On 26.03.25 15:21, 'Storm, Christian' via EFI Boot Guard wrote: > From: Christian Storm <[email protected]> > > In an update scenario, if ustate was just switched from > INSTALLED=1 to TESTING=2 but the kernel image to be tested > is not present, reboot to trigger a fallback into the > original boot path.
And why do we want or even need this? Looks to me like an optimization that will accelerate the reset which would otherwise have to wait for the watchdog to fire. But your vague description may suggest you are actually fixing a critical bug. Jan > > Signed-off-by: Christian Storm <[email protected]> > --- > env/fatvars.c | 1 + > include/bootguard.h | 1 + > main.c | 14 ++++++++++++++ > 3 files changed, 16 insertions(+) > > diff --git a/env/fatvars.c b/env/fatvars.c > index 675f6cc..07c9e85 100644 > --- a/env/fatvars.c > +++ b/env/fatvars.c > @@ -198,6 +198,7 @@ BG_STATUS load_config(BG_LOADER_PARAMS *bglp) > save_current_config(config_volumes, numHandles); > } > > + bglp->ustate = env[latest_idx].ustate; > bglp->payload_path = StrDuplicate(env[current_partition].kernelfile); > bglp->payload_options = > StrDuplicate(env[current_partition].kernelparams); > diff --git a/include/bootguard.h b/include/bootguard.h > index 93d415c..af0f54a 100644 > --- a/include/bootguard.h > +++ b/include/bootguard.h > @@ -37,4 +37,5 @@ typedef struct _BG_LOADER_PARAMS { > CHAR16 *payload_path; > CHAR16 *payload_options; > UINTN timeout; > + UINT8 ustate; > } BG_LOADER_PARAMS; > diff --git a/main.c b/main.c > index 3885754..8046ac1 100644 > --- a/main.c > +++ b/main.c > @@ -184,6 +184,20 @@ EFI_STATUS efi_main(EFI_HANDLE image_handle, > EFI_SYSTEM_TABLE *system_table) > status = BS->LoadImage(TRUE, this_image, payload_dev_path, NULL, 0, > &payload_handle); > if (EFI_ERROR(status)) { > + if (bg_loader_params.ustate == USTATE_TESTING) { > + /* > + * `ustate` was just switched from `1` (INSTALLED) > + * to `2` (TESTING), but the kernel image to be > + * tested is not present. Reboot to trigger a > + * fallback into the original boot path. > + */ > + ERROR(L"Failed to load kernel image %s (%r).\n", > + bg_loader_params.payload_path, status); > + ERROR(L"Triggering Rollback as ustate==2 (TESTING).\n"); > + (VOID) BS->Stall(3 * 1000 * 1000); > + ST->RuntimeServices->ResetSystem(EfiResetCold, > + EFI_SUCCESS, 0, NULL); > + } > error_exit(L"Cannot load specified kernel image", status); > } > -- Siemens AG, Foundational Technologies Linux Expert Center -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/efibootguard-dev/3738be18-af72-47c9-901d-d783e93d07c5%40siemens.com.
