lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <63c7f925-869e-1053-2f80-0fbb680dcc2f@siemens.com>
Date:   Wed, 15 Feb 2017 19:47:11 +0100
From:   Jan Kiszka <jan.kiszka@...mens.com>
To:     Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc:     Matt Fleming <matt@...eblueprint.co.uk>,
        "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Andy Shevchenko <andy.shevchenko@...il.com>
Subject: Re: [PATCH 0/2] efi: Enhance capsule loader to support signed Quark
 images

On 2017-02-15 19:17, Ard Biesheuvel wrote:
> On 15 February 2017 at 18:14, Jan Kiszka <jan.kiszka@...mens.com> wrote:
>> See patch 2 for the background.
>>
>> Series has been tested on the Galileo Gen2, to exclude regressions, with
>> a firmware.cap without security header and the SIMATIC IOT2040 which
>> requires the header because of its mandatory secure boot.
>>
> 
> Hello Jan,
> 
> What is a Quark? Is it in the UEFI spec?

http://ark.intel.com/products/79084/Intel-Quark-SoC-X1000-16K-Cache-400-MHz

I didn't find any obvious reference to this format in the UEFI spec.
This might be specific to the Quark UEFI EDK2 that Intel ships (it's not
in upstream edk2) and that was used as foundation for the IOT2000
series. The capsule driver that Intel includes in their Galileo BSP does
something similar (I don't have a browsable reference to that at hand,
sorry, must be in this nice package
https://downloadcenter.intel.com/download/24702/Intel-Galileo-Board-GPL-Compliance-files-1-0-4?product=83137).

Jan

> 
>> Jan Kiszka (2):
>>   efi/capsule: Prepare for loading images with security header
>>   efi/capsule: Add support for Quark security header
>>
>>  drivers/firmware/efi/capsule-loader.c | 73 ++++++++++++++++++++++++++++++-----
>>  drivers/firmware/efi/capsule.c        | 19 +++++++--
>>  include/linux/efi.h                   |  2 +-
>>  3 files changed, 79 insertions(+), 15 deletions(-)
>>
>> --
>> 2.1.4
>>


-- 
Siemens AG, Corporate Technology, CT RDA ITP SES-DE
Corporate Competence Center Embedded Linux

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ