From ccbb381a9034ac4c5c9307899424b45125d306e3 Mon Sep 17 00:00:00 2001
From: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
Date: Thu, 1 Aug 2024 19:13:41 +0200
Subject: [PATCH] bootloader: Fix up lacking fprotect guards

Instead of just failing on compilation this commit changes fprotect
requirements so that it prints out a warning and error in log.

Signed-off-by: Mateusz Michalek <mateusz.michalek@nordicsemi.no>
---
 samples/bootloader/src/main.c       | 17 ++++++++++++++---
 subsys/bootloader/bl_boot/bl_boot.c |  9 ++++++++-
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/samples/bootloader/src/main.c b/samples/bootloader/src/main.c
index 16a3b387532b..4fcffcc8d649 100644
--- a/samples/bootloader/src/main.c
+++ b/samples/bootloader/src/main.c
@@ -9,7 +9,11 @@
 #include <zephyr/sys/printk.h>
 #include <pm_config.h>
 #include <fw_info.h>
+#ifdef CONFIG_FPROTECT
 #include <fprotect.h>
+#else
+#warning "FPROTECT not enabled, the bootloader will be unprotected."
+#endif
 #include <bl_storage.h>
 #include <bl_boot.h>
 #include <bl_validation.h>
@@ -60,7 +64,7 @@ SYS_INIT(load_huk, PRE_KERNEL_2, 0);
 #endif
 
 
-static void validate_and_boot(const struct fw_info *fw_info, uint16_t slot)
+static void validate_and_boot(const struct fw_info *fw_info, counter_t slot)
 {
 	printk("Attempting to boot slot %d.\r\n", slot);
 
@@ -81,7 +85,8 @@ static void validate_and_boot(const struct fw_info *fw_info, uint16_t slot)
 
 	printk("Firmware version %d\r\n", fw_info->version);
 
-	uint16_t stored_version;
+	counter_t stored_version;
+
 	int err = get_monotonic_version(&stored_version);
 
 	if (err) {
@@ -123,7 +128,13 @@ static void validate_and_boot(const struct fw_info *fw_info, uint16_t slot)
 
 int main(void)
 {
-	int err = fprotect_area(PM_B0_ADDRESS, PM_B0_SIZE);
+	int err = 0;
+
+	if (IS_ENABLED(CONFIG_FPROTECT)) {
+		err = fprotect_area(PM_B0_ADDRESS, PM_B0_SIZE);
+	} else {
+		printk("Fprotect disabled. No protection applied.\n\r");
+	}
 
 	if (err) {
 		printk("Failed to protect B0 flash, cancel startup.\n\r");
diff --git a/subsys/bootloader/bl_boot/bl_boot.c b/subsys/bootloader/bl_boot/bl_boot.c
index 45575dc5a49d..3e6f20fc4fa4 100644
--- a/subsys/bootloader/bl_boot/bl_boot.c
+++ b/subsys/bootloader/bl_boot/bl_boot.c
@@ -6,6 +6,7 @@
 
 #include <soc.h>
 #include <zephyr/sys/printk.h>
+#include <zephyr/kernel.h>
 #include <pm_config.h>
 #include <fw_info.h>
 #include <fprotect.h>
@@ -77,7 +78,13 @@ void bl_boot(const struct fw_info *fw_info)
 	 * bootloader storage data is locked together with the network core
 	 * application.
 	 */
-	int err = fprotect_area(PM_PROVISION_ADDRESS, PM_PROVISION_SIZE);
+	int err = 0;
+
+	if (IS_ENABLED(CONFIG_FPROTECT)) {
+		err = fprotect_area(PM_PROVISION_ADDRESS, PM_PROVISION_SIZE);
+	} else {
+		printk("Fprotect disabled. No protection applied.\n\r");
+	}
 
 	if (err) {
 		printk("Failed to protect bootloader storage.\n\r");