aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--bl2/ext/mcuboot/CMakeLists.txt4
-rw-r--r--bl2/ext/mcuboot/MCUBootConfig.cmake11
-rw-r--r--bl2/ext/mcuboot/bl2_main.c2
-rw-r--r--bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in2
4 files changed, 3 insertions, 16 deletions
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index f073e6b603..d1dd17105d 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt
@@ -87,6 +87,7 @@ list(APPEND ALL_SRC_C
"${TFM_ROOT_DIR}/bl2/ext/mcuboot/flash_map_legacy.c"
"${TFM_ROOT_DIR}/bl2/ext/mcuboot/keys.c"
"${TFM_ROOT_DIR}/bl2/src/flash_map.c"
+ "${TFM_ROOT_DIR}/bl2/src/security_cnt.c"
"${MCUBOOT_DIR}/bootutil/src/loader.c"
"${MCUBOOT_DIR}/bootutil/src/bootutil_misc.c"
"${MCUBOOT_DIR}/bootutil/src/image_validate.c"
@@ -97,7 +98,6 @@ list(APPEND ALL_SRC_C
if (MCUBOOT_REPO STREQUAL "TF-M")
list(APPEND ALL_SRC_C
"${TFM_ROOT_DIR}/bl2/src/boot_record.c"
- "${TFM_ROOT_DIR}/bl2/src/security_cnt.c"
)
else()
list(APPEND ALL_SRC_C
@@ -204,7 +204,7 @@ get_property(_log_levels CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS)
list(FIND _log_levels ${MCUBOOT_LOG_LEVEL} LOG_LEVEL_ID)
if (MCUBOOT_REPO STREQUAL "UPSTREAM")
- set(MCUBOOT_USE_UPSTREAM On)
+ set(MCUBOOT_HW_ROLLBACK_PROT On)
endif()
if(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
diff --git a/bl2/ext/mcuboot/MCUBootConfig.cmake b/bl2/ext/mcuboot/MCUBootConfig.cmake
index ef4246e6a0..d025ab4775 100644
--- a/bl2/ext/mcuboot/MCUBootConfig.cmake
+++ b/bl2/ext/mcuboot/MCUBootConfig.cmake
@@ -71,17 +71,6 @@ if (BL2)
" upstream MCUBoot. Your choice was overriden.")
mcuboot_override_upgrade_strategy("OVERWRITE_ONLY")
endif()
-
- if (DEFINED SECURITY_COUNTER OR
- DEFINED SECURITY_COUNTER_S OR
- DEFINED SECURITY_COUNTER_NS)
- message(WARNING "Ignoring the values of SECURITY_COUNTER and/or SECURITY_COUNTER_* variables as"
- " upstream MCUBoot does not support rollback protection.")
- set(SECURITY_COUNTER "")
- set(SECURITY_COUNTER_S "")
- set(SECURITY_COUNTER_NS "")
- endif()
-
endif()
else() #BL2 is turned off
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index b7dd03ec98..3d4ddae166 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -132,14 +132,12 @@ int main(void)
}
#endif /* CRYPTO_HW_ACCELERATOR */
-#ifndef MCUBOOT_USE_UPSTREAM
rc = boot_nv_security_counter_init();
if (rc != 0) {
BOOT_LOG_ERR("Error while initializing the security counter");
while (1)
;
}
-#endif /* !MCUBOOT_USE_UPSTREAM */
rc = boot_go(&rsp);
if (rc != 0) {
diff --git a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
index 3762055f98..4213cfc014 100644
--- a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
+++ b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
@@ -47,7 +47,7 @@ extern "C" {
#cmakedefine MCUBOOT_RAM_LOADING
#cmakedefine MCUBOOT_HW_KEY
-#cmakedefine MCUBOOT_USE_UPSTREAM
+#cmakedefine MCUBOOT_HW_ROLLBACK_PROT
/*
* Cryptographic settings