bootutil: loader: Remove encrypted/compressed images without support

Checks if images have compressed or encrypted image flags and, if so, and those options are not enabled in that MCUboot build, will class the images as invalid and delete them (these images cannot be used without support anyway) Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
mcu-tools · Aug 23, 2024 · 0f141e3 · 0f141e3
1 parent f3db744
commit 0f141e3
Showing 1 changed file with 15 additions and 1 deletion.
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
@@ -860,7 +860,9 @@ split_image_check(struct image_header *app_hdr,
  * Check that this is a valid header.  Valid means that the magic is
  * correct, and that the sizes/offsets are "sane".  Sane means that
  * there is no overflow on the arithmetic, and that the result fits
- * within the flash area we are in.
+ * within the flash area we are in. Also check the flags in the image
+ * and class the image as invalid if flags for encryption/compression
+ * are present but these features are not enabled.
  */
 static bool
 boot_is_header_valid(const struct image_header *hdr, const struct flash_area *fap)
@@ -879,6 +881,18 @@ boot_is_header_valid(const struct image_header *hdr, const struct flash_area *fa
         return false;
     }
 
+#if !defined(MCUBOOT_ENC_IMAGES)
+    if (IS_ENCRYPTED(hdr)) {
+        return false;
+    }
+#endif
+
+#if !defined(MCUBOOT_DECOMPRESS_IMAGES)
+    if (IS_COMPRESSED(hdr)) {
+        return false;
+    }
+#endif
+
     return true;
 }