From 0aa1a0588354f8bf8ed198d55d43525569375428 Mon Sep 17 00:00:00 2001
From: Matthias Osthues <osthues.matthias@gmail.com>
Date: Mon, 10 Oct 2022 18:28:29 +0200
Subject: [PATCH 1/4] [Aboot] Support boot from device

* set correct target path in boot conf

* adjust swi path to correct device and update sync boot conf with flah drive

(cherry picked from commit 8823b91ba72662f8775f6d6a9556c326751d43a7)
---
 files/Aboot/boot0.j2 | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/files/Aboot/boot0.j2 b/files/Aboot/boot0.j2
index cf09536a5e29..17b1a97fc7bc 100644
--- a/files/Aboot/boot0.j2
+++ b/files/Aboot/boot0.j2
@@ -84,6 +84,7 @@ data_path="$image_path/platform/data"
 boot_image_path="$image_path/$boot_image"
 installer_image_path="$image_path/$installer_image"
 
+boot_device=$(echo "$target_path" | cut -d '/' -f3)
 boot_config="$target_path/boot-config"
 
 cmdline_allowlist="crashkernel hwaddr_ma1 sonic_fips"
@@ -147,6 +148,11 @@ update_boot_config() {
     else
         echo "$key=$value" >> "$boot_config"
     fi
+
+    # Ensure boot_config at flash drive
+    if [ "$boot_device" != "flash" ]; then
+        cp "$boot_config" "/mnt/flash/boot-config"
+    fi
 }
 
 get_boot_config() {
@@ -390,7 +396,7 @@ extract_image() {
     fi
 
     ## use new reduced-size boot swi
-    local swi_boot_path="flash:$image_name/$boot_image"
+    local swi_boot_path="$boot_device:$image_name/$boot_image"
     update_boot_config SWI "$swi_boot_path"
     update_boot_config SWI_DEFAULT "$swi_boot_path"
 
@@ -413,7 +419,7 @@ extract_image_secureboot() {
     chmod a+r "$installer_image_path"
     swipath="$installer_image_path"
 
-    local swi_boot_path="flash:$image_name/$installer_image"
+    local swi_boot_path="$boot_device:$image_name/$installer_image"
     update_boot_config SWI "$swi_boot_path"
     update_boot_config SWI_DEFAULT "$swi_boot_path"
 

From b7a4588de1509a86bbe1495ac0fd34dc926ef723 Mon Sep 17 00:00:00 2001
From: Matthias Osthues <osthues.matthias@gmail.com>
Date: Wed, 2 Nov 2022 14:22:02 +0100
Subject: [PATCH 2/4] [Aboot] Get boot_device from /etc/cmdline instead of
 relying on $target_path

---
 files/Aboot/boot0.j2 | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/files/Aboot/boot0.j2 b/files/Aboot/boot0.j2
index 17b1a97fc7bc..cdb2cf9ac1da 100644
--- a/files/Aboot/boot0.j2
+++ b/files/Aboot/boot0.j2
@@ -84,7 +84,6 @@ data_path="$image_path/platform/data"
 boot_image_path="$image_path/$boot_image"
 installer_image_path="$image_path/$installer_image"
 
-boot_device=$(echo "$target_path" | cut -d '/' -f3)
 boot_config="$target_path/boot-config"
 
 cmdline_allowlist="crashkernel hwaddr_ma1 sonic_fips"
@@ -92,6 +91,15 @@ cmdline_allowlist="crashkernel hwaddr_ma1 sonic_fips"
 # for backward compatibility with the sonic_upgrade= behavior
 install="${install:-${sonic_upgrade:-}}"
 
+boot_device=
+# sets the boot device to boot from
+# By default its "flash" unless a "drive" is detected.
+if grep -q block_drive= /etc/cmdline; then
+    boot_device="drive"
+else
+    boot_device="flash"
+fi
+
 is_secureboot_enabled() {
     if $in_aboot; then
         if [ -x /bin/securebootctl ] && securebootctl sb -display | grep -q "Secure Boot enabled"; then

From bb136d03a72148de48769a0213a05e75bbd05252 Mon Sep 17 00:00:00 2001
From: Matthias Osthues <osthues.matthias@gmail.com>
Date: Wed, 9 Nov 2022 15:36:43 +0100
Subject: [PATCH 3/4] [Aboot] Ensure that boot_config is always in sync with
 flash

(cherry picked from commit d6373206fad701116d6c703f17cd63835f9f2ea2)
---
 files/Aboot/boot0.j2 | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/files/Aboot/boot0.j2 b/files/Aboot/boot0.j2
index cdb2cf9ac1da..81cafe133f54 100644
--- a/files/Aboot/boot0.j2
+++ b/files/Aboot/boot0.j2
@@ -91,13 +91,17 @@ cmdline_allowlist="crashkernel hwaddr_ma1 sonic_fips"
 # for backward compatibility with the sonic_upgrade= behavior
 install="${install:-${sonic_upgrade:-}}"
 
-boot_device=
 # sets the boot device to boot from
-# By default its "flash" unless a "drive" is detected.
+boot_device="flash"
+
 if grep -q block_drive= /etc/cmdline; then
     boot_device="drive"
-else
-    boot_device="flash"
+
+    # ensure boot-config is up to date on flash
+    if [ "$(<"$boot_config" md5sum)" != "$(</mnt/flash/boot-config md5sum)" ]; then
+        cp "$boot_config" "/mnt/flash/boot-config"
+        reboot
+    fi
 fi
 
 is_secureboot_enabled() {

From edee657d7684b010d061686608ae9dcadde7b1b4 Mon Sep 17 00:00:00 2001
From: Matthias Osthues <osthues.matthias@gmail.com>
Date: Thu, 10 Nov 2022 13:20:23 +0100
Subject: [PATCH 4/4] [Aboot] Ensure that boot_config is there before accessing
 it

(cherry picked from commit 75bab274e3bcc547171c74a5adab3f495ab2207e)
---
 files/Aboot/boot0.j2 | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/files/Aboot/boot0.j2 b/files/Aboot/boot0.j2
index 81cafe133f54..d7fafa061ba0 100644
--- a/files/Aboot/boot0.j2
+++ b/files/Aboot/boot0.j2
@@ -97,11 +97,12 @@ boot_device="flash"
 if grep -q block_drive= /etc/cmdline; then
     boot_device="drive"
 
-    # ensure boot-config is up to date on flash
-    if [ "$(<"$boot_config" md5sum)" != "$(</mnt/flash/boot-config md5sum)" ]; then
-        cp "$boot_config" "/mnt/flash/boot-config"
-        reboot
+      # ensure boot-config is up to date on flash
+    if [ -f "$boot_config" ] && [ "$(<"$boot_config" md5sum)" != "$(</mnt/flash/boot-config md5sum)" ]; then
+          cp "$boot_config" "/mnt/flash/boot-config"
+          reboot
     fi
+
 fi
 
 is_secureboot_enabled() {