Downgrade protection works only for the app_core -image-and not for the net-core -image

Hallo,

we are using the nrf5340 and the ncs Version 2.6.1.

I activated the software downgrade protection as described here Downgrade protection (nordicsemi.com)

Then I made some simultaneious FOTA updates (App-image + Net-image) by using the nRF Connect app with different versions.

What I see is that the downngrade protection works for the App-image. It is not possible to update an App-image V2.0.0. with an App-image V1.0.0.

But it is possible to downgrade the Net- image V2.0.0 with the Net-image V1.0.0

How can I activate the downgrade protection also for the net-core ?

 

Best regards,

Georg

Parents
  • Hi, 

    Do you test the MCUBoot version by adjusting CONFIG_MCUBOOT_HW_DOWNGRADE_PREVENTION_COUNTER_VALUE?

    How do you check the version number? You can check the version by 

    imgtool verify build/zephyr/net_core_app_update.bin

    Regards,
    Amanda H.

  • Hi,

    I checked the version information by looking into the header of the net_core_app update.bin file.  

    Here are the configuration switches which I have added to activate the downgrade prevention:

    CONFIG_BOOT_VERSION_CMP_USE_BUILD_NUMBER=y
    CONFIG_MCUBOOT_DOWNGRADE_PREVENTION=y

    In the build configuration I added:

    -DSB_CONFIG_MCUBOOT_MODE_OVERWRITE_ONLY=y

    And  there is also a VERSION file which looks like this:

    Some additional information:

    We are using a serial external flash to store the secondary images of the app-core and the net-core.

    After making an simultaineious update by using dfu_application.zip it seems that the header ifnormation of the net_core_app_update.bin is corrupt when lokking into the memory of the nrf5340-net-core. So there is no version information any more.

    When looking into the memory of the app-core the header information seems to be ok 

    Best regards,

    Georg

  • Hi Amanda,

    thank you for your answer.

    When looking in the google play store I can't find the nRF Device app.

    There is a nRF Device Manager app but here I can't find the option to read out the version.

    Which app do you mean?

    To get different versions for the net-image I added a version string in the main program of the net-core-image like this:

    After updating the device I read out the memory of the nrf5340 (with the Programmer) and check the version string like this:

    What I found out during debugging is that the version of the net image get lost when MCUboot transfers the net-core-image from the secondary slot to the primary slot. The version information which is placed in the header of the net_core_app_update.bin image is not programmed into the net core (primary slot). MCUboot assumes that the version of the net-core-image is 0.0.0, this means that downgrade prevention doesn’t work.

    See the function boot_read_image_header_hook_in the file nrf_hooks.c

    int boot_read_image_header_hook_(int img_index, int slot, struct image_header *img_head)
    {
    	if (img_index == 1 && slot == 0) {
    		img_head->ih_magic = IMAGE_MAGIC;
    		img_head->ih_hdr_size = PM_MCUBOOT_PAD_SIZE;
    		img_head->ih_load_addr = PM_MCUBOOT_PRIMARY_1_ADDRESS;
    		img_head->ih_img_size = PM_CPUNET_APP_SIZE;
    		img_head->ih_flags = 0;
    		img_head->ih_ver.iv_major = 0;
    		img_head->ih_ver.iv_minor = 0;
    		img_head->ih_ver.iv_revision = 0;
    		img_head->ih_ver.iv_build_num = 0;
    		img_head->_pad1 = 0;
    		return 0;
    	}
    
    	return BOOT_HOOK_REGULAR;
    }
    

    Best regards,

    Georg


  • Hi, 

    Sorry, it's nRF Connect Device Manager

    Thanks for finding the root cause. I will report to the internal. 

    -Amanda H.

  • Hi just wanted to add that we just found the same issue so can confirm a reproducible offender. 

  • Hi,

    thank you.

    I hope you find a solution because we want to use this feature in our product.

    Best regards,

    Georg

Reply Children
No Data
Related