = fwu_state_machine_updates(FWU_BANK_INVALID, active_idx);
+		if (ret)
+			log_err("Unable to set bank %u state as invalid",
+				active_idx);
+
 		ret = fwu_set_active_index(boot_idx);
 		if (!ret)
 			boottime_check = 1;
-- 
2.43.0