Skip to content

bootloader: mcuboot: Fixed security counter overflow detected to late #23779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 18, 2025
Merged

bootloader: mcuboot: Fixed security counter overflow detected to late #23779

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions include/bl_storage.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,19 @@ int get_monotonic_counter(uint16_t counter_desc, counter_t *counter_value);
*/
int set_monotonic_counter(uint16_t counter_desc, counter_t new_counter);

/**
* @brief Checks whether it is possible to update the monotonic counter
* to a new value.
*
* @param[in] counter_desc Counter description.
*
* @retval 0 The counter was updated successfully.
* @retval -EINVAL @p counter_desc is invalid.
* @retval -ENOMEM There are no more free counter slots (see
* @kconfig{CONFIG_SB_NUM_VER_COUNTER_SLOTS}).
*/
int is_monotonic_counter_update_possible(uint16_t counter_desc);

/**
* @brief The PSA life cycle states a device can be in.
*
Expand Down
21 changes: 21 additions & 0 deletions subsys/bootloader/bl_storage/bl_storage.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -390,6 +390,27 @@ int set_monotonic_counter(uint16_t counter_desc, counter_t new_counter)
return 0;
}

int is_monotonic_counter_update_possible(uint16_t counter_desc)
{
int err;

const counter_t *next_counter_addr;
counter_t current_cnt_value;

err = get_counter(counter_desc, &current_cnt_value, &next_counter_addr);
(void) current_cnt_value;

if (err != 0) {
return err;
}

if (next_counter_addr == NULL) {
err = -ENOMEM;
}

return err;
}

static lcs_data_t bl_storage_lcs_get(uint32_t address)
{
#if defined(CONFIG_NRFX_NVMC)
Expand Down
16 changes: 16 additions & 0 deletions subsys/bootloader/bl_storage/nrf_nv_counters.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,19 @@ int32_t boot_nv_security_counter_update(uint32_t image_id, uint32_t img_security

return err == 0 ? 0 : -BOOT_EBADSTATUS;
}

fih_int boot_nv_security_counter_is_update_possible(uint32_t image_id,
uint32_t img_security_cnt)
{
int err;
(void) image_id;
(void) img_security_cnt;

err = is_monotonic_counter_update_possible(BL_MONOTONIC_COUNTERS_DESC_MCUBOOT_ID0);

if (err != 0) {
FIH_RET(FIH_FAILURE);
}

FIH_RET(FIH_SUCCESS);
}
2 changes: 1 addition & 1 deletion west.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ manifest:
compare-by-default: true
- name: mcuboot
repo-path: sdk-mcuboot
revision: 6c096b8ed7bfddf044b20dfb512c4c1fd06c2ef6
revision: 0fadab126d9ba51365b3db1cdb6d55ed892c62b4
path: bootloader/mcuboot
- name: qcbor
url: https://github.com/laurencelundblade/QCBOR
Expand Down
Loading