From 4770f18137566b25518f077c8e0a5c3ea4021ecc Mon Sep 17 00:00:00 2001
From: Daniel Jobson <jobson@tillitis.se>
Date: Wed, 18 Sep 2024 11:19:31 +0200
Subject: [PATCH] preload_add: only allow mgmt app to store or delete

---
 hw/application_fpga/fw/tk1/preload_app.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/hw/application_fpga/fw/tk1/preload_app.c b/hw/application_fpga/fw/tk1/preload_app.c
index adb40a3..db5ca20 100644
--- a/hw/application_fpga/fw/tk1/preload_app.c
+++ b/hw/application_fpga/fw/tk1/preload_app.c
@@ -5,6 +5,7 @@
 #include "../tk1_mem.h"
 #include "flash.h"
 #include "lib.h"
+#include "mgmt_app.h"
 #include "partition_table.h"
 
 #include <stdbool.h>
@@ -50,6 +51,11 @@ int preload_store(partition_table_t *part_table)
 	// where to store.
 	//  Most likely needs to aggregate some data, before it writes to flash.
 
+	/* Check if we are allowed to deleted */
+	if (!mgmt_app_authenticate(&part_table->mgmt_app_data)) {
+		return -1;
+	}
+
 	/*Check for a valid app in flash, bale out if it already exists */
 	if (preload_check_valid_app(part_table)) {
 		return -1;
@@ -60,6 +66,11 @@ int preload_store(partition_table_t *part_table)
 
 int preload_delete(partition_table_t *part_table)
 {
+	/* Check if we are allowed to deleted */
+	if (!mgmt_app_authenticate(&part_table->mgmt_app_data)) {
+		return -1;
+	}
+
 	/*Check for a valid app in flash	*/
 	if (!preload_check_valid_app(part_table)) {
 		return 0;