From 9d784ba44d95cd019adc383dbed74dc74864228f Mon Sep 17 00:00:00 2001
From: Sigvart Hovland <sigvart.hovland@nordicsemi.no>
Date: Wed, 27 Sep 2023 15:18:04 +0200
Subject: [PATCH] loader: Add firmware info version check to downgrade
 prevention

For nRF53, the only existing version number metadata is stored in the
`firmware_info` structure in the network core. This utilizes PCD to read
out the version number and compares it against the version number found
in the secondary slot for the network core.

Ref. NCSDK-21379
---
 boot/bootutil/src/loader.c | 46 +++++++++++++++++++++++++++++++++++---
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
index f89f02808..64cadaf5f 100644
--- a/boot/bootutil/src/loader.c
+++ b/boot/bootutil/src/loader.c
@@ -49,6 +49,7 @@
 #include "bootutil/mcuboot_status.h"
 
 #if defined(CONFIG_SOC_NRF5340_CPUAPP) && defined(PM_CPUNET_B0N_ADDRESS)
+#include <fw_info_bare.h>
 #include <dfu/pcd.h>
 #endif
 
@@ -775,9 +776,48 @@ boot_validate_slot(struct boot_loader_state *state, int slot,
 #if defined(MCUBOOT_OVERWRITE_ONLY) && defined(MCUBOOT_DOWNGRADE_PREVENTION)
     if (slot != BOOT_PRIMARY_SLOT) {
         /* Check if version of secondary slot is sufficient */
-        rc = boot_version_cmp(
-                &boot_img_hdr(state, BOOT_SECONDARY_SLOT)->ih_ver,
-                &boot_img_hdr(state, BOOT_PRIMARY_SLOT)->ih_ver);
+
+	/* Prototype to be moved in to hook */
+	#if defined(CONFIG_SOC_NRF5340_CPUAPP)
+	if (BOOT_CURR_IMG(state) == 1) {
+		uint32_t version = 0;
+		const struct fw_info *firmware_info;
+
+		rc = pcd_network_core_app_version(&version);
+		if (rc != 0) {
+			BOOT_LOG_ERR("Failure fetching network core application version");
+		}
+
+		uint32_t read_flash_page [1024];
+		rc = flash_area_read(fap, hdr->ih_load_addr, &read_flash_page, 1024*sizeof(uint32_t));
+		if (rc != 0) {
+			BOOT_LOG_ERR("Failure reading flash area");
+			fih_rc = FIH_NO_BOOTABLE_IMAGE;
+			goto out;
+		}
+
+		firmware_info = fw_info_find((uint32_t) &read_flash_page);
+		if (firmware_info != NULL) {
+			if (firmware_info->version < version) {
+				BOOT_LOG_DBG("Firmware version: %d < Update version %d", version, firmware_info->version);
+				rc = -EINVAL;
+			} else {
+				rc = 0;
+			}
+		} else {
+			BOOT_LOG_ERR("Could not find valid metadata");
+			rc = -EFAULT;
+		}
+	} else {
+		rc = boot_version_cmp(
+				&boot_img_hdr(state, BOOT_SECONDARY_SLOT)->ih_ver,
+				&boot_img_hdr(state, BOOT_PRIMARY_SLOT)->ih_ver);
+	}
+	#else
+	rc = boot_version_cmp(
+			&boot_img_hdr(state, BOOT_SECONDARY_SLOT)->ih_ver,
+			&boot_img_hdr(state, BOOT_PRIMARY_SLOT)->ih_ver);
+	#endif
         if (rc < 0 && boot_check_header_erased(state, BOOT_PRIMARY_SLOT)) {
             BOOT_LOG_ERR("insufficient version in secondary slot");
             flash_area_erase(fap, 0, flash_area_get_size(fap));