From: Christian Storm <[email protected]> In an update scenario, if ustate was just switched from INSTALLED=1 to TESTING=2 but the kernel image to be tested is not present, reboot to trigger a fallback into the original boot path.
Signed-off-by: Christian Storm <[email protected]> --- env/fatvars.c | 1 + include/bootguard.h | 1 + main.c | 14 ++++++++++++++ 3 files changed, 16 insertions(+) diff --git a/env/fatvars.c b/env/fatvars.c index 675f6cc..07c9e85 100644 --- a/env/fatvars.c +++ b/env/fatvars.c @@ -198,6 +198,7 @@ BG_STATUS load_config(BG_LOADER_PARAMS *bglp) save_current_config(config_volumes, numHandles); } + bglp->ustate = env[latest_idx].ustate; bglp->payload_path = StrDuplicate(env[current_partition].kernelfile); bglp->payload_options = StrDuplicate(env[current_partition].kernelparams); diff --git a/include/bootguard.h b/include/bootguard.h index 93d415c..af0f54a 100644 --- a/include/bootguard.h +++ b/include/bootguard.h @@ -37,4 +37,5 @@ typedef struct _BG_LOADER_PARAMS { CHAR16 *payload_path; CHAR16 *payload_options; UINTN timeout; + UINT8 ustate; } BG_LOADER_PARAMS; diff --git a/main.c b/main.c index 3885754..8046ac1 100644 --- a/main.c +++ b/main.c @@ -184,6 +184,20 @@ EFI_STATUS efi_main(EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *system_table) status = BS->LoadImage(TRUE, this_image, payload_dev_path, NULL, 0, &payload_handle); if (EFI_ERROR(status)) { + if (bg_loader_params.ustate == USTATE_TESTING) { + /* + * `ustate` was just switched from `1` (INSTALLED) + * to `2` (TESTING), but the kernel image to be + * tested is not present. Reboot to trigger a + * fallback into the original boot path. + */ + ERROR(L"Failed to load kernel image %s (%r).\n", + bg_loader_params.payload_path, status); + ERROR(L"Triggering Rollback as ustate==2 (TESTING).\n"); + (VOID) BS->Stall(3 * 1000 * 1000); + ST->RuntimeServices->ResetSystem(EfiResetCold, + EFI_SUCCESS, 0, NULL); + } error_exit(L"Cannot load specified kernel image", status); } -- 2.49.0 -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/efibootguard-dev/7F66B84E-0C02-4C39-A8E2-C157B35A0778%40siemens.com.
