When boot_idx differs from active_idx at boot time, it indicates a rollback scenario where the firmware update failed and the system reverted to the previous working bank. In this case, mark the failed bank (active_idx) as invalid to prevent future boot attempts from that bank.
Signed-off-by: Kory Maincent <[email protected]> --- lib/fwu_updates/fwu.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 0f5ef2ba515..37c613014d1 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -766,6 +766,12 @@ static int fwu_boottime_checks(void) if (boot_idx != active_idx) { log_info("Boot idx %u is not matching active idx %u, changing active_idx\n", boot_idx, active_idx); + + ret = fwu_state_machine_updates(FWU_BANK_INVALID, active_idx); + if (ret) + log_err("Unable to set bank %u state as invalid", + active_idx); + ret = fwu_set_active_index(boot_idx); if (!ret) boottime_check = 1; -- 2.43.0
