[nrf noup] boot: zephyr: BM key revocation

nrf-squash! [nrf noup] boot: zephyr: Add bm firmware loader code

adds KMU key reocation to BM firmware loader.

Signed-off-by: Mateusz Michalek <[email protected]>

Author: michalek-no

boot/zephyr/firmware_loader_bm.c

@@ -15,6 +15,7 @@
 #include "bootutil/bootutil_public.h"
 #include "bootutil/fault_injection_hardening.h"
 #include <bm_installs.h>
+#include "bootutil/key_revocation.h"
 
 #include "io/io.h"
 #include "mcuboot_config/mcuboot_config.h"
@@ -249,6 +250,15 @@ boot_go(struct boot_rsp *rsp)
     }
 #endif
 
+#if defined(CONFIG_BOOT_KEYS_REVOCATION)
+    if (softdevice_image_valid == true && firmware_loader_image_valid == true) {
+        allow_revoke();
+        if (revoke() != BOOT_KEY_REVOKE_OK) {
+            return -1;
+        }
+    }
+#endif /*CONFIG_BOOT_KEYS_REVOCATION*/
+
     if (app_installer_image_valid == true && app_installer_is_installer_image == true) {
         /* Installer image is present, this gets priority */
         BOOT_LOG_DBG("Booting installer");