Prevent_Firmware_Rollback

APIs for preventing Rollback of unsafe firmware images.

Data Structures

struct sl_wfx_prevent_rollback_req_body_t
Prevent Rollback request.
struct sl_wfx_prevent_rollback_cnf_body_t
Confirmation of the Prevent Rollback request.

Detailed Description

APIs for preventing Rollback of unsafe firmware images.

By enabling this feature Device can prevent unsafe/outdated firmware from booting.

Each firmware owns its internal rollback revision number which is compared to an equivalent revision number burned in Device OTP memory. Depending on the comparison result, two use cases can occur:

  • Firmware revision number is higher or equal to the OTP number -> the firmware is allowed to proceed
  • Firmware revision number is lower than the OTP value -> the firmware is not allowed to proceed. An Error indication will be returned to the driver indicating the cause of the error (SL_WFX_ERROR_FIRMWARE_ROLLBACK).
Note
The firmware rollback revision number is different that the firmware version . The former is incremented only when some important fixes (i.e., Security patches) are provided by a given version of the firmware,that MUST be applied to Device and should not be reverted. Usually, subsequent firmware versions are supposed to embed the same rollback revision number.

The rollback capability relies on the use of a dedicated API sl_wfx_prevent_rollback_req_body_t .

All Device drivers supporting Rollback Prevention should send this request just after booting a new firmware. This way, any newer rollback revision number included in a firmware will be burned in the OTP.


Data Structure Documentation

sl_wfx_prevent_rollback_req_body_t

struct sl_wfx_prevent_rollback_req_body_t

Prevent Rollback request.

Prevent Rollback asks WLAN firmware to burn a new Firmware Rollback value in a dedicated OTP section.

The new value is encoded in the firmware itself. After it is burned, this value will prevent from starting all firmwares whose internal rollback value is lower than the OTP value.

Magic Word is used to prevent mistakenly sent requests from burning the OTP.

Definition at line 746 of file sl_wfx_general_api.h .

Data Fields
uint32_t magic_word Magic Word - should be 0x5C8912F3.

sl_wfx_prevent_rollback_cnf_body_t

struct sl_wfx_prevent_rollback_cnf_body_t

Confirmation of the Prevent Rollback request.

The request might have failed for the following reasons:

  • Wrong magic word value

Definition at line 762 of file sl_wfx_general_api.h .

Data Fields
uint32_t status Confirmation status, see enum sl_wfx_status_t.