[PATCH] boot: add framework for redundant boot scenarios
Sascha Hauer
s.hauer at pengutronix.de
Wed Aug 24 03:22:40 PDT 2016
From: Marc Kleine-Budde <mkl at pengutronix.de>
There are several use cases where a redundant Linux system is needed. The
barebox bootchooser framework provides the building blocks to model different
use cases without the need to start from the scratch over and over again.
The bootchooser works on abstract boot targets, each with a set of properties
and implements an algorithm which selects the highest priority target to boot.
See the documentation contained in this patch for more information.
Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl at pengutronix.de>
---
Documentation/user/bootchooser.rst | 185 +++++++++
Documentation/user/state.rst | 2 +
Documentation/user/user-manual.rst | 1 +
commands/Kconfig | 5 +
commands/Makefile | 1 +
commands/bootchooser.c | 148 +++++++
common/Kconfig | 6 +
common/Makefile | 1 +
common/boot.c | 7 +
common/bootchooser.c | 784 +++++++++++++++++++++++++++++++++++++
include/bootchooser.h | 37 ++
11 files changed, 1177 insertions(+)
create mode 100644 Documentation/user/bootchooser.rst
create mode 100644 commands/bootchooser.c
create mode 100644 common/bootchooser.c
create mode 100644 include/bootchooser.h
diff --git a/Documentation/user/bootchooser.rst b/Documentation/user/bootchooser.rst
new file mode 100644
index 0000000..5bd8684
--- /dev/null
+++ b/Documentation/user/bootchooser.rst
@@ -0,0 +1,185 @@
+Barebox Bootchooser
+===================
+
+In many cases embedded systems are layed out redundantly with multiple
+kernels and multiple root file systems. The bootchooser framework provides
+the building blocks to model different use cases without the need to start
+from the scratch over and over again.
+
+The bootchooser works on abstract boot targets, each with a set of properties
+and implements an algorithm which selects the highest priority target to boot.
+
+Bootchooser Targets
+-------------------
+
+A bootchooser target represents one target that barebox can boot. It consists
+of a set of variables in the ``global.bootchooser.<targetname>`` namespace. The
+following configuration variables are needed to describe a bootchooser target:
+
++---------------------------------------------+---------+----------------------------+
+| Name | Example | Description |
++---------------------------------------------+---------+----------------------------+
+| global.bootchooser.system0.boot | mmc0 | This controls what |
+| | | barebox actually |
+| | | boots for this target. |
+| | | This string can contain |
+| | | anything that the |
+| | | :ref:`boot <command_boot>` |
+| | | command understands. |
++---------------------------------------------+---------+----------------------------+
+| global.bootchooser.system0.default_attempts | 3 | The default number of |
+| | | attempts that a target |
+| | | shall be tried starting. |
++---------------------------------------------+---------+----------------------------+
+| global.bootchooser.system0.default_priority | 20 | The default priority of |
+| | | a target. |
++---------------------------------------------+---------+----------------------------+
+
+Additionally the following runtime variables are needed. Unlinke the configuration
+variables these are automatically changed by the bootchooser algorithm:
+
++-------------------------------------------------+---------+---------------------------+
+| Name | Example | Description |
++-------------------------------------------------+---------+---------------------------+
+| global.bootchooser.system0.priority | 20 | The current priority |
+| | | of the target. Higher |
+| | | numbers have higher |
+| | | priorities. A priority of |
+| | | 0 means the target is |
+| | | disabled and won't be |
+| | | started. |
++-------------------------------------------------+---------+---------------------------+
+| global.bootchooser.system0.remaining_attempts | 1 | The remaining attempts |
+| | | counter. Only targets |
+| | | with a remaining_attempts |
+| | | counter > 0 are started. |
++-------------------------------------------------+---------+---------------------------+
+
+The bootchooser algorithm generally only starts targets that have a priority
+> 0 and a remaining attempts counter > 0.
+
+The Bootchooser Algorithm
+-------------------------
+
+The bootchooser algorithm always selects the target with the highest priority
+that has a nonzero remaining attempts counter. The remaining attempts counter
+of the target is decremented by one. This means every target remaining attempts
+counter reaches zero sooner or later and the target won't be booted anymore.
+To prevent that the target must be marked good. This can be done either in the
+running system or in barebox.
+
+Marking a System 'Good' in the System Itself
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+In this case barebox will always decrement the remaining attempts counter. In the
+running system it must then be incremented again, which is done usually when the
+application is started successfully. The upside of this mechanism is that a very fine
+grained decision can be made when a target is 'good'. The downside may be that the
+state must be written twice each boot: Once for decrementing the counter in barebox
+and once for incrementing the counters again.
+
+Marking a System 'Good' in Barebox
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+A target can be marked as good in barebox using a bootchooser command or by a
+equivalent C function. Usually a startup script will contain something like:
+
+.. code-block:: sh
+
+ if [ "${global.system.reset}" = "POR" ]; then
+ # Power-on-reset, tell that last boot was successful
+ bootchooser -s
+ fi
+
+In this case the bootchooser will *not* decrement the remaining attempts counter
+of the booted target if it is the same target that was booted last time.
+
+Bootchooser General Options
+---------------------------
+
+Additionally to the target options described above bootchooser has some general
+options not specific to any target.
+
++-------------------------------------+------------+--------------------------------------+
+| Name | Example | Description |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser. | 0 | Boolean flag, if 1 bootchooser |
+| deactivate_on_zero_attempts | | deactivates a target (sets priority |
+| | | to 0) whenever the remaining |
+| | | attempts counter reaches 0. |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser.default_attempts | 3 | The default number of |
+| | | attempts that a target |
+| | | shall be tried starting, used |
+| | | when not overwritten with |
+| | | the target specific variable |
+| | | of the same name. |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser.retry | 1 | If 1, bootchooser retries booting |
+| | | until one succeeds or no more valid |
+| | | targets exist. |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser.state_prefix | state.boot | Variable prefix when bootchooser |
+| | | used with state framework as |
+| | | backend for storing runtime data, |
+| | | see below. |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser.targets | sys0 sys1 | Space separated list of targets that |
+| | | are used. For each entry in the |
+| | | list a corresponding set of |
+| | | global.bootchooser.<name>. |
+| | | variables must exist. |
++-------------------------------------+------------+--------------------------------------+
+| global.bootchooser.last_chosen | 0 | Set to the target that was chosen on |
+| | | last boot (index) |
++-------------------------------------+------------+--------------------------------------+
+
+Using the State Framework as Backend for Runtime Variable Data
+--------------------------------------------------------------
+
+Normally the data that is modified by the bootchooser during runtime is stored
+in global variables (backed with NV). Alternatively the :ref:`state_framework`
+can be used for this data which allows to store this data redundantely
+and in small EEPROM spaces. See :ref:`state_framework` to setup the state framework.
+During barebox runtime each state instance will create a device
+(usually named 'state' when only one is used) with a set of parameters. Set
+``global.bootchooser.state_prefix`` to the name of the device and optionally the
+namespace inside this device. For example when your state device is called 'state'
+and inside that the 'bootchooser' namespace is used for describing the targets,
+then set ``global.bootchooser.state_prefix`` to ``state.bootchooser``.
+
+Example
+-------
+
+The following initializes two targets, 'system0' and 'system1'. Both boot
+from an UBIFS on nand0, the former has a priority of 21 and boots from
+the volume 'system0' whereas the latter has a priority of 20 and boots from
+the volume 'system1'.
+
+.. code-block:: sh
+
+ # initialize target 'system0'
+ nv bootchooser.system0.boot=nand0.ubi.system0
+ nv bootchooser.system0.remaining_attempts=3
+ nv bootchooser.system0.default_attempts=3
+ nv bootchooser.system0.priority=21
+ nv bootchooser.system0.default_priority=21
+
+ # initialize target 'system1'
+ nv bootchooser.system1.boot=nand0.ubi.system1
+ nv bootchooser.system1.remaining_attempts=3
+ nv bootchooser.system1.default_attempts=3
+ nv bootchooser.system1.priority=20
+ nv bootchooser.system1.default_priority=20
+
+ # make targets known
+ nv bootchooser.targets="system0 system1"
+
+ # retry until one target succeeds
+ nv bootchooser.retry=true
+
+ # First try bootchooser, when no targets remain boot from network
+ nv boot.default="bootchooser net"
+
+Note that this example is for testing, normally the NV variables would be
+initialized directly by files in the default environment, not with a script.
diff --git a/Documentation/user/state.rst b/Documentation/user/state.rst
index c401f10..5dd5c48 100644
--- a/Documentation/user/state.rst
+++ b/Documentation/user/state.rst
@@ -1,3 +1,5 @@
+.. _state_framework:
+
Barebox State Framework
=======================
diff --git a/Documentation/user/user-manual.rst b/Documentation/user/user-manual.rst
index 5841ea6..435649f 100644
--- a/Documentation/user/user-manual.rst
+++ b/Documentation/user/user-manual.rst
@@ -27,6 +27,7 @@ Contents:
usb
ubi
booting-linux
+ bootchooser
remote-control
system-setup
reset-reason
diff --git a/commands/Kconfig b/commands/Kconfig
index decd45d..30bf429 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -2097,6 +2097,11 @@ config CMD_STATE
depends on STATE
prompt "state"
+config CMD_BOOTCHOOSER
+ tristate
+ depends on BOOTCHOOSER
+ prompt "bootchooser"
+
config CMD_DHRYSTONE
bool
prompt "dhrystone"
diff --git a/commands/Makefile b/commands/Makefile
index 7abd6dd..601f15f 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -115,6 +115,7 @@ obj-$(CONFIG_CMD_NV) += nv.o
obj-$(CONFIG_CMD_DEFAULTENV) += defaultenv.o
obj-$(CONFIG_CMD_STATE) += state.o
obj-$(CONFIG_CMD_DHCP) += dhcp.o
+obj-$(CONFIG_CMD_BOOTCHOOSER) += bootchooser.o
obj-$(CONFIG_CMD_DHRYSTONE) += dhrystone.o
obj-$(CONFIG_CMD_SPD_DECODE) += spd_decode.o
obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o
diff --git a/commands/bootchooser.c b/commands/bootchooser.c
new file mode 100644
index 0000000..91938fe
--- /dev/null
+++ b/commands/bootchooser.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (C) 2012 Jan Luebbe <j.luebbe at pengutronix.de>
+ * Copyright (C) 2015 Marc Kleine-Budde <mkl at pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#include <bootchooser.h>
+#include <globalvar.h>
+#include <command.h>
+#include <common.h>
+#include <getopt.h>
+#include <malloc.h>
+#include <stdio.h>
+
+#define DONTTOUCH -2
+#define DEFAULT -1
+
+static void target_reset(struct bootchooser_target *target, int priority, int attempts)
+{
+ printf("Resetting target %s to ", bootchooser_target_name(target));
+
+ if (priority >= 0)
+ printf("priority %d", priority);
+ else if (priority == DEFAULT)
+ printf("default priority");
+
+ if (priority > DONTTOUCH && attempts > DONTTOUCH)
+ printf(", ");
+
+ if (attempts >= 0)
+ printf("%d attempts", attempts);
+ else if (attempts == DEFAULT)
+ printf("default attempts");
+
+ printf("\n");
+
+ if (priority > DONTTOUCH)
+ bootchooser_target_set_priority(target, priority);
+ if (attempts > DONTTOUCH)
+ bootchooser_target_set_attempts(target, attempts);
+}
+
+static int do_bootchooser(int argc, char *argv[])
+{
+ int opt, ret = 0, i;
+ struct bootchooser *bootchooser;
+ struct bootchooser_target *target;
+ int attempts = DONTTOUCH;
+ int priority = DONTTOUCH;
+ int info = 0;
+ bool done_something = false;
+ bool last_boot_successful = false;
+
+ while ((opt = getopt(argc, argv, "a:p:is")) > 0) {
+ switch (opt) {
+ case 'a':
+ if (!strcmp(optarg, "default"))
+ attempts = DEFAULT;
+ else
+ attempts = simple_strtoul(optarg, NULL, 0);
+ break;
+ case 'p':
+ if (!strcmp(optarg, "default"))
+ priority = DEFAULT;
+ else
+ priority = simple_strtoul(optarg, NULL, 0);
+ break;
+ case 'i':
+ info = 1;
+ break;
+ case 's':
+ last_boot_successful = true;
+ break;
+ default:
+ return COMMAND_ERROR_USAGE;
+ }
+ }
+
+ bootchooser = bootchooser_get();
+ if (IS_ERR(bootchooser)) {
+ printf("No bootchooser found\n");
+ return COMMAND_ERROR;
+ }
+
+ if (last_boot_successful) {
+ bootchooser_last_boot_successful();
+ done_something = true;
+ }
+
+ if (attempts != DONTTOUCH || priority != DONTTOUCH) {
+ if (optind < argc) {
+ for (i = optind; i < argc; i++) {
+ target = bootchooser_target_by_name(bootchooser, argv[i]);
+ if (!target) {
+ printf("No such target: %s\n", argv[i]);
+ ret = COMMAND_ERROR;
+ goto out;
+ }
+
+ target_reset(target, priority, attempts);
+ }
+ } else {
+ bootchooser_for_each_target(bootchooser, target)
+ target_reset(target, priority, attempts);
+ }
+ done_something = true;
+ }
+
+ if (info) {
+ bootchooser_info(bootchooser);
+ done_something = true;
+ }
+
+ if (!done_something) {
+ printf("Nothing to do\n");
+ ret = COMMAND_ERROR_USAGE;
+ }
+out:
+ bootchooser_put(bootchooser);
+
+ return ret;
+}
+
+BAREBOX_CMD_HELP_START(bootchooser)
+BAREBOX_CMD_HELP_TEXT("Control misc behaviour of the bootchooser")
+BAREBOX_CMD_HELP_TEXT("")
+BAREBOX_CMD_HELP_TEXT("Options:")
+BAREBOX_CMD_HELP_OPT ("-a <n|default> [TARGETS]", "set priority of given targets to 'n' or the default priority")
+BAREBOX_CMD_HELP_OPT ("-p <n|default> [TARGETS]", "set remaining attempts of given targets to 'n' or the default attempts")
+BAREBOX_CMD_HELP_OPT ("-i", "Show information about the bootchooser")
+BAREBOX_CMD_HELP_OPT ("-s", "Mark the last boot successful")
+BAREBOX_CMD_HELP_END
+
+BAREBOX_CMD_START(bootchooser)
+ .cmd = do_bootchooser,
+ BAREBOX_CMD_DESC("bootchooser control")
+ BAREBOX_CMD_GROUP(CMD_GRP_MISC)
+ BAREBOX_CMD_HELP(cmd_bootchooser_help)
+BAREBOX_CMD_END
diff --git a/common/Kconfig b/common/Kconfig
index 38225eb..262dbf2 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -935,6 +935,12 @@ config STATE_CRYPTO
See Documentation/devicetree/bindings/barebox/barebox,state.rst
for more information.
+config BOOTCHOOSER
+ bool "bootchooser infrastructure"
+ select ENVIRONMENT_VARIABLES
+ select OFTREE
+ select PARAMETER
+
config RESET_SOURCE
bool "detect Reset cause"
depends on GLOBALVAR
diff --git a/common/Makefile b/common/Makefile
index 00bc0e8..a36ae5e 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -46,6 +46,7 @@ obj-$(CONFIG_SHELL_HUSH) += hush.o
obj-$(CONFIG_SHELL_SIMPLE) += parser.o
obj-$(CONFIG_STATE) += state/
obj-$(CONFIG_RATP) += ratp.o
+obj-$(CONFIG_BOOTCHOOSER) += bootchooser.o
obj-$(CONFIG_UIMAGE) += image.o uimage.o
obj-$(CONFIG_FITIMAGE) += image-fit.o
obj-$(CONFIG_MENUTREE) += menutree.o
diff --git a/common/boot.c b/common/boot.c
index e66bacb..573bebd 100644
--- a/common/boot.c
+++ b/common/boot.c
@@ -10,6 +10,7 @@
*/
#include <environment.h>
+#include <bootchooser.h>
#include <globalvar.h>
#include <magicvar.h>
#include <watchdog.h>
@@ -270,6 +271,12 @@ int bootentry_create_from_name(struct bootentries *bootentries,
}
}
+ if (IS_ENABLED(CONFIG_BOOTCHOOSER) && !strcmp(name, "bootchooser")) {
+ ret = bootchooser_create_bootentry(bootentries);
+ if (ret > 0)
+ found += ret;
+ }
+
if (!found) {
char *path;
diff --git a/common/bootchooser.c b/common/bootchooser.c
new file mode 100644
index 0000000..2f087e8
--- /dev/null
+++ b/common/bootchooser.c
@@ -0,0 +1,784 @@
+/*
+ * Copyright (C) 2012 Jan Luebbe <j.luebbe at pengutronix.de>
+ * Copyright (C) 2015 Marc Kleine-Budde <mkl at pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+#define pr_fmt(fmt) "bootchooser: " fmt
+
+#include <bootchooser.h>
+#include <environment.h>
+#include <globalvar.h>
+#include <magicvar.h>
+#include <command.h>
+#include <libfile.h>
+#include <common.h>
+#include <malloc.h>
+#include <printk.h>
+#include <xfuncs.h>
+#include <envfs.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <ioctl.h>
+#include <libbb.h>
+#include <state.h>
+#include <stdio.h>
+#include <init.h>
+#include <crc.h>
+#include <net.h>
+#include <fs.h>
+
+#include <linux/kernel.h>
+#include <linux/list.h>
+#include <linux/err.h>
+
+#define BOOTCHOOSER_PREFIX "global.bootchooser"
+
+static char *available_targets;
+static char *state_prefix;
+static int global_default_attempts = 3;
+static int deactivate_on_zero_attempts;
+static int retry;
+static int last_boot_successful;
+
+struct bootchooser {
+ struct bootentry entry;
+ struct list_head targets;
+ bool dirty;
+ struct bootchooser_target *last_chosen;
+
+ char *state_devname;
+
+ int verbose;
+ int dryrun;
+};
+
+struct bootchooser_target {
+ struct bootchooser *bootchooser;
+ struct list_head list;
+
+ /* state */
+ unsigned int priority;
+ unsigned int remaining_attempts;
+ int id;
+
+ /* spec */
+ char *name;
+ unsigned int default_attempts;
+ unsigned int default_priority;
+
+ char *boot;
+
+ char *prefix;
+ char *state_prefix;
+};
+
+static int bootchooser_target_ok(struct bootchooser_target *target, const char **reason)
+{
+ if (!target->priority) {
+ if (reason)
+ *reason = "Target disabled (priority = 0)";
+ return false;
+ }
+
+ if (!target->remaining_attempts) {
+ if (reason)
+ *reason = "remaining attempts = 0";
+ return false;
+ }
+
+ if (reason)
+ *reason = "target OK";
+
+ return true;
+}
+
+static void pr_target(struct bootchooser_target *target)
+{
+ const char *reason;
+ int ok;
+
+ ok = bootchooser_target_ok(target, &reason);
+
+ printf("%s\n"
+ " id: %u\n"
+ " priority: %u\n"
+ " default_priority: %u\n"
+ " remaining attempts: %u\n"
+ " default attempts: %u\n"
+ " boot: '%s'\n",
+ target->name, target->id, target->priority, target->default_priority,
+ target->remaining_attempts, target->default_attempts,
+ target->boot);
+ if (!ok)
+ printf(" disabled due to %s\n", reason);
+}
+
+static int pr_setenv(struct bootchooser *bc, const char *fmt, ...)
+{
+ va_list ap;
+ int ret = 0;
+ char *str, *val;
+ const char *oldval;
+
+ va_start(ap, fmt);
+ str = bvasprintf(fmt, ap);
+ va_end(ap);
+
+ if (!str)
+ return -ENOMEM;
+
+ val = strchr(str, '=');
+ if (!val) {
+ ret = -EINVAL;
+ goto err;
+ }
+
+ *val++ = '\0';
+
+ oldval = getenv(str);
+ if (!oldval || strcmp(oldval, val)) {
+ ret = setenv(str, val);
+ bc->dirty = true;
+ }
+
+err:
+ free(str);
+
+ return ret;
+}
+
+static const char *pr_getenv(const char *fmt, ...)
+{
+ va_list ap;
+ char *str;
+ const char *val;
+
+ va_start(ap, fmt);
+ str = bvasprintf(fmt, ap);
+ va_end(ap);
+
+ if (!str)
+ return NULL;
+
+ val = getenv(str);
+
+ free(str);
+
+ return val;
+}
+
+static int pr_getenv_u32(uint32_t *retval, const char *fmt, ...)
+{
+ va_list ap;
+ char *str;
+ const char *val;
+
+ va_start(ap, fmt);
+ str = bvasprintf(fmt, ap);
+ va_end(ap);
+
+ if (!str)
+ return -ENOMEM;
+
+ val = getenv(str);
+
+ free(str);
+
+ if (!val)
+ return -ENOENT;
+
+ *retval = simple_strtoul(val, NULL, 0);
+
+ return 0;
+}
+
+static int bootchooser_target_compare(struct list_head *a, struct list_head *b)
+{
+ struct bootchooser_target *bootchooser_a = list_entry(a, struct bootchooser_target, list);
+ struct bootchooser_target *bootchooser_b = list_entry(b, struct bootchooser_target, list);
+
+ /* order with descending priority */
+ return bootchooser_a->priority >= bootchooser_b->priority ? -1 : 1;
+}
+
+struct target_var {
+ char **prefix;
+ const char *name;
+ uint32_t *ptr;
+};
+
+static struct bootchooser_target *bootchooser_target_new(const char *name)
+{
+ struct bootchooser_target *target = xzalloc(sizeof(*target));
+ int ret, i;
+ const char *val;
+ struct target_var vars[] = {
+ {
+ .prefix = &target->prefix,
+ .name = "default_attempts",
+ .ptr = &target->default_attempts,
+ }, {
+ .prefix = &target->prefix,
+ .name = "default_priority",
+ .ptr = &target->default_priority,
+ }, {
+ .prefix = &target->state_prefix,
+ .name = "priority",
+ .ptr = &target->priority,
+ }, {
+ .prefix = &target->state_prefix,
+ .name = "remaining_attempts",
+ .ptr = &target->remaining_attempts,
+ }
+ };
+
+ target->name = xstrdup(name);
+ target->prefix = basprintf("%s.%s", BOOTCHOOSER_PREFIX, name);
+ target->state_prefix = basprintf("%s.%s", state_prefix, name);
+
+ target->default_attempts = global_default_attempts;
+
+ for (i = 0; i < ARRAY_SIZE(vars); i++) {
+ struct target_var *var = &vars[i];
+ ret = pr_getenv_u32(var->ptr, "%s.%s", *var->prefix, var->name);
+ if (ret) {
+ pr_err("Cannot read %s.%s\n", *var->prefix, var->name);
+ goto err;
+ }
+ }
+
+ val = pr_getenv("%s.boot", target->prefix);
+ if (!val)
+ val = target->name;
+ target->boot = xstrdup(val);
+
+ return target;
+
+err:
+ pr_err("Cannot initialize target '%s'\n", name);
+
+ free(target);
+
+ return ERR_PTR(ret);
+}
+
+static struct bootchooser_target *bootchooser_target_by_id(struct bootchooser *bc,
+ uint32_t id)
+{
+ struct bootchooser_target *target;
+
+ list_for_each_entry(target, &bc->targets, list)
+ if (target->id == id)
+ return target;
+
+ return NULL;
+}
+
+struct bootchooser *bootchooser_get(void)
+{
+ struct bootchooser *bc;
+ char *targets, *str, *freep = NULL, *delim;
+ int ret = -EINVAL, id = 1;
+ uint32_t last_chosen;
+
+ bc = xzalloc(sizeof(*bc));
+
+ delim = strchr(state_prefix, '.');
+ if (!delim) {
+ pr_err("state_prefix '%s' has invalid format\n", state_prefix);
+ goto err;
+ }
+
+ bc->state_devname = xstrndup(state_prefix, delim - state_prefix);
+
+ INIT_LIST_HEAD(&bc->targets);
+
+ freep = targets = xstrdup(available_targets);
+
+ while (1) {
+ struct bootchooser_target *target;
+
+ str = strsep(&targets, " ");
+ if (!str || !*str)
+ break;
+
+ target = bootchooser_target_new(str);
+ if (!IS_ERR(target)) {
+ target->id = id;
+ list_add_sort(&target->list, &bc->targets,
+ bootchooser_target_compare);
+ }
+
+ id++;
+ }
+
+ if (id == 1) {
+ pr_err("Target list $global.bootchooser.targets is empty\n");
+ goto err;
+ }
+
+ if (list_empty(&bc->targets)) {
+ pr_err("No targets could be initialized\n");
+ goto err;
+ }
+
+ free(freep);
+
+ ret = pr_getenv_u32(&last_chosen, "%s.last_chosen", state_prefix);
+ if (!ret && last_chosen > 0) {
+ bc->last_chosen = bootchooser_target_by_id(bc, last_chosen);
+ if (!bc->last_chosen)
+ pr_warn("Last booted target with id %d does not exist\n", last_chosen);
+ }
+
+ if (bc->last_chosen && !bc->last_chosen->remaining_attempts &&
+ deactivate_on_zero_attempts) {
+ bc->last_chosen->priority = 0;
+
+ pr_info("target %s has 0 remaining attempts, disabling\n",
+ bc->last_chosen->name);
+ }
+
+ return bc;
+
+err:
+ free(freep);
+ free(bc);
+
+ return ERR_PTR(ret);
+}
+
+/**
+ * bootchooser_save - save a bootchooser to the backing store
+ * @bc: The bootchooser instance to save
+ *
+ * Return: 0 for success, negative error code otherwise
+ */
+int bootchooser_save(struct bootchooser *bc)
+{
+ struct bootchooser_target *target;
+ int ret;
+ struct state *state;
+
+ if (bc->last_chosen)
+ pr_setenv(bc, "%s.last_chosen=0x%08x", state_prefix,
+ bc->last_chosen->id);
+
+ list_for_each_entry(target, &bc->targets, list) {
+ ret = pr_setenv(bc, "%s.remaining_attempts=%d",
+ target->state_prefix,
+ target->remaining_attempts);
+ if (ret)
+ return ret;
+
+ ret = pr_setenv(bc, "%s.priority=%d",
+ target->state_prefix, target->priority);
+ if (ret)
+ return ret;
+ }
+
+ if (!strcmp(bc->state_devname, "nv")) {
+ ret = nvvar_save();
+ if (ret) {
+ pr_err("Cannot save nv variables: %s\n", strerror(-ret));
+ return ret;
+ }
+ } else {
+ state = state_by_name(bc->state_devname);
+ if (!state) {
+ pr_err("Cannot get state '%s'\n",
+ bc->state_devname);
+ return -ENODEV;
+ }
+
+ ret = state_save(state);
+ if (ret) {
+ pr_err("Cannot save state '%s': %s\n", bc->state_devname, strerror(-ret));
+ return ret;
+ }
+ }
+
+ bc->dirty = 0;
+
+ return 0;
+}
+
+int bootchooser_put(struct bootchooser *bc)
+{
+ struct bootchooser_target *target, *tmp;
+ int ret;
+
+ ret = bootchooser_save(bc);
+ if (ret)
+ pr_err("Failed to save bootchooser state: %s\n", strerror(-ret));
+
+ list_for_each_entry_safe(target, tmp, &bc->targets, list) {
+ free(target->boot);
+ free(target->prefix);
+ free(target->state_prefix);
+ free(target->name);
+ free(target);
+ }
+
+ free(bc);
+
+ return ret;
+}
+
+void bootchooser_info(struct bootchooser *bc)
+{
+ struct bootchooser_target *target;
+ const char *reason;
+ int count = 0;
+
+ printf("Good targets (first will be booted next):\n");
+ list_for_each_entry(target, &bc->targets, list) {
+ if (bootchooser_target_ok(target, NULL)) {
+ count++;
+ pr_target(target);
+ }
+ }
+
+ if (!count)
+ printf("none\n");
+
+ count = 0;
+
+ printf("\nDisabled targets:\n");
+ list_for_each_entry(target, &bc->targets, list) {
+ if (!bootchooser_target_ok(target, &reason)) {
+ count++;
+ pr_target(target);
+ }
+ }
+
+ if (!count)
+ printf("none\n");
+
+ printf("\nlast booted target: %s\n", bc->last_chosen ?
+ bc->last_chosen->name : "unknown");
+}
+
+/**
+ * bootchooser_get_target - get the target that shall be booted next
+ * @bc: The bootchooser
+ *
+ * This is the heart of the bootchooser. This function selects the next
+ * target to boot and returns it. If the remaining_attempts counter
+ * reaches 0 and deactivate_on_zero_attempts is true then the target
+ * will be disabled on the next boot.
+ *
+ * Return: The next target
+ */
+struct bootchooser_target *bootchooser_get_target(struct bootchooser *bc)
+{
+ struct bootchooser_target *target;
+
+ list_for_each_entry(target, &bc->targets, list) {
+ if (bootchooser_target_ok(target, NULL))
+ goto found;
+ }
+
+ pr_err("No valid targets found:\n");
+ list_for_each_entry(target, &bc->targets, list)
+ pr_target(target);
+
+ return ERR_PTR(-ENOENT);
+
+found:
+ if (!last_boot_successful || bc->last_chosen != target) {
+ target->remaining_attempts--;
+
+ if (bc->verbose)
+ pr_info("name=%s decrementing remaining_attempts to %d\n",
+ target->name, target->remaining_attempts);
+ }
+
+ if (bc->verbose)
+ pr_info("selected target '%s', boot '%s'\n", target->name, target->boot);
+
+ bc->last_chosen = target;
+
+ bootchooser_save(bc);
+
+ return target;
+}
+
+/**
+ * bootchooser_target_name - get the name of a target
+ * @target: The target
+ *
+ * Given a bootchooser target this function returns its name.
+ *
+ * Return: The name of the target
+ */
+const char *bootchooser_target_name(struct bootchooser_target *target)
+{
+ return target->name;
+}
+
+/**
+ * bootchooser_target_by_name - get a target from name
+ * @bc: The bootchooser
+ * @name: The name of the target to retrieve
+ *
+ * Given a name this function returns the corresponding target.
+ *
+ * Return: The target if found, NULL otherwise
+ */
+struct bootchooser_target *bootchooser_target_by_name(struct bootchooser *bc,
+ const char *name)
+{
+ struct bootchooser_target *target;
+
+ bootchooser_for_each_target(bc, target)
+ if (!strcmp(target->name, name))
+ return target;
+ return NULL;
+}
+
+/**
+ * bootchooser_target_set_attempts - set remaining attempts of a target
+ * @target: The target to change
+ * @attempts: The number of attempts
+ *
+ * This sets the number of remaining attempts for a bootchooser target.
+ * If @attempts is < 0 then the remaining attempts is reset to the default
+ * value.
+ *
+ * Return: 0 for success, negative error code otherwise
+ */
+int bootchooser_target_set_attempts(struct bootchooser_target *target, int attempts)
+{
+ if (attempts >= 0)
+ target->remaining_attempts = attempts;
+ else
+ target->remaining_attempts = target->default_attempts;
+
+ return 0;
+}
+
+/**
+ * bootchooser_target_set_priority - set priority of a target
+ * @target: The target to change
+ * @priority: The priority
+ *
+ * This sets the priority of a bootchooser target. If @priority is < 0
+ * then the priority reset to the default value.
+ *
+ * Return: 0 for success, negative error code otherwise
+ */
+int bootchooser_target_set_priority(struct bootchooser_target *target, int priority)
+{
+ if (priority >= 0)
+ target->priority = priority;
+ else
+ target->priority = target->default_priority;
+
+ return 0;
+}
+
+/**
+ * bootchooser_target_first - get the first target from a bootchooser
+ * @bc: The bootchooser
+ *
+ * Gets the first target from a bootchooser, used for the bootchooser
+ * target iterator.
+ *
+ * Return: The first target or NULL if no target exists
+ */
+struct bootchooser_target *bootchooser_target_first(struct bootchooser *bc)
+{
+ return list_first_entry_or_null(&bc->targets,
+ struct bootchooser_target, list);
+}
+
+/**
+ * bootchooser_target_next - get the next target from a bootchooser
+ * @bc: The bootchooser
+ * @target: The current target
+ *
+ * Gets the next target from a bootchooser, used for the bootchooser
+ * target iterator.
+ *
+ * Return: The first target or NULL if no more targets exist
+ */
+struct bootchooser_target *bootchooser_target_next(struct bootchooser *bc,
+ struct bootchooser_target *target)
+{
+ struct list_head *next = target->list.next;
+
+ if (next == &bc->targets)
+ return NULL;
+
+ return list_entry(next, struct bootchooser_target, list);
+}
+
+/**
+ * bootchooser_last_boot_successful - tell that the last boot was successful
+ *
+ * This tells bootchooser that the last boot was successful. This effectively
+ * means that if the same target is booted again then the remaining_attempts
+ * counter of that target is not decremented.
+ */
+void bootchooser_last_boot_successful(void)
+{
+ last_boot_successful = true;
+}
+
+/**
+ * bootchooser_get_last_chosen - get the target which was chosen last time
+ * @bc: The bootchooser
+ *
+ * Bootchooser stores the id of the target which was last booted in
+ * <state_prefix>.last_chosen. This function returns the target associated
+ * with this id.
+ *
+ * Return: The target which was booted last time
+ */
+struct bootchooser_target *bootchooser_get_last_chosen(struct bootchooser *bc)
+{
+ if (!bc->last_chosen)
+ return ERR_PTR(-ENODEV);
+
+ return bc->last_chosen;
+}
+
+static int bootchooser_boot_one(struct bootchooser *bc, int *tryagain)
+{
+ char *system;
+ struct bootentries *entries;
+ struct bootentry *entry;
+ struct bootchooser_target *target;
+ int ret = 0;
+
+ entries = bootentries_alloc();
+
+ target = bootchooser_get_target(bc);
+ if (IS_ERR(target)) {
+ ret = PTR_ERR(target);
+ *tryagain = 0;
+ goto out;
+ }
+
+ system = basprintf("bootchooser.active=%s", target->name);
+ globalvar_add_simple("linux.bootargs.bootchooser", system);
+ free(system);
+
+ ret = bootentry_create_from_name(entries, target->boot);
+ if (ret <= 0) {
+ printf("Nothing bootable found on '%s'\n", target->boot);
+ *tryagain = 1;
+ ret = -ENODEV;
+ goto out;
+ }
+
+ last_boot_successful = false;
+
+ ret = -ENOENT;
+
+ bootentries_for_each_entry(entries, entry) {
+ ret = boot_entry(entry, bc->verbose, bc->dryrun);
+ if (!ret) {
+ *tryagain = 0;
+ goto out;
+ }
+ }
+
+ *tryagain = 1;
+out:
+ globalvar_set_match("linux.bootargs.bootchooser", NULL);
+
+ bootentries_free(entries);
+
+ return ret;
+}
+
+static int bootchooser_boot(struct bootentry *entry, int verbose, int dryrun)
+{
+ struct bootchooser *bc = container_of(entry, struct bootchooser,
+ entry);
+ int ret, tryagain;
+
+ bc->verbose = verbose;
+ bc->dryrun = dryrun;
+
+ do {
+ ret = bootchooser_boot_one(bc, &tryagain);
+
+ if (!retry)
+ break;
+ } while (tryagain);
+
+ return ret;
+}
+
+static void bootchooser_release(struct bootentry *entry)
+{
+ struct bootchooser *bc = container_of(entry, struct bootchooser,
+ entry);
+
+ bootchooser_put(bc);
+}
+
+/**
+ * bootchooser_create_bootentry - create a boot entry
+ * @entries: The list of bootentries
+ *
+ * This adds a bootchooser to the list of boot entries. Called
+ * by the 'boot' code.
+ *
+ * Return: The number of entries added to the list
+ */
+int bootchooser_create_bootentry(struct bootentries *entries)
+{
+ struct bootchooser *bc = bootchooser_get();
+
+ if (IS_ERR(bc))
+ return PTR_ERR(bc);
+
+ bc->entry.boot = bootchooser_boot;
+ bc->entry.release = bootchooser_release;
+ bc->entry.title = xstrdup("bootchooser");
+ bc->entry.description = xstrdup("bootchooser");
+
+ bootentries_add_entry(entries, &bc->entry);
+
+ return 1;
+}
+
+static int bootchooser_init(void)
+{
+ state_prefix = xstrdup("nv.bootchooser");
+
+ globalvar_add_simple_bool("bootchooser.deactivate_on_zero_attempts", &deactivate_on_zero_attempts);
+ globalvar_add_simple_bool("bootchooser.retry", &retry);
+ globalvar_add_simple_string("bootchooser.targets", &available_targets);
+ globalvar_add_simple_string("bootchooser.state_prefix", &state_prefix);
+ globalvar_add_simple_int("bootchooser.default_attempts", &global_default_attempts, "%u");
+
+ return 0;
+}
+device_initcall(bootchooser_init);
+
+BAREBOX_MAGICVAR_NAMED(global_bootchooser_deactivate_on_zero_attempts,
+ global.bootchooser.deactivate_on_zero_attempts,
+ "bootchooser: Disable target when remaining attempts counter reaches 0");
+BAREBOX_MAGICVAR_NAMED(global_bootchooser_retry,
+ global.bootchooser.retry,
+ "bootchooser: Try again when booting a target fails");
+BAREBOX_MAGICVAR_NAMED(global_bootchooser_targets,
+ global.bootchooser.targets,
+ "bootchooser: Space separated list of target names");
+BAREBOX_MAGICVAR_NAMED(global_bootchooser_state_prefix,
+ global.bootchooser.state_prefix,
+ "bootchooser: variable namespace prefix for runtime data (default nv.bootchooser)");
diff --git a/include/bootchooser.h b/include/bootchooser.h
new file mode 100644
index 0000000..c948247
--- /dev/null
+++ b/include/bootchooser.h
@@ -0,0 +1,37 @@
+#ifndef __BOOTCHOOSER_H
+#define __BOOTCHOOSER_H
+
+#include <of.h>
+#include <boot.h>
+
+struct bootchooser;
+struct bootchooser_target;
+
+struct bootchooser *bootchooser_get(void);
+int bootchooser_save(struct bootchooser *bootchooser);
+int bootchooser_put(struct bootchooser *bootchooser);
+
+void bootchooser_info(struct bootchooser *bootchooser);
+
+struct bootchooser_target *bootchooser_get_last_chosen(struct bootchooser *bootchooser);
+const char *bootchooser_target_name(struct bootchooser_target *target);
+struct bootchooser_target *bootchooser_target_by_name(struct bootchooser *bootchooser,
+ const char *name);
+void bootchooser_target_force_boot(struct bootchooser_target *target);
+
+int bootchooser_create_bootentry(struct bootentries *entries);
+
+int bootchooser_target_set_attempts(struct bootchooser_target *target, int attempts);
+int bootchooser_target_set_priority(struct bootchooser_target *target, int priority);
+
+void bootchooser_last_boot_successful(void);
+
+struct bootchooser_target *bootchooser_target_first(struct bootchooser *bootchooser);
+struct bootchooser_target *bootchooser_target_next(struct bootchooser *bootchooser,
+ struct bootchooser_target *cur);
+
+#define bootchooser_for_each_target(bootchooser, target) \
+ for (target = bootchooser_target_first(bootchooser); target; \
+ target = bootchooser_target_next(bootchooser, target))
+
+#endif /* __BOOTCHOOSER_H */
--
2.8.1
More information about the barebox
mailing list