Skip to content

validate model identifier on boot #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 27, 2025
Merged

validate model identifier on boot #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions boot/bootutil/src/image_validate.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,7 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
#define EXPECTED_SIG_0_TLV 0x00A0
#define EXPECTED_SIG_1_TLV 0x00A1
#define EXPECTED_SIGMASK_TLV 0x00A2
#define EXPECTED_MODEL_TLV 0x00A3
#define SIG_BUF_SIZE 64
#define EXPECTED_SIG_LEN(x) ((x) == SIG_BUF_SIZE)

Expand Down Expand Up @@ -307,6 +308,7 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
int rc = 0;
bool sig_0_found = false;
bool sig_1_found = false;
bool model_valid = false;
uint16_t sigmask = 0;
FIH_DECLARE(fih_rc, FIH_FAILURE);
uint32_t off;
Expand Down Expand Up @@ -450,6 +452,28 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
memcpy(sig1, buf, len);
break;
}
case EXPECTED_MODEL_TLV:
{
uint32_t model_identifier = 0;
if (len != sizeof(model_identifier)) {
rc = -1;
goto out;
}

rc = LOAD_IMAGE_DATA(hdr, fap, off, &model_identifier, len);
if (rc) {
goto out;
}

if (model_identifier == MODEL_IDENTIFIER) {
model_valid = true;
} else {
rc = -1;
goto out;
}

break;
}
}
}

Expand All @@ -458,6 +482,11 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
goto out;
}

if (!model_valid) {
rc = -1;
goto out;
}

int sig0_idx = sigmask & (1 << 0) ? 0 : 1;
int sig1_idx = sigmask & (1 << 2) ? 2 : 1;

Expand Down
3 changes: 3 additions & 0 deletions boot/zephyr/Kconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,9 @@ endif

if !BOOT_SIGNATURE_USING_KMU

config MODEL_IDENTIFIER
int "Model identifier"

config BOOT_PRODUCTION_KEY
bool "Use production key for signature verification"
default n
Expand Down
3 changes: 3 additions & 0 deletions boot/zephyr/include/mcuboot_config/mcuboot_config.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,9 @@
#define MCUBOOT_PRODUCTION_KEY
#endif

#ifdef CONFIG_MODEL_IDENTIFIER
#define MODEL_IDENTIFIER CONFIG_MODEL_IDENTIFIER
#endif

#ifdef CONFIG_BOOT_BOOTSTRAP
#define MCUBOOT_BOOTSTRAP 1
Expand Down
Loading