sim: Test software rollback protection
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: David Brown <david.brown@linaro.org>
diff --git a/sim/mcuboot-sys/Cargo.toml b/sim/mcuboot-sys/Cargo.toml
index 3466ff0..cbf05e5 100644
--- a/sim/mcuboot-sys/Cargo.toml
+++ b/sim/mcuboot-sys/Cargo.toml
@@ -47,6 +47,9 @@
# Support multiple images (currently 2 instead of 1).
multiimage = []
+# Check (in software) against version downgrades.
+downgrade-prevention = []
+
[build-dependencies]
cc = "1.0.25"
diff --git a/sim/mcuboot-sys/build.rs b/sim/mcuboot-sys/build.rs
index 1c6584f..3bf4409 100644
--- a/sim/mcuboot-sys/build.rs
+++ b/sim/mcuboot-sys/build.rs
@@ -22,6 +22,7 @@
let enc_ec256 = env::var("CARGO_FEATURE_ENC_EC256").is_ok();
let bootstrap = env::var("CARGO_FEATURE_BOOTSTRAP").is_ok();
let multiimage = env::var("CARGO_FEATURE_MULTIIMAGE").is_ok();
+ let downgrade_prevention = env::var("CARGO_FEATURE_DOWNGRADE_PREVENTION").is_ok();
let mut conf = cc::Build::new();
conf.define("__BOOTSIM__", None);
@@ -31,6 +32,10 @@
conf.define("MCUBOOT_MAX_IMG_SECTORS", Some("128"));
conf.define("MCUBOOT_IMAGE_NUMBER", Some(if multiimage { "2" } else { "1" }));
+ if downgrade_prevention && !overwrite_only {
+ panic!("Downgrade prevention requires overwrite only");
+ }
+
if bootstrap {
conf.define("MCUBOOT_BOOTSTRAP", None);
}
@@ -39,6 +44,10 @@
conf.define("MCUBOOT_VALIDATE_PRIMARY_SLOT", None);
}
+ if downgrade_prevention {
+ conf.define("MCUBOOT_DOWNGRADE_PREVENTION", None);
+ }
+
// Currently no more than one sig type can be used simultaneously.
if vec![sig_rsa, sig_rsa3072, sig_ecdsa, sig_ed25519].iter()
.fold(0, |sum, &v| sum + v as i32) > 1 {