diff --git a/include/bl_storage.h b/include/bl_storage.h index 1a9c26657afc..7da0bc46fcb1 100644 --- a/include/bl_storage.h +++ b/include/bl_storage.h @@ -275,6 +275,19 @@ int get_monotonic_counter(uint16_t counter_desc, counter_t *counter_value); */ int set_monotonic_counter(uint16_t counter_desc, counter_t new_counter); +/** + * @brief Checks whether it is possible to update the monotonic counter + * to a new value. + * + * @param[in] counter_desc Counter description. + * + * @retval 0 The counter was updated successfully. + * @retval -EINVAL @p counter_desc is invalid. + * @retval -ENOMEM There are no more free counter slots (see + * @kconfig{CONFIG_SB_NUM_VER_COUNTER_SLOTS}). + */ +int is_monotonic_counter_update_possible(uint16_t counter_desc); + /** * @brief The PSA life cycle states a device can be in. * diff --git a/subsys/bootloader/bl_storage/bl_storage.c b/subsys/bootloader/bl_storage/bl_storage.c index 5cff41a3938d..4596fa400a06 100644 --- a/subsys/bootloader/bl_storage/bl_storage.c +++ b/subsys/bootloader/bl_storage/bl_storage.c @@ -390,6 +390,27 @@ int set_monotonic_counter(uint16_t counter_desc, counter_t new_counter) return 0; } +int is_monotonic_counter_update_possible(uint16_t counter_desc) +{ + int err; + + const counter_t *next_counter_addr; + counter_t current_cnt_value; + + err = get_counter(counter_desc, ¤t_cnt_value, &next_counter_addr); + (void) current_cnt_value; + + if (err != 0) { + return err; + } + + if (next_counter_addr == NULL) { + err = -ENOMEM; + } + + return err; +} + static lcs_data_t bl_storage_lcs_get(uint32_t address) { #if defined(CONFIG_NRFX_NVMC) diff --git a/subsys/bootloader/bl_storage/nrf_nv_counters.c b/subsys/bootloader/bl_storage/nrf_nv_counters.c index 0215dd599768..89cc51b8f057 100644 --- a/subsys/bootloader/bl_storage/nrf_nv_counters.c +++ b/subsys/bootloader/bl_storage/nrf_nv_counters.c @@ -74,3 +74,19 @@ int32_t boot_nv_security_counter_update(uint32_t image_id, uint32_t img_security return err == 0 ? 0 : -BOOT_EBADSTATUS; } + +fih_int boot_nv_security_counter_is_update_possible(uint32_t image_id, + uint32_t img_security_cnt) +{ + int err; + (void) image_id; + (void) img_security_cnt; + + err = is_monotonic_counter_update_possible(BL_MONOTONIC_COUNTERS_DESC_MCUBOOT_ID0); + + if (err != 0) { + FIH_RET(FIH_FAILURE); + } + + FIH_RET(FIH_SUCCESS); +} diff --git a/west.yml b/west.yml index f0a887843c10..7230b56bfdcf 100644 --- a/west.yml +++ b/west.yml @@ -128,7 +128,7 @@ manifest: compare-by-default: true - name: mcuboot repo-path: sdk-mcuboot - revision: 6c096b8ed7bfddf044b20dfb512c4c1fd06c2ef6 + revision: 0fadab126d9ba51365b3db1cdb6d55ed892c62b4 path: bootloader/mcuboot - name: qcbor url: https://github.com/laurencelundblade/QCBOR