[coreboot] GSoC 2010

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at gmx.net
Sun Mar 7 01:11:32 CET 2010


On 06.03.2010 23:57, Stefan Reinauer wrote:
> On 3/6/10 8:28 PM, Carl-Daniel Hailfinger wrote:
>   
>> On 06.03.2010 19:52, ron minnich wrote:
>>   
>>     
>>> It would be nice, if a flashrom is in there, to also have some sort of
>>> security too I think.
>>>
>>> Something that is not as easily compromised as the stuff that's out
>>> there now, which relies on security through obscurity.
>>>
>>> Is it even possible?
>>>   
>>>     
>>>       
>> Well, I implemented signature checking for coreboot (so that only signed
>> payloads would be executed).
>>   
>>     
> When coresystems developed our first version of hard crypto signature
> checking for firmware in 2007/2008 we explicitly decided to not check
> the payload but only let the payload check further stages. The reason
> was that if you're able to compromise the flash chip, you're able to
> reprogram coreboot just as well as the payload. Also, we didn't want
> feel comfortable to duplicate the amount of crypto code in the flash,
> and there is no serious mechanism around that protects only the
> bootblock, at least not on commonly used systems.
>   

Indeed.

> So I'm interested to hear your reasons to do this in coreboot itself...
> Is your code publically available somewhere?
>   

Code:
http://www.mail-archive.com/coreboot@coreboot.org/msg17372.html
Thesis by Rene Reuter:
http://sit.sit.fraunhofer.de/smv/publications/downloads/KonzeptTrustedBoot_Reuter.pdf
Reasons:
Basically, I did it for fun, and because Rene was stuck trying to
include OpenSSL in coreboot. I simply coded up a working alternative.
And yes, I agree that checking the payload is pointless if flash
protection is either full-on (not needed) or full-off (attacker can
modify coreboot itself). The only halfway reasonable use case would be
if coreboot is in a write protected part of the flash chip and the
payload is in an unprotected part of the flash chip.

Regards,
Carl-Daniel

-- 
"I do consider assignment statements and pointer variables to be among
computer science's most valuable treasures."
-- Donald E. Knuth





More information about the coreboot mailing list