[PATCH 00/13] am625: support secure loading of full barebox
Sascha Hauer
s.hauer at pengutronix.de
Tue Mar 11 01:12:51 PDT 2025
On Mon, Mar 10, 2025 at 06:40:58PM +0100, Marco Felsch wrote:
> Hi Sascha,
>
> On 25-02-28, Sascha Hauer wrote:
> > On K3 SoCs only a small barebox is loaded by the ROM into SRAM. This
> > barebox then loads the full barebox from SD/eMMC or USB DFU. In a secure
> > boot environment the full barebox must be authenticated. This series
> > implements two ways for accomplishing this.
> >
> > First way is to utilize the ROM API to authenticate images. The other
> > way is to compile a secure hash into the first stage binary and check
> > if the full barebox image matches the hash. Using the ROM API means
> > different first stage and second stage images can be combined whereas
> > hashing binds specific builds together avoiding mix and match attacks.
>
> before having a closer look on your patchset, do we really want to have
> the 2nd case to be available?
Yes, as explained to avoid mix-and-match attacks.
> If we really want the 2nd case to be
> available we should bound it to CONFIG_INSECURE (if not already done).
Ok, will do.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox
mailing list