Configuring Ratcheting for OEM Owned Software Components
When performing a partial update, to ensure ratcheting of the software, update mb1-bct as well as the software.
Ratcheting helps detect and prevent rollback to earlier software versions. There is no self-enforced ratchet check available in OEM software components. Only the loader-enforced ratchet check is performed by the corresponding loader of the OEM firmware binaries.
The loader checks the firmware version in MB1_BCT with the firmware version in the BCH of the component. If the component version in BCH is less than one in MB1_BCT, the loader performs the recovery action.
For more details on matching criteria and recovery actions, see the Ratchet Check for OEM Owned Software Components section under Ratcheting in the Bootloader section.
Updating the Configuration File
Only modify the version number(s) in the configuration file. Do not modify any other data in the file other than the version number.
The OEM owned firmware version values, both in MB1_BCT and in BCH of the component, are generated from the configuration file included in the package:
This file is located in the folder:
This file is referred to in via the f_MB1MinRatchet variable. If you plan to use a different config file you can override the f_MB1MinRatchet value string with the absolute path of your ratchet config file for your platform.
During, flashing, and offline binaries creation, all the values listed in this ratchet configuration file are copied to MB1_BCT and to the BCH of corresponding firmware components. As described in the Bootloader section, the version value in the configuration file must always be updated with latest version number to enable bootloaders to detect and prevent rollback to earlier versions.
The format for each OEM firmware component in the configuration file is:
ratchet.offset_number.bootloader_name.component_name = version_number
When the OEM wants to ensure ratchet of a software, the ratchet configuration must be updated with the latest version information. Update the version number in the ratchet configuration file for the following:
Modified component(s)
For MB1_BCT, the mb1bct version number in hardware fuses is updated by quickboot when both bootchain’s MB1_BCTs are updated with the ratchet configuration value. For more details on hardware fusing for OEM owned firmware components, see the Bootloader section.