TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / db32b2152f8ecdc6aeb877d3b469d142eb441c26
commitdb32b2152f8ecdc6aeb877d3b469d142eb441c26[log] [tgz]
authorDavid Vincze <david.vincze@arm.com>Tue Apr 16 17:43:57 2019 +0200
committerDavid Vincze <david.vincze@arm.com>Thu May 23 15:08:22 2019 +0200
treeb829f741f6e528e6ec55fada23867d334fc098cd
parent4653d966e447801dbdd3a72441cfd64d166a4be2 [diff]
Boot: Add security counter to image manifest

Add command line argument to the imgtool that can be used to add a
security counter TLV to the image manifest. This security counter value
can be used in rollback protection to compare the new image's security
counter against the active image's counter. It can be independent from
the image version, but if it is not specified in the argument list then
the script will generate it from the image version number
(not including the build number).

The value of the security counter is security critical data. Therefore,
this part of the TLV area must be included in the integrity protected
part of the image.

Add security counter to the build system. It can be specified at build
time with "-DSECURITY_COUNTER=<value>", otherwise the generated
security counter value will be added to the signed image.

Change-Id: Ia9773ad7a57fc3a8cc022e1c1df4321e27c912ec
Signed-off-by: David Vincze <david.vincze@arm.com>
5 files changed
tree: b829f741f6e528e6ec55fada23867d334fc098cd
  1. app/
  2. bl2/
  3. cmake/
  4. docs/
  5. doxygen/
  6. interface/
  7. lib/
  8. platform/
  9. secure_fw/
  10. test/
  11. tools/
  12. .gitignore
  13. BuildMbedtls.cmake
  14. CMakeLists.txt
  15. CommonConfig.cmake
  16. ConfigCoreIPC.cmake
  17. ConfigCoreIPCTfmLevel2.cmake
  18. ConfigCoreTest.cmake
  19. ConfigDefault.cmake
  20. ConfigPsaApiTest.cmake
  21. ConfigRegression.cmake
  22. ConfigRegressionTfmLevel3.cmake
  23. contributing.rst
  24. dco.txt
  25. glossary.rst
  26. license.rst
  27. log.bat
  28. log.sh
  29. maintainers.rst
  30. readme.rst