lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200528112231.GA22054@duo.ucw.cz>
Date:   Thu, 28 May 2020 13:22:31 +0200
From:   Pavel Machek <pavel@...x.de>
To:     "Alessandrelli, Daniele" <daniele.alessandrelli@...el.com>
Cc:     "arnd@...db.de" <arnd@...db.de>,
        "robh@...nel.org" <robh@...nel.org>,
        "Murphy, Paul J" <paul.j.murphy@...el.com>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        "Shevchenko, Andriy" <andriy.shevchenko@...el.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "daniele.alessandrelli@...ux.intel.com" 
        <daniele.alessandrelli@...ux.intel.com>
Subject: Re: [PATCH 1/1] soc: keembay: Add Keem Bay IMR driver

Hi!

> > Agreed, this sounds like an incompatible extension of the boot
> > protocol
> > that we should otherwise not merge.
> > 
> > However, there is also a lot of missing information here, and it is
> > always
> > possible they are trying to something for a good reason. As long as
> > the
> > problem that the bootloader is trying to solve is explained well
> > enough
> > in the changelog, we can discuss it to see how it should be done
> > properly.
> 
> 
> Apologies, I should have provided more information. Here it is :)
> 
> Basically, at boot time U-Boot code and core memory (.text, .data,
> .bss, etc.) is protected by this Isolated Memory Region (IMR) which
> prevents any device or processing units other than the ARM CPU to
> access/modify the memory.
> 
> This is done for security reasons, to reduce the risks that a potential
> attacker can use "hijacked" HW devices to interfere with the boot
> process (and break the secure boot flow in place).

Dunno. You disable that after boot anyway. Whether it is disabled just
before starting kernel or just after it makes very little difference.

Plus, I'm not sure if this has much security value at all. If I can
corrupt data u-boot works _with_ (such as kernel, dtb), I'll take over
the system anyway.

IOW I believe the best/simplest way is to simply disable this in
u-boot before jumping to kernel entrypoint.

Best regards,
									Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ