lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1430143192-20667-1-git-send-email-jbe@pengutronix.de>
Date:	Mon, 27 Apr 2015 15:59:46 +0200
From:	Juergen Borleis <jbe@...gutronix.de>
To:	linux-kernel@...r.kernel.org
Cc:	rtc-linux@...glegroups.com, kernel@...gutronix.de,
	Alessandro Zummo <a.zummo@...ertech.it>,
	linux-arm-kernel@...ts.infradead.org
Subject: [PATCHv2] RTC/i.MX/DryICE: add recovery routines to the driver

The built-in RTC unit on some i.MX SoCs isn't an RTC only. It is also a tamper
monitor unit which can keep some (secret) keys. When it does its tamper
detection job and a security violation is detected, the whole DryICE unit
including the real-time counter locks completely. In this state the whole unit
is completely useless. The only way to bring it out of this locked state is a
power cylce with a POR (most of the case) or additionally a battery power
cycle which includes the loss of the secret keys.
At the next boot time some flags signals the security violation and a specific
register access sequence must be done to finaly bring this unit into life
again. Until this is done, there is no way to use it again as an RTC.

But also without any enabled tamper detection sometimes this unit tends to
lock. And in this case the same steps must be done to bring it into life
again.

The current implementation of the DryIce driver isn't able to unlock the
device successfully in the case it is locked somehow. Only a full power cycle
including *battery power* can help in this case.

The attached change set adds the required routines to be able to unlock the
DryIce unit in the case the driver detects a locked unit. This includes
unlocking it if it is locked by accident or malfunction and not by a real
security violation.

The last patch of this series is for reference only and should not be part
of the kernel. It just adds some code to force a locked DryIce unit to check
if the new routines are able to unlock it again. This code was required
because I had no hardware which really uses the tamper detection features of
this unit.

This is the 2nd version of the patch series. Hopefully I addressed all comments
from Alexandre.

In this version I added a new patch which replaces all __raw* register functions
as recommended by Alexandre.

Comments are welcome.

jbe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ