Boot: Introduce rollback protection
- Add image security counter verification (read image security counter
from the manifest and compare it against the stored security counter)
as a mandatory part of the image validation process.
- Store the newest value of security counter in a non-volatile (NV)
counter.
- Add security counter interface to MCUBoot.
Change-Id: I608508e707d01c3777788bc754810407fae610e2
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index b63cc78..a7bf3dc 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -28,6 +28,7 @@
#include "bootutil/bootutil.h"
#include "flash_map/flash_map.h"
#include "bl2/include/boot_record.h"
+#include "security_cnt.h"
/* Avoids the semihosting issue */
#if defined (__ARMCC_VERSION) && (__ARMCC_VERSION >= 6010050)
@@ -130,6 +131,13 @@
;
}
+ rc = boot_nv_security_counter_init();
+ if (rc != 0) {
+ BOOT_LOG_ERR("Error while initializing the security counter");
+ while (1)
+ ;
+ }
+
rc = boot_go(&rsp);
if (rc != 0) {
BOOT_LOG_ERR("Unable to find bootable image");