I am using NCS SDK 2.6.1 , developing nrf52840 firmware, coding with zephyr.
I need BLE DFU function, so I add two lines to my prj.conf, following this URL: https://devzone.nordicsemi.com/guides/nrf-connect-sdk-guides/b/software/posts/ncs-dfu#mcetoc_1h90kb1ii2
What I added is:
#Enable MCUBOOT bootloader build in the application
CONFIG_BOOTLOADER_MCUBOOT=y
#Include MCUMGR and the dependencies in the build
CONFIG_NCS_SAMPLE_MCUMGR_BT_OTA_DFU=y
And the example code "ble_dfu_peripheral_lbs" work with Nrf connect device manager app (which I downloaded from Google app store) very fine.
But my issue is: In this case, everyone can upload their firmware code to our company's hardware, there are security risks.
By just adding these two lines, I found bootloader will accept Nrf connect device manager app connection and doing DFU without any security check.
I had developed nrf52 SDK before, in old SDK, users need to hold button 4 when power on, then nrf52840 can enter DFU mode.
But now, everyone has Nrf connect device manager app can upload code to my nrf52840 at any time without any key press.
Bootloader seems accept Nrf connect device manager app connections and commands automatically.
Would you please help me to find out the way :
--> temporary disable bootloader to accept nrf connect device manager app's connection and commands until button pressed?
--> Or implement old nrf52 SDK DFU functions (not buttonless, we need button!) in nrf connect SDK v2.6.1 ?
Thank you very much.