dfu: mcuboot: add boot_is_img_confirmed()
Applications chainloaded by MCUboot may want to change their behavior
based on whether or not they are confirmed.
Here are some examples:
- performing a built-in self test (BIST) if the image is not yet
confirmed, and marking it OK if it passes (this enables reverting
to an older working image if the BIST fails, and allows future
resets to skip the BIST if it passes to improve boot time)
- interacting with persistent metadata related to image state on
other flash partitions during test upgrades (these are required in
cases when the update source provides runtime metadata, such as
monotonic counters, related to an upgrade attempt which must be
used to report results)
To enable these use cases, add boot_is_img_confirmed(), which reads
the "image OK" field for the current firmware image and returns true
if and only if it is set.
Signed-off-by: Marti Bolivar <marti@opensourcefoundries.com>
This commit is contained in:
Marti Bolivar
Anas Nashif
parent
4877dd22ea
commit
01aa12bffd
2 changed files with 30 additions and 3 deletions
|
|
@ -8,11 +8,33 @@
|
|||
#ifndef __MCUBOOT_H__
|
||||
#define __MCUBOOT_H__
|
||||
|
||||
#include <stdbool.h>
|
||||
|
||||
/**
|
||||
* @brief Marks the image in slot 0 as confirmed. The system will continue
|
||||
* booting into the image in slot 0 until told to boot from a different slot.
|
||||
* @brief Check if the currently running image is confirmed as OK.
|
||||
*
|
||||
* This call is expected to be used by the application running on trial.
|
||||
* MCUboot can perform "test" upgrades. When these occur, a new
|
||||
* firmware image is installed and booted, but the old version will be
|
||||
* reverted at the next reset unless the new image explicitly marks
|
||||
* itself OK.
|
||||
*
|
||||
* This routine can be used to check if the currently running image
|
||||
* has been marked as OK.
|
||||
*
|
||||
* @return True if the image is confirmed as OK, false otherwise.
|
||||
* @see boot_write_img_confirmed()
|
||||
*/
|
||||
bool boot_is_img_confirmed(void);
|
||||
|
||||
/**
|
||||
* @brief Marks the currently running image as confirmed.
|
||||
*
|
||||
* This routine attempts to mark the currently running firmware image
|
||||
* as OK, which will install it permanently, preventing MCUboot from
|
||||
* reverting it for an older image at the next reset.
|
||||
*
|
||||
* This routine is safe to call if the current image has already been
|
||||
* confirmed. It will return a successful result in this case.
|
||||
*
|
||||
* @return 0 on success, negative errno code on fail.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue