Add MCUBOOT_CHECK_HEADER_LOAD_ADDRESS #2481
Open
+92
−19
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nordicjm
approved these changes
Oct 7, 2025
| } | ||
|
|
||
| #if MCUBOOT_IMAGE_NUMBER > 1 && !defined(MCUBOOT_ENC_IMAGES) && defined(MCUBOOT_VERIFY_IMG_ADDRESS) | ||
| #if defined(MCUBOOT_VERIFY_IMG_ADDRESS) && !defined(MCUBOOT_ENC_IMAGES) || \ |
There was a problem hiding this comment.
Yes it is. I am still testing this locally and trying to make it run with sim.
| #else | ||
| /* This is platform specific code that should not be here */ | ||
| const uint32_t offset = secondary_hdr->ih_hdr_size + RESET_OFFSET; | ||
| BOOT_LOG_DBG("Getting image %d internal addr from offset %u", |
There was a problem hiding this comment.
would mark this as deprecated then remove it in 2 releases
de-nordic
force-pushed
the
461
branch
4 times, most recently
from
b9f0b09 to
f810c82
Compare
Adding MCUBOOT_CHECK_HEADER_LOAD_ADDRESS that allows to verify header stored ih_load_addr against target boot slot, to allow MCUboot to reject firmware uploaded for incorrect slot. This option works with encrypted software, as it does not require decrypting image. This option takes precedence over MCUBOOT_VERIFY_IMG_ADDRESS. Note that the change leaves MCUBOOT_VERIFY_IMG_ADDRESS with the bug reported here mcu-tools#2473. This commit also removes dependency on having more then one image to have the check enabled, as it makes no point to block using it on single image. Co-authored-by: Andrzej Puzdrowski <[email protected]> Signed-off-by: Dominik Ermel <[email protected]>
Allows to enable MCUboot config MCUBOOT_CHECK_HEADER_LOAD_ADDRESS. Co-authored-by: Andrzej Puzdrowski <[email protected]> Signed-off-by: Dominik Ermel <[email protected]>
Add ImageManipulation parameter to the function to allow creating images broken in various ways. Signed-off-by: Dominik Ermel <[email protected]>
Testing MCUBOOT_CHECK_HEADER_LOAD_ADDRESS for non-RAM load binaries. Signed-off-by: Dominik Ermel <[email protected]>
Please use MCUBOOT_CHECK_HEADER_LOAD_ADDRESS instead. Signed-off-by: Dominik Ermel <[email protected]>
nvlsianpu
approved these changes
Oct 9, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add MCUBOOT_CHECK_HEADER_LOAD_ADDRESS that allows to validate application image, against boot slot, with the use of ih_img_addr from header.
There are additional commits here: