1 comment:
File src/soc/mediatek/mt8192/spm.c:
if (read32(&mtk_spm->md32pcm_dma0_src) != ptr ||
read32(&mtk_spm->md32pcm_dma0_dst) != pmem_start ||
read32(&mtk_spm->md32pcm_dma0_wppt) != pmem_words ||
read32(&mtk_spm->md32pcm_dma0_wpto) != dmem_start ||
read32(&mtk_spm->md32pcm_dma0_count) != total_words ||
read32(&mtk_spm->md32pcm_dma0_con) != MD32PCM_DMA0_CON_VAL) {
1. Slave mode won't be used in Chromebook. I save it for completing the mode selection. […]
If compared to "checking consistency", I'd rather always kick IM to refetch our trusted data.
Otherwise, I can imaging an exploit like
-> boot into developer mode
-> load a new malicious SPM firmware
-> reboot to normal (secure mode)
-> firmware sees SPM regs already in good shape and didn't reload
-> running malicious SPM in normal mode
To view, visit change 46389. To unsubscribe, or for help writing mail filters, visit settings.