Fix a segmentation fault caused by a null pointer access during root
partition checking. The function part_get_info() was falsely given null
for the disk_partition struct, which later resulted in accessing a null
pointer and thus undefined behavior.
Fixes: 5d7c080ae5 ("bootstd: rauc: Don't check root part filesystem")
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Partitions can be become unusable due to power cuts or failed updates.
Use the bootmeth RAUC if partitions for at least one slot exist. The
bootmeth can then select the working slot.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Tested-by: Martin Schwan <m.schwan@phytec.de>
Only check if the root partition exists when scanning for the slots
partitions and not if the filesystem can be accessed. It is not needed
to access the filesystem of the root partition as it might not be
supported by u-boot or be encrypted.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Tested-by: Martin Schwan <m.schwan@phytec.de>
If there is no more active slot found in find_active_slot(), like when
all slots in BOOT_ORDER have a count of 0, the counters are reset to their
default value CONFIG_BOOTMETH_RAUC_DEFAULT_TRIES. The BOOT_ORDER is _not_
changed, which is logically correct (especially for the case when there is
only one (active) slot set, e.g. BOOT_ORDER only contains 'B', probably due
to RAUC option prevent-late-fallback being set). Resetting the counters of
inactive slots also does not harm here, and is fine as a generic solution.
But the log_info statement in this scenario
INFO: Resetting boot order and all slot tries
is incorrect. Change this to
INFO: Resetting all slot tries to 3
with the 3 being inserted by CONFIG_BOOTMETH_RAUC_DEFAULT_TRIES.
Signed-off-by: Andreas Pretzsch <apr@cn-eng.de>
Reviewed-by: Martin Schwan <m.schwan@phytec.de>
Martin Schwan <m.schwan@phytec.de> says:
This series fixes a segfault, that would occur at the end of scanning a
device, which does not contain the required partition layout scheme for
a RAUC system.
With this series, a "bootflow scan" should now correctly scan the
specified devices with boot method "rauc" without crashing on invalid
partition schemes.
Link: https://lore.kernel.org/r/20250813-wip-bootmeth-rauc-priv-free-v1-0-1ef928169469@phytec.de
The private data struct can be freed when loading the boot script, as we
don't need the slot information anymore at this point.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
Move freeing a distro_rauc_priv struct to a new, separate function for
better reuse.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
Don't null bootflow->bootmeth_priv, as the private struct is freed later
on by the bootflow.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
Fix a segfault when cleaning up the slots from the private struct. This
fault was generated by accessing a member of a null pointer.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
The bootmeth rauc should scan all partitions, in particular whole
devices, and not be a global method. There may exist multiple RAUC
systems on different devices and they should all be detected. This also
fixes a bug, where both a global bootflow and one using an actual,
complete device would be detected at the same time, when scanning for
valid bootflows.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
Only scan for the existence of all required partitions of a RAUC system,
instead of searching for boot script files in all of them.
Previously, it might have occurred, that a slot did not contain required
files and RAUC already marked the corresponding slot as bad (not
suitable for booting). In that case, scanning for a non-existence boot
script would result in an error (and thus not booting anything), which
was different behavior compared to the legacy RAUC boot.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Fix a potential segmentation fault, by not accessing the member of a
null pointer to a private slot's name field.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Fix a potential memory leak, by checking the return value of realloc
first, before assigning it to the private list of slots.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Add a bootmeth driver which supports booting A/B system with RAUC as
their update client.
Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Tested-by: Wadim Egorov <w.egorov@phytec.de>
