zephyr/Kconfig: Add downgrade prevention to swaps (b8801fc0) · Commits · Wenxi XU / Mcuboot

boot/zephyr/Kconfig

+12 −1

Original line number	Diff line number	Diff line
		@@ -548,7 +548,7 @@ choice BOOT_DOWNGRADE_PREVENTION_CHOICE

		config MCUBOOT_DOWNGRADE_PREVENTION
		bool "SW based downgrade prevention"
		depends on BOOT_UPGRADE_ONLY
		depends on !BOOT_DIRECT_XIP
		help
		Prevent downgrades by enforcing incrementing version numbers.
		When this option is set, any upgrade must have greater major version
		@@ -556,6 +556,17 @@ config MCUBOOT_DOWNGRADE_PREVENTION
		only protects against some attacks against version downgrades (for
		example, a JTAG could be used to write an older version).

		config MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER
		bool "Use image security counter instead of version number"
		depends on MCUBOOT_DOWNGRADE_PREVENTION
		depends on (BOOT_SWAP_USING_MOVE \|\| BOOT_SWAP_USING_SCRATCH)
		help
		Security counter is used for version eligibility check instead of pure
		version. When this option is set, any upgrade must have greater or
		equal security counter value.
		Because of the acceptance of equal values it allows for software
		downgrades to some extent.

		config MCUBOOT_HW_DOWNGRADE_PREVENTION
		bool "HW based downgrade prevention"
		help

+8 −0

Original line number	Diff line number	Diff line
		@@ -133,6 +133,14 @@

		#ifdef CONFIG_MCUBOOT_DOWNGRADE_PREVENTION
		#define MCUBOOT_DOWNGRADE_PREVENTION 1
		/* MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER is used later as bool value so it is
		* always defined, (unlike MCUBOOT_DOWNGRADE_PREVENTION which is only used in
		* preprocessor condition and my be not defined) */
		# ifdef CONFIG_MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER
		# define MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER 1
		# else
		# define MCUBOOT_DOWNGRADE_PREVENTION_SECURITY_COUNTER 0
		# endif
		#endif

		#ifdef CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION