[nrf noup] zephyr: lock mcuboot using fprotect before jumping

hakonfam · mbolivar-nordic · commit 9efa2fdcfdce · 2021-06-10T13:03:14.000-07:00
This to enable the secure boot property of the system. Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no> Signed-off-by: Emil Obalski <emil.obalski@nordicsemi.no> Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Signed-off-by: Sigvart Hovland <sigvart.hovland@nordicsemi.no> Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no> Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no> Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no> Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no> (cherry picked from commit 0bb3e66) Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no> (cherry picked from commit 56da5da)
diff --git a/boot/zephyr/main.c b/boot/zephyr/main.c
@@ -89,6 +89,11 @@ K_SEM_DEFINE(boot_log_sem, 1, 1);
 #define ZEPHYR_BOOT_LOG_STOP() do { } while (false)
 #endif /* defined(CONFIG_LOG) && !defined(CONFIG_LOG_IMMEDIATE) */
 
+#if USE_PARTITION_MANAGER && CONFIG_FPROTECT
+#include <fprotect.h>
+#include <pm_config.h>
+#endif
+
 #ifdef CONFIG_SOC_FAMILY_NRF
 #include <hal/nrf_power.h>
 
@@ -543,7 +548,30 @@ void main(void)
 #else
     BOOT_LOG_INF("Jumping to the first image slot");
 #endif
+
+#if USE_PARTITION_MANAGER && CONFIG_FPROTECT
+
+#ifdef PM_S1_ADDRESS
+/* MCUBoot is stored in either S0 or S1, protect both */
+#define PROTECT_SIZE (PM_MCUBOOT_PRIMARY_ADDRESS - PM_S0_ADDRESS)
+#define PROTECT_ADDR PM_S0_ADDRESS
+#else
+/* There is only one instance of MCUBoot */
+#define PROTECT_SIZE (PM_MCUBOOT_PRIMARY_ADDRESS - PM_MCUBOOT_ADDRESS)
+#define PROTECT_ADDR PM_MCUBOOT_ADDRESS
+#endif
+
+    rc = fprotect_area(PROTECT_ADDR, PROTECT_SIZE);
+
+    if (rc != 0) {
+        BOOT_LOG_ERR("Protect mcuboot flash failed, cancel startup.");
+        while (1)
+            ;
+    }
+#endif /* USE_PARTITION_MANAGER && CONFIG_FPROTECT */
+
     ZEPHYR_BOOT_LOG_STOP();
+
     do_boot(&rsp);
 
     BOOT_LOG_ERR("Never should get here");
diff --git a/boot/zephyr/pm.yml b/boot/zephyr/pm.yml
@@ -39,4 +39,6 @@ mcuboot_pad:
   size: CONFIG_PM_PARTITION_SIZE_MCUBOOT_PAD
   placement:
     before: [mcuboot_primary_app]
-    align: {start: DT_FLASH_ERASE_BLOCK_SIZE}
+#ifdef CONFIG_FPROTECT
+    align: {start: CONFIG_FPROTECT_BLOCK_SIZE}
+#endif
diff --git a/boot/zephyr/prj.conf b/boot/zephyr/prj.conf
@@ -23,6 +23,7 @@ CONFIG_BOOT_BOOTSTRAP=n
 # CONFIG_TINYCRYPT_SHA256 is not set
 
 CONFIG_FLASH=y
+CONFIG_FPROTECT=y
 
 ### Various Zephyr boards enable features that we don't want.
 # CONFIG_BT is not set
