barebox hooks in userspace
Trent Piepho
trent.piepho at igorinstitute.com
Tue Dec 6 12:17:10 PST 2022
On Mon, Dec 5, 2022 at 11:19 PM Sascha Hauer <sha at pengutronix.de> wrote:
>
> When do you want to execute the scripts? When you want to execute them
> during booting then I think we'll find a better way for this.
Section in FIT image containing scripts to run at boot? That way they
are linked to updates to the kernel, which should already be linked to
rootfs if there are any modules. FIT image already has a way to store
multiple kernels/devicetrees/etc for different hardware variants and
boot types (normal, recovery), which is probably useful. FIT image
already has a system for hashes and signatures. If one cares about
security, then this is very important for any scripts run by the
bootloader. I think most U-Boot style boots with partition switching
done by changing the boot scripts stored in an unsigned environment
sector have a massive security hole here.
There's a problem that can happen when the interface between the
bootloader and the kernel/rootfs change. E.g., the kernel command
line arguments change for a new kernel. One needs to update the
scripts that create those arguments in Barebox. Having RAUC update
Barebox is easy and solves that. But what if there is a fallback to
the previous A/B partition? Then one gets a new Barebox + new kernel
command line trying to boot an old kernel. If one has not been
careful to make the changes to the kernel command line backward
compatible then the old kernel might not boot.
Putting the scripts in the FIT image would be a way to tie them to the
kernel rather than to the bootloader.
More information about the barebox
mailing list