From 6404a15aa9bed49faeb781a099280d7cbc2b46cb Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Fri, 23 Aug 2024 12:04:15 +0200 Subject: [PATCH] bl2: Add dependency for DIRECT_XIP_REVERT The option MCUBOOT_DIRECT_XIP_REVERT can be an enabled only when XIP upgrade mechanism is enabled in MCUBOOT. The MCUBOOT default configuration in Cmake does't select XIP as the default upgrade option and thus it should not enable XIP_REVERT. This updates the default cmake config to disable XIP_REVERT. It also adds a Kconfig dependency for this option and it adds a cmake configuration check for this as well. Signed-off-by: Georgios Vasilakis Change-Id: I8e4844ab70d927836a890ca8123b734a471f3270 (cherry picked from commit 32ffe3f778c335902a3780e217a76cd96080eb6a) --- bl2/ext/mcuboot/Kconfig | 1 + bl2/ext/mcuboot/mcuboot_default_config.cmake | 2 +- config/check_config.cmake | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/bl2/ext/mcuboot/Kconfig b/bl2/ext/mcuboot/Kconfig index 21adf4525..28fe0b27c 100644 --- a/bl2/ext/mcuboot/Kconfig +++ b/bl2/ext/mcuboot/Kconfig @@ -137,6 +137,7 @@ config MCUBOOT_CONFIRM_IMAGE config MCUBOOT_DIRECT_XIP_REVERT bool "Enable the revert mechanism in direct-xip mode" default y + depends on MCUBOOT_UPGRADE_STRATEGY_DIRECT_XIP config MCUBOOT_HW_ROLLBACK_PROT bool "Enable security counter validation against non-volatile HW counters" diff --git a/bl2/ext/mcuboot/mcuboot_default_config.cmake b/bl2/ext/mcuboot/mcuboot_default_config.cmake index 5d769f189..cab7a092d 100644 --- a/bl2/ext/mcuboot/mcuboot_default_config.cmake +++ b/bl2/ext/mcuboot/mcuboot_default_config.cmake @@ -35,7 +35,7 @@ set_property(CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS "OVERWRITE_ONLY;SWA # platforms requiring specific flash alignmnent set_property(CACHE MCUBOOT_ALIGN_VAL PROPERTY STRINGS "1;2;4;8;16;32") -set(MCUBOOT_DIRECT_XIP_REVERT ON CACHE BOOL "Enable the revert mechanism in direct-xip mode") +set(MCUBOOT_DIRECT_XIP_REVERT OFF CACHE BOOL "Enable the revert mechanism in direct-xip mode") set(MCUBOOT_HW_ROLLBACK_PROT ON CACHE BOOL "Enable security counter validation against non-volatile HW counters") set(MCUBOOT_ENC_IMAGES OFF CACHE BOOL "Enable encrypted image upgrade support") set(MCUBOOT_BOOTSTRAP OFF CACHE BOOL "Support initial state with empty primary slot and images installed from secondary slots") diff --git a/config/check_config.cmake b/config/check_config.cmake index 1039b22f9..795940094 100644 --- a/config/check_config.cmake +++ b/config/check_config.cmake @@ -25,6 +25,7 @@ tfm_invalid_config(TFM_BL1_2_IN_OTP AND TFM_BL1_2_IN_FLASH) get_property(MCUBOOT_STRATEGY_LIST CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS) tfm_invalid_config(BL2 AND (NOT MCUBOOT_UPGRADE_STRATEGY IN_LIST MCUBOOT_STRATEGY_LIST) AND NOT USE_KCONFIG_TOOL) +tfm_invalid_config(BL2 AND (NOT MCUBOOT_UPGRADE_STRATEGY STREQUAL "DIRECT_XIP" AND MCUBOOT_DIRECT_XIP_REVERT)) # Maximum number of MCUBoot images supported by TF-M NV counters and ROTPKs tfm_invalid_config(MCUBOOT_IMAGE_NUMBER GREATER 9)