blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 09:09:10 -04:00
Code Issues Projects Releases Wiki Activity
esp-idf/components/bootloader/Kconfig.bootloader_rollback
Konstantin Kondrashov 816a0da0fd feat(bootloader): Adds bootloader anti rollback configs
2024-11-08 13:53:24 +02:00

26 lines
1.0 KiB
Plaintext
Raw Permalink Blame History

menu "Bootloader Rollback"
config BOOTLOADER_ANTI_ROLLBACK_ENABLE
bool "Enable bootloader rollback support"
depends on SOC_RECOVERY_BOOTLOADER_SUPPORTED
default n
help
This option prevents rollback to previous bootloader image with lower security version.
config BOOTLOADER_SECURE_VERSION
int "Secure version of bootloader"
depends on BOOTLOADER_ANTI_ROLLBACK_ENABLE
default 0
range 0 4
help
The secure version is the sequence number stored in the header of each bootloader.
The ROM Bootloader which runs the 2nd stage bootloader (PRIMARY or RECOVERY) checks that
the security version is greater or equal that recorded in the eFuse field.
Bootloaders that have a secure version in the image < secure version in efuse will not boot.
The security version is worth increasing if in previous versions there is
a significant vulnerability and their use is not acceptable.
endmenu
Reference in New Issue View Git Blame Copy Permalink