TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / c30841376029f53c099c7d78548dc555807da63d^! / . / docs / design.md
commitc30841376029f53c099c7d78548dc555807da63d[log] [tgz]
authorDavid Vincze <david.vincze@arm.com>Tue Feb 18 14:50:47 2020 +0100
committerDavid Brown <davidb@davidb.org>Tue Feb 25 23:43:12 2020 +0100
treec2146bffd17c030d2853f5f5c0249476561fe0cb
parent1a7a6905c5ebc6cb4324d7426a6e1bb1c695912b [diff] [blame]
bootutil: Introduce HW rollback protection

- Add image security counter verification (read security counter value
  from the image manifest and compare it against the stored/active
  security counter) as an optional part of the image validation process
  to prevent the restoration of older, potentially vulnerable images.
- This feature can be enabled with the MCUBOOT_HW_ROLLBACK_PROT option.
- Add security counter interface to MCUBoot. If HW rollback protection
  is enabled then the platform must provide a mechanism to store and
  read the security counter value in a robust and secure way.

Change-Id: Iee4961c1da5275a98ef17982a65b361370d2a178
Signed-off-by: David Vincze <david.vincze@arm.com>

diff --git a/docs/design.md b/docs/design.md
index b779778..de40dd3 100644
--- a/docs/design.md
+++ b/docs/design.md

@@ -18,7 +18,7 @@
 -->
 
 <!--
-  Modifications are Copyright (c) 2019 Arm Limited.
+  Modifications are Copyright (c) 2019-2020 Arm Limited.
 -->
 
 # Boot Loader
@@ -109,6 +109,7 @@
 #define IMAGE_TLV_ENC_KW128         0x31   /* Key encrypted with AES-KW-128 */
 #define IMAGE_TLV_ENC_EC256         0x32   /* Key encrypted with ECIES P256 */
 #define IMAGE_TLV_DEPENDENCY        0x40   /* Image depends on other image */
+#define IMAGE_TLV_SEC_CNT           0x50   /* security counter */
 ```
 
 Optional type-length-value records (TLVs) containing image metadata are placed
@@ -946,7 +947,28 @@
 ## [Downgrade Prevention](#downgrade-prevention)
 
 Downgrade prevention is a feature which enforces that the new image must have a
-higher version number than the image it is replacing. This feature is enabled
-with the `MCUBOOT_DOWNGRADE_PREVENTION` option. Downgrade prevention is only
-available when the overwrite-based image update strategy is used
-(i.e. `MCUBOOT_OVERWRITE_ONLY` is set).
+higher version/security counter number than the image it is replacing, thus
+preventing the malicious downgrading of the device to an older and possibly
+vulnerable version of its firmware.
+
+### [SW Based Downgrade Prevention](#sw-downgrade-prevention)
+
+During the software based downgrade prevention the image version numbers are
+compared. This feature is enabled with the `MCUBOOT_DOWNGRADE_PREVENTION`
+option. In this case downgrade prevention is only available when the
+overwrite-based image update strategy is used (i.e. `MCUBOOT_OVERWRITE_ONLY`
+is set).
+
+### [HW Based Downgrade Prevention](#hw-downgrade-prevention)
+
+Each signed image can contain a security counter in its protected TLV area.
+During the hardware based downgrade prevention (alias rollback protection) the
+new image's security counter will be compared with the currently active security
+counter value which must be stored in a non-volatile and trusted component of
+the device. This feature is enabled with the `MCUBOOT_HW_ROLLBACK_PROT` option.
+It is beneficial to handle this counter independently from image version
+number:
+
+  * It does not need to increase with each software release,
+  * It makes it possible to do software downgrade to some extent: if the
+    security counter has the same value in the older image then it is accepted.