On Mon, Mar 11, 2019 at 01:43:19PM +0000, Tamas Ban via TF-M wrote:
https://developer.trustedfirmware.org/w/tf_m/design/trusted_boot/rollback_pr...
Oh, and a little terminology comment about the Trusted non-volatile (NV) counters. This section should use "increase" and "decrease" not "increment" and "decrement". There is no requirement that the counter only be incremented (having 1 added to the value), only that it be set to a larger value than the current value.
You should probably also add a discussion as to how testing will be done with a HW security counter.
Again, my suggestion is to not add an additional counter, but just use the existing version field (minus the build number) as the security counter value.
David
tf-m@lists.trustedfirmware.org