secure and flexible boot with u boot bootloader
play

Secure and flexible boot with U-Boot bootloader Marek Va sut < - PowerPoint PPT Presentation

Nov 26, 2022 •32 likes •382 views

Secure and flexible boot with U-Boot bootloader Marek Va sut < marex@denx.de > October 15, 2014 Marek Va sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader Marek Vasut Software engineer at DENX S.E. since

  1. Secure and flexible boot with U-Boot bootloader Marek Vaˇ sut < marex@denx.de > October 15, 2014 Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  2. Marek Vasut ◮ Software engineer at DENX S.E. since 2011 ◮ Embedded and Real-Time Systems Services, Linux kernel and driver development, U-Boot development, consulting, training. ◮ Custodian at U-Boot bootloader ◮ Versatile Linux kernel hacker Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  3. Objective Tips to build a system, which. . . ◮ . . . is resistant against storage data corruption ◮ . . . is resistant against offline tampering ◮ . . . is resistant against data extraction Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  4. The boot process That’s easy ... not: ◮ Power on or Reset ◮ CPU starts executing from predefined address ◮ Bootloader is started ◮ Kernel is started ◮ Root filesystem is used Lots of things happen inbetween, that’s where the problems are. Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  5. Power on or Reset Hardware magic happens before CPU starts executing code: ◮ All relevant components are put into reset ◮ Reset brings components into defined state ◮ CPU start executing code after released from reset . . . but . . . ◮ There are multiple types of reset ◮ Well defined post-reset state allows for proper analysis ◮ Not well defined post-reset state is source of problems Make sure your hardware is reliable in the first place! Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  6. Tip: Reset routing ◮ Recurring problem! ◮ Reset is not connected properly to all components ◮ Often seen with MTD devices (SPI NOR) or SD/MMC cards ◮ Example: CPU boots from SPI NOR ◮ Software does a PP operation and feeds SPI NOR with data → Reset happens ⇒ Board does not boot – WHY? ⇒ Data corruption might happen – WHY? ◮ Naive solution: Send RESET opcode in software (FAILS!) ◮ Solution: CPU has reset output ◮ Connect it to the boot media reset input Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  7. Tip: Other boot media ◮ SD/eSD/MMC/eMMC: ◮ Verify EOL behavior → Must indicate bad blocks, not emit bad data ◮ Baked firmware problems ◮ NAND: ◮ First EB often guaranteed to be OK by vendor ◮ This might not extend to reprogramming of the first EB. ◮ Read the datasheet carefully ! ◮ First page is 1/2/4 KiB big ⇒ U-Boot SPL ◮ MLC NAND has even worse problems than SLC NAND Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  8. CPU executes code ◮ First code running on the CPU ◮ Might be executing from within the CPU (BootROM) ◮ Might be executing from external memory (NOR, FPGA, . . . ) BootROM: ◮ Facilitates loading from non-trivial media (SPI NOR, SD/MMC, RAW NAND, USB, Network, . . . ) ◮ Might provide facilities for verified and encrypted boot ◮ Often closed source ◮ Usually cannot be updated with fixes (ROM) Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  9. U-Boot SPL U-Boot SPL: ◮ First user-supplied code running ◮ Smaller size than U-Boot ◮ Function varies on per-device basis ◮ Does basic hardware initialization ◮ Loads payload from media, verifies it and executes it → Payload can be either U-Boot, Linux, . . . RAW NAND specifics: ◮ UBI doesn’t fit into first 4KiB of NAND ◮ U-Boot SPL does ECC, but doesn’t update NAND ◮ Multiple copies of U-Boot in NAND and update them ◮ Better: Store U-Boot in NOR, kernel and FS in NAND Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  10. U-Boot ◮ The size limits of SPL are almost non-existent ◮ Full support for filesystems (ext234, reiserfs, vfat. . . ) ◮ UBI and UBIFS support for NAND ◮ Supports verification and encryption ◮ fitImage support Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  11. Partial summary (1/3) ◮ Make sure your HW starts from a defined state ◮ Always verify the next payload ◮ Boot from reliable boot media (not RAW NAND) ◮ Never place anything important into RAW NAND Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  12. Common kernel image types ◮ zImage ◮ Prone to silent data corruption, which can go unnoticed ◮ Contains only kernel image ◮ In widespread use ◮ uImage (legacy) ◮ Weak CRC32 checksum ◮ Contains only kernel image ◮ In widespread use ◮ fitImage ◮ Configurable checksum algorithm ◮ Can be signed ◮ Contains arbitrary payloads (kernel, DTB, firmware. . . ) ◮ There is more ! ◮ Not used much :-( Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  13. The fitImage in detail ◮ Successor to uImage ◮ Descriptor of image contents based on DTS ◮ Can contain multiple files (kernels, DTBs, firmwares. . . ) ◮ Can contain multiple configurations (combo logic) ◮ New image features can be added as needed ◮ Supports stronger csums (SHA1, SHA256. . . ) ⇒ Protection against silent corruption ◮ U-Boot can verify fitImage signature against public key ⇒ Protection against tampering ◮ Linux build system can not generate fitImage :-( ◮ Yocto can not generate fitImage yet :-) Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  14. uImage vs. fitImage: Creation /dts-v1/; / { description = "Linux kernel"; #address-cells = <1>; images { kernel@1 { description = "Linux kernel"; data = /incbin/("./arch/arm/boot/zImage"); arch = "arm"; os = "linux"; type = "kernel"; compression = "none"; load = <0x8000>; entry = <0x8000>; hash@1 { algo = "sha1"; }; }; }; configurations { default = "conf@1"; conf@1 { description = "Boot Linux kernel"; kernel = "kernel@1"; hash@1 { algo = "sha256"; }; }; }; }; $ mkimage -f fit-image.its fitImage $ mkimage -A arm -O linux -T kernel -C none -a 0x8000 -e 0x8000 -n "Linux kernel" -d arch/arm/boot/zImage uImage Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  15. uImage vs. fitImage: Boot uImage => load mmc 0:1 ${loadaddr} uImage uImage => bootm ${loadaddr} fitImage => load mmc 0:1 ${loadaddr} fitImage fitImage => bootm ${loadaddr} ◮ uImage is easier to construct ◮ uImage does not need fit-image.its file ◮ uImage boot command is the same as fitImage one uImage wins thus far. . . Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  16. uImage vs. fitImage: Device Tree Blob ... / { images { ... + fdt@1 { + description = "Flattened Device Tree blob"; + data = /incbin/("./arch/arm/boot/dts/imx28-m28evk.dtb"); + type = "flat_dt"; + arch = "arm"; + compression = "none"; + hash@1 { + algo = "sha256"; + }; + }; ... }; configurations { conf@1 { ... + fdt = "fdt@1"; ... }; }; }; Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  17. uImage vs. fitImage: Boot with DT uImage => load mmc 0:1 ${loadaddr} uImage uImage => load mmc 0:1 ${fdtaddr} imx28-m28evk.dtb uImage => bootm ${loadaddr} - ${fdtaddr} fitImage => load mmc 0:1 ${loadaddr} fitImage fitImage => bootm ${loadaddr} ◮ fitImage allows an update of all boot components at the same time ◮ fitImage protects the DTB with a strong checksum (hash node) ◮ fitImage does not require change of the boot command here Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  18. fitImage: Multiple configurations ... / { images { kernel@1 {}; fdt@1 {}; fdt@2 {}; ... }; configurations { conf@1 { kernel = "kernel@1"; fdt = "fdt@1"; ... }; conf@2 { kernel = "kernel@1"; fdt = "fdt@2"; ... }; }; }; => bootm ${loadaddr}#conf@2 => bootm ${loadaddr}:kernel@2 ◮ fitImage can carry multiple predefined configurations ◮ fitImage allows for execution of config using the # (HASH) ◮ fitImage allows for direct execution of image using the : (COLON) Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

  19. fitImage: Firmware blobs ... / { images { ... + firmware@1 { + description = "My FPGA firmware"; + data = /incbin/("./firmware.rbf"); + type = "firmware"; + arch = "arm"; + compression = "none"; + hash@1 { + algo = "sha256"; + }; + }; ... }; }; => imxtract ${loadaddr} firmware@1 ${fwaddr} => fpga load 0 ${fwaddr} ◮ fitImage can contain multiple arbitrary firmware blobs ◮ fitImage protects them with strong checksums Marek Vaˇ sut < marex@denx.de > Secure and flexible boot with U-Boot bootloader

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure

Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure

Top 10 Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure Boot Theory Internal boot ROM 1 st stage boot loader N th stage Verify signature Optional decrypt boot loader OS / Application 2

517 views • 25 slides
Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15 Presentation licensed CC-By-SA-4.0 Why Secure Boot? How can we prevent running malware at boot? With Secure Boot! What if the machine is a VM in

303 views • 15 slides
Extending the Secure Boot Certificate and Signature Chain of Trust to the OS Fionnuala Gunter,

Extending the Secure Boot Certificate and Signature Chain of Trust to the OS Fionnuala Gunter,

Extending the Secure Boot Certificate and Signature Chain of Trust to the OS Fionnuala Gunter, fin.gunter@hypori.com Mimi Zohar, zohar@linux.vnet.ibm.com Secure Boot Chains of Trust Secure Boot places the root of PK trust in hardware

847 views • 16 slides
Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe

Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe

Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe 2016, 12.10.2016 Marc Kleine-Budde &lt;mkl@pengutronix.de&gt; Slide 1 - http://www.pengutronix.de - 13.10.2016 Why Verified Boot? Attractive hacking

774 views • 20 slides
HOST Secure Boot I ECE 525 Secure Boot Introduction Embedded system security can be partitioned

HOST Secure Boot I ECE 525 Secure Boot Introduction Embedded system security can be partitioned

HOST Secure Boot I ECE 525 Secure Boot Introduction Embedded system security can be partitioned into two categories: Security issues associated with the design Security issues associated with the system and application data once the

1.13k views • 25 slides
RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT.

RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT.

RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT. BOOT https://github.com/boot-clj/boot BOOT TEMPLATES boot -d seancorfield/boot-new new -t tenzing -n &lt;name&gt; [+a &lt;option&gt;]* $ cd

566 views • 22 slides
Setup For Failure: Defea0ng UEFI Secure Boot Corey

Setup For Failure: Defea0ng UEFI Secure Boot Corey

Setup For Failure: Defea0ng UEFI Secure Boot Corey Kallenberg @coreykal Sam Cornwell @ssc0rnwell Xeno Kovah @xenokovah John BuGerworth

1.22k views • 84 slides
I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device

I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device

I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device 3. The bootkit 4. Defending / Detecting 2 / 44 Introduction Vincent Works at KPN REDteam Likes Linux and low-level stu Located in Amsterdam

792 views • 44 slides
Trending Boot Technology The Most Determinate Piece of Equipment in Skiing is the Boot. Boots are

Trending Boot Technology The Most Determinate Piece of Equipment in Skiing is the Boot. Boots are

Trending Boot Technology The Most Determinate Piece of Equipment in Skiing is the Boot. Boots are the transmitters of body movement to the ski. Proper support, comfort, and performance application make the difference between a good day on the snow

431 views • 29 slides
Securing secure boot with System Management Mode Paolo Bonzini Red Hat, Inc. KVM Forum 2015

Securing secure boot with System Management Mode Paolo Bonzini Red Hat, Inc. KVM Forum 2015

Securing secure boot with System Management Mode Paolo Bonzini Red Hat, Inc. KVM Forum 2015 Outline UEFI overview Secure boot and SMM Chipset support: QEMU Hypervisor support: KVM Paolo Bonzini KVM Forum 2015 What is UEFI?

591 views • 29 slides
Dec 08 Backup Boot Flash Tools (BBF): Introduction Introduction The Backup Boot Flash (BBF) is

Dec 08 Backup Boot Flash Tools (BBF): Introduction Introduction The Backup Boot Flash (BBF) is

Dec 08 Backup Boot Flash Tools (BBF): Introduction Introduction The Backup Boot Flash (BBF) is an innovative SPI tool created by DediProg to force the application controller to work (read, program, update..) on the backup memory inserted in the

1.06k views • 17 slides
Master Boot Record (MBR) A Forensic Perspective Villanova University Department of

Master Boot Record (MBR) A Forensic Perspective Villanova University Department of

Master Boot Record (MBR) A Forensic Perspective Villanova University Department of Computing Sciences D. Justin Price Spring 2014 Master Boot Record Occupies the first 512-byte sector Boot Code Assembly Language

65 views • 6 slides
Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda What is Verified Boot? Description of Verified Boot Components Q&amp;A What Is Verified Boot? Verified Boot establishes a chain of

432 views • 19 slides
Flicker Free Boot Seamless boot for UEFI systems Presented by Hans de Goede Red Hat Desktop

Flicker Free Boot Seamless boot for UEFI systems Presented by Hans de Goede Red Hat Desktop

Flicker Free Boot Seamless boot for UEFI systems Presented by Hans de Goede Red Hat Desktop Hardware Enablement Team This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License Topics What / why? Pre-kernel:

434 views • 16 slides
Discover UEFI with U-Boot 2020-02-01, Heinrich Schuchardt CC-BY-SA-4.0 About Me

Discover UEFI with U-Boot 2020-02-01, Heinrich Schuchardt CC-BY-SA-4.0 About Me

Discover UEFI with U-Boot 2020-02-01, Heinrich Schuchardt CC-BY-SA-4.0 About Me Software-Consultant ERP, Supply Chain Contributor to U-Boot since 2017 Maintainer of the UEFI sub-system since 02/2019 I Want a Network Drive Many

598 views • 28 slides
Defeating Secure Boot with EMFI Ang Cui, PhD &amp; Rick Housley {a|r}@redballoonsecurity.com

Defeating Secure Boot with EMFI Ang Cui, PhD &amp; Rick Housley {a|r}@redballoonsecurity.com

Defeating Secure Boot with EMFI Ang Cui, PhD &amp; Rick Housley {a|r}@redballoonsecurity.com PROJECT 1. Open-source project to democratize EMFI research 2. 2 years of work so far PROJECT Disclaimer: BadFET-style EMFI research is

1.55k views • 126 slides
Chapter 6 Constraint Satisfaction Problems CS5811 - Artificial Intelligence Nilufer Onder

Chapter 6 Constraint Satisfaction Problems CS5811 - Artificial Intelligence Nilufer Onder

Chapter 6 Constraint Satisfaction Problems CS5811 - Artificial Intelligence Nilufer Onder Department of Computer Science Michigan Technological University Outline CSP problem definition Backtracking search for CSPs Problem structure and

1.01k views • 46 slides
Dracut A Generic Initramfs Infrastructure Harald Hoyer Red Hat Dracut Tools used on the

Dracut A Generic Initramfs Infrastructure Harald Hoyer Red Hat Dracut Tools used on the

Dracut A Generic Initramfs Infrastructure Harald Hoyer Red Hat Dracut Tools used on the system Event based with udev Generic across distributions Generic across hardware Nothing hardcoded Targets Boot any system

559 views • 22 slides
ttst rtss

ttst rtss

ttst rtss str rts t rr srs Prr

978 views • 53 slides
Overview of lecture series Background Introduction to Szumo Case study Semantic and

Overview of lecture series Background Introduction to Szumo Case study Semantic and

Overview of lecture series Background Introduction to Szumo Case study Semantic and implementation details Related concurrency models Ongoing and future work Laser 2005 - Summer School on 1 Software Engineering Goal

822 views • 56 slides
Lattice-based cryptanalysis Thijs Laarhoven mail@thijs.com http://www.thijs.com/ EiPSI seminar

Lattice-based cryptanalysis Thijs Laarhoven mail@thijs.com http://www.thijs.com/ EiPSI seminar

Lattice-based cryptanalysis Thijs Laarhoven mail@thijs.com http://www.thijs.com/ EiPSI seminar (February 11th, 2019) Lattices What is a lattice? O Lattices What is a lattice? b 2 b 1 O Lattices What is a lattice? b 2 b 1 O Lattices

1.59k views • 120 slides
Presented by Jason A. Donenfeld September 26, 2018 Who Who Am I? Am I? Jason Donenfeld,

Presented by Jason A. Donenfeld September 26, 2018 Who Who Am I? Am I? Jason Donenfeld,

Presented by Jason A. Donenfeld September 26, 2018 Who Who Am I? Am I? Jason Donenfeld, also known as zx2c4 . Background in exploitation, kernel vulnerabilities, crypto vulnerabilities, and been doing kernel-related development for a

785 views • 34 slides
Tools in Cryptanalysis of Hash Functions Application to SHA-256 Florian Mendel Institute for

Tools in Cryptanalysis of Hash Functions Application to SHA-256 Florian Mendel Institute for

Tools in Cryptanalysis of Hash Functions Application to SHA-256 Florian Mendel Institute for Applied Information Processing and Communications (IAIK) Graz University of Technology Inffeldgasse 16a, A-8010 Graz, Austria Outline Motivation 1

602 views • 42 slides
Outline Crypto basics Announcements intermission CSci 5271 Introduction to Computer Security

Outline Crypto basics Announcements intermission CSci 5271 Introduction to Computer Security

Outline Crypto basics Announcements intermission CSci 5271 Introduction to Computer Security Stream ciphers Day 15: Cryptography part 1: symmetric key Block ciphers and modes of operation Stephen McCamant Hash functions and MACs University

441 views • 9 slides

More recommend