tf-a-stm32mp: add Monotonic counter version to prevent bootloader rollback

embetrix · embetrix · commit 187403d8503d · 2025-02-01T20:49:44.000+01:00
diff --git a/recipes-bsp/trusted-firmware-a/tf-a-stm32mp_2.8.bb b/recipes-bsp/trusted-firmware-a/tf-a-stm32mp_2.8.bb
@@ -48,6 +48,10 @@ EXTRA_OEMAKE += "STM32MP_SDMMC=1"
 EXTRA_OEMAKE += "STM32MP1_OPTEE_IN_SYSRAM=1"
 EXTRA_OEMAKE += "DTB_FILE_NAME=${TFA_DEVICETREE}.${DT_SUFFIX}"
 
+# Monotonic counter to be incremented and prevent bootloader rollback
+TFA_MONOTONIC_CNTR ?= "1"
+EXTRA_OEMAKE += "STM32_TF_VERSION=${TFA_MONOTONIC_CNTR}"
+
 # FIP signing configuration
 EXTRA_OEMAKE += "MBEDTLS_DIR=${MBEDTLS_DIR}"
 EXTRA_OEMAKE += "${@bb.utils.contains('SECBOOT_SIGN', '1', 'TRUSTED_BOARD_BOOT=1', '', d)}"
