e3f895d7ef
Currently, downgrade prevention was limited to overwrite only builds (version check) or devices with hardware storage for security counter. This extends downgrade prevention to be used when swap update is selected. Unlike MCUBOOT_HW_ROLLBACK_PROT option it does not require user code to provide external way to store security counter. Security counter from slot 1 image is used for comparison. With security counter usage it is possible to have limited software rollback if security counter was not incremented. It is possible to use image version where strict rule for image version comparison prevents any downgrades. Downgrade prevention is also added to mynewt configuration. If image in slot 1 is marked as pending and downgrade prevention is in place, image will be deleted to avoid check on next boot. Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl> |
||
|---|---|---|
| .. | ||
| include/mcuboot_config | ||
| pkg.yml | ||
| syscfg.yml | ||