I am working on an embedded project that will do in-place upgrades. There may come a time when an upgrade will need to reinstall everything. Since this is a pretty risky thing, I would like to have some kind of failsafe fall-back mode to reattempt the upgrade.
I am thinking of adding a very basic kernel that has just enough to attempt another upgrade. I want to always boot into this basic kernel, check GPIOs, and then boot into the other kernel or continue booting depending on the state of the GPIOs. I'll install a button on the case to signal the appropriate GPIO.
I don't know how the boot loader works, and grub/syslinux isn't available AFAIK.
Is this sort of thing possible? Am I over-complicating the problem?