Bootutil: Log error code when security counter update fails #2578
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Antonio de Angelis <[email protected]> Change-Id: I6d18c6b555effaa7153c8098ebd813a65378689d
nordicjm
requested changes
Dec 9, 2025
| if (rc != 0) { | ||
| BOOT_LOG_ERR("Security counter update failed after image upgrade."); | ||
| BOOT_LOG_ERR( | ||
| "Security counter update failed after image upgrade (rc = 0x%x).", |
Collaborator
There was a problem hiding this comment.
let's use the same format of how we log errors in MCUboot already:
./boot/zephyr/main.c: BOOT_LOG_ERR("flash_area_open failed with %d", rc);
./boot/zephyr/main.c: BOOT_LOG_ERR("flash_area_read failed with %d", rc);
./boot/nuttx/src/flash_map_backend/flash_map_backend.c: BOOT_LOG_ERR("Error retrieving MTD device geometry: %d", errcode);
./boot/nuttx/src/flash_map_backend/flash_map_backend.c: BOOT_LOG_ERR("Error retrieving MTD partition info: %d", errcode);
./boot/nuttx/src/flash_map_backend/flash_map_backend.c: BOOT_LOG_ERR("Error retrieving MTD device erase state: %d", errcode);
./boot/bootutil/src/encrypted_psa.c: BOOT_LOG_ERR("Key derivation failed %d", psa_ret);
./boot/bootutil/src/encrypted_psa.c: BOOT_LOG_ERR("Key derivation failed %d", psa_ret);
./boot/boot_serial/src/boot_serial.c: BOOT_LOG_ERR("Failed to open flash areas: %d", rc);
./boot/boot_serial/src/boot_serial.c: BOOT_LOG_ERR("Failed to read sectors: %d", rc);
and put it all on one line since the line length is 100 chars, fix in whole PR
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently error messages when the security counter updates fail (i.e. when Rollback protection is enabled) just return a textual string and possibly the image ID failing. Amend that such that it will also return the error code
rcfrom the platform functions that are accessing the security counter, as it helps debugging where the issue might lie without providing a special build with logging enabled or attaching to the device which might be impractical.