I’m trying to implement resilient update for Orin, which will fallback to previous version in case if the update files are invalid(for example due to misconfiguration of build server).
I have examined how A/B update is implemented in UEFI code. Every partition is duplicated including GPT table of bootloader, so in that part everything is working out of the box.
Only problem is BR-BCTs. There are 4 copies, which is more than enough. But I can’t determine which one of 4 copies was used during boot.
Let’s imagine a situation where update has random data instead of valid BCT, rest of partitions are valid.
Current Boot-Chain Slot is A(0), we update slot B(1).
I update all partitions and then update BCT copies 1 and 0.
After that I set BootChain in BootChainRegister to 1 to boot slot B.
After reboot I can compare the current Boot-Chain Slot and br-bct boot-chain in logs:
new BCT is invalid, rest of partitions are valid:
I> Current Boot-Chain Slot: 1
I> BR-BCT Boot-Chain is 0, and status is 0. Set UPDATE_BRBCT bit to 0
New BCT valid, rest of parititions are invalid
I> Current Boot-Chain Slot: 0
I> BR-BCT Boot-Chain is 1, and status is 1. Set UPDATE_BRBCT bit to 1
All new partitions are invalid
I> Current Boot-Chain Slot: 0
I> BR-BCT Boot-Chain is 0, and status is 0. Set UPDATE_BRBCT bit to 0
Update ok
I> Current Boot-Chain Slot: 1
I> BR-BCT Boot-Chain is 1, and status is 0. Set UPDATE_BRBCT bit to 0
I want to get value of BR-BCT Boot-Chain(which I can clearly see in logs) in UEFI to determine if new BCT(from copy 0) is used for boot, or copies 0,1 are invalid and copy 2 or 3 was used.
I have found the U32NonGpioSelectBootChain value in uefi, which looks like exactly what I need, but for some reason it’s always zero.
Is there some way to get the BR-BCT Boot-Chain from UEFI?