Does c-boot have support for a fall-back option (to a golden image) in case verification of the primary boot image fails?
Also, could you please let me know when the c-boot source code for 32.1.0 will be posted?
Thanks
Rayees
Does c-boot have support for a fall-back option (to a golden image) in case verification of the primary boot image fails?
Also, could you please let me know when the c-boot source code for 32.1.0 will be posted?
Thanks
Rayees
Hi rayees,
u-boot should be able to do that. Since you are on tx2, I think u-boot is still there. Why do you want to use cboot for this feature?
Wayne,
Could you please explain how u-boot is handling the golden images?
My reason for considering c-boot
My understanding is that the signing/encryption process will sign and encrypt the next stage bootloader to be verified and decrypted by c-boot. Currently, the next stage bootloader for c-boot is either u-boot or the Linux kernel.
If I want the kernel to be both signed and encrypted, then my only option is to use c-boot and the kernel as the next stage and skip the u-boot stage.
If I use u-boot as the next stage after c-boot, then the verification and decryption of the kernel is not handled by the Nvidia tools, as I understand. Please let me know if this is not the case.
For u-boot, the only mechanism is to add something like below in extlinux.conf, so user can fallback to back up image.
# When testing a custom kernel, it is recommended that you create a backup of
# the original kernel and add a new entry to this file so that the device can
# fallback to the original kernel. To do this:
#
# 1, Make a backup of the original kernel
# sudo cp /boot/Image /boot/Image.backup
#
# 2, Copy your custom kernel into /boot/Image
#
# 3, Uncomment below menu setting lines for the original kernel
#
# 4, Reboot
# LABEL backup
# MENU LABEL backup kernel
# LINUX /boot/Image.backup
# INITRD /boot/initrd
# APPEND ${cbootargs}
We are still checking the capability of c-boot for you query.
Wayne,
The scenario that you are describing is one in which we make the selection in u-boot manually. We won’t have this option in production mode.
The scenario we are considering is that in which the primary image becomes corrupt due to some reason (could be a update process gone wrong). In this case, we want to seamlessly switch to the golden image during runtime so that the system doesn’t stall.
A/B redundancy of cboot should handle this part. Even for sign/crypto case.