[nrf toup] Check Fail-Safe marker during boot.

adigie · adigie · commit 75787455765c · 2025-02-27T15:39:45.000+01:00
Signed-off-by: Adrian Gielniewski &lt;adrian.gielniewski@nordicsemi.no&gt;
diff --git a/src/app/FailSafeContext.cpp b/src/app/FailSafeContext.cpp
@@ -59,6 +59,34 @@ CHIP_ERROR FailSafeContext::Init(const InitParams & initParams)
     return CHIP_NO_ERROR;
 }
 
+void FailSafeContext::CheckMarker()
+{
+    Marker marker;
+
+    CHIP_ERROR err = GetMarker(marker);
+
+    if (err == CHIP_NO_ERROR)
+    {
+        // Found a marker! We need to trigger a cleanup.
+        ChipLogError(FabricProvisioning, "Found a Fail-Safe marker for index 0x%x, preparing cleanup!",
+                     static_cast<unsigned>(marker.fabricIndex));
+
+        // Fake arm Fail-Safe and trigger timer expiry.
+        // We handle only the case when new fabric is added. FabricTable CommitMarker
+        // is responsible for guarding the case of updating the existing fabric.
+        SetFailSafeArmed(true);
+        mFabricIndex                 = marker.fabricIndex;
+        mAddNocCommandHasBeenInvoked = true;
+        ForceFailSafeTimerExpiry();
+    }
+    else if (err != CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND)
+    {
+        // Got an error, but somehow value is not missing altogether: inconsistent state but touch nothing.
+        ChipLogError(FabricProvisioning, "Error loading Fail-Safe marker: %" CHIP_ERROR_FORMAT ", hope for the best!",
+                     err.Format());
+    }
+}
+
 void FailSafeContext::HandleArmFailSafeTimer(System::Layer * layer, void * aAppState)
 {
     FailSafeContext * failSafeContext = reinterpret_cast<FailSafeContext *>(aAppState);
diff --git a/src/app/FailSafeContext.h b/src/app/FailSafeContext.h
@@ -42,6 +42,8 @@ class FailSafeContext
 
     CHIP_ERROR Init(const InitParams & initParams);
 
+    void CheckMarker();
+
     // ===== Members for internal use by other Device Layer components.
 
     /**
diff --git a/src/app/server/Server.cpp b/src/app/server/Server.cpp
@@ -445,6 +445,10 @@ CHIP_ERROR Server::Init(const ServerInitParams & initParams)
         }
     }
 
+    // Run fail-safe check for marker. If marker is present, then device was reset while fail-safe was armed
+    // and we need to trigger a cleanup.
+    GetFailSafeContext().CheckMarker();
+
 #if CHIP_DEVICE_CONFIG_ENABLE_COMMISSIONER_DISCOVERY_CLIENT // support UDC port for commissioner declaration msgs
     mUdcTransportMgr = chip::Platform::New<UdcTransportMgr>();
     ReturnErrorOnFailure(mUdcTransportMgr->Init(Transport::UdpListenParameters(DeviceLayer::UDPEndPointManager())

Original file line number	Diff line number	Diff line change
`@@ -445,6 +445,10 @@ CHIP_ERROR Server::Init(const ServerInitParams & initParams)`
`445`	`445`	`}`
`446`	`446`	`}`
`447`	`447`
	`448`	`+ // Run fail-safe check for marker. If marker is present, then device was reset while fail-safe was armed`
	`449`	`+ // and we need to trigger a cleanup.`
	`450`	`+ GetFailSafeContext().CheckMarker();`
	`451`	`+`
`448`	`452`	`#if CHIP_DEVICE_CONFIG_ENABLE_COMMISSIONER_DISCOVERY_CLIENT // support UDC port for commissioner declaration msgs`
`449`	`453`	`mUdcTransportMgr = chip::Platform::New<UdcTransportMgr>();`
`450`	`454`	`ReturnErrorOnFailure(mUdcTransportMgr->Init(Transport::UdpListenParameters(DeviceLayer::UDPEndPointManager())`