* [U-Boot] u-boot legacy/FIT/FIT+signature compatability
@ 2016-02-08 15:46 Troy Benjegerdes
2016-02-12 15:53 ` Simon Glass
0 siblings, 1 reply; 2+ messages in thread
From: Troy Benjegerdes @ 2016-02-08 15:46 UTC (permalink / raw)
To: u-boot
so I'm tracing through stuff on an am3517-evm board, and finding that with
a FIT image file that works without signature checking compiled in, when
I turn on sig checking, if it doesn't find a signature I just get a data
abort, *and* the resulting u-boot doesn't recognize old 'legacy' boot
images anymore either.
I get the point that if you have signatures on, you may not want to hand
over keys to decrypt secure filesystems if you try to boot an unsigned
image, but I think the fallbacks and backwards compatability could be
developed a little better, especially since why now that I have CONFIG_FIT
I now can't seem to load a legacy image.
--
----------------------------------------------------------------------------
Troy Benjegerdes 'da hozer' hozer at hozed.org
7 elements earth::water::air::fire::mind::spirit::soul grid.coop
Never pick a fight with someone who buys ink by the barrel,
nor try buy a hacker who makes money by the megahash
^ permalink raw reply [flat|nested] 2+ messages in thread
* [U-Boot] u-boot legacy/FIT/FIT+signature compatability
2016-02-08 15:46 [U-Boot] u-boot legacy/FIT/FIT+signature compatability Troy Benjegerdes
@ 2016-02-12 15:53 ` Simon Glass
0 siblings, 0 replies; 2+ messages in thread
From: Simon Glass @ 2016-02-12 15:53 UTC (permalink / raw)
To: u-boot
Hi Troy,
On 8 February 2016 at 08:46, Troy Benjegerdes <hozer@hozed.org> wrote:
> so I'm tracing through stuff on an am3517-evm board, and finding that with
> a FIT image file that works without signature checking compiled in, when
> I turn on sig checking, if it doesn't find a signature I just get a data
> abort, *and* the resulting u-boot doesn't recognize old 'legacy' boot
> images anymore either.
>
>
> I get the point that if you have signatures on, you may not want to hand
> over keys to decrypt secure filesystems if you try to boot an unsigned
> image, but I think the fallbacks and backwards compatability could be
> developed a little better, especially since why now that I have CONFIG_FIT
> I now can't seem to load a legacy image.
This would be a security hole - but you can turn off
CONFIG_DISABLE_IMAGE_LEGACY if you want to do that.
The data abort sounds like something to investigate. If you have the
PC address it might give you a clue as to what is going wrong.
There is a pretty detailed guide in beaglebone_vboot.txt.
>
>
> --
> ----------------------------------------------------------------------------
> Troy Benjegerdes 'da hozer' hozer at hozed.org
> 7 elements earth::water::air::fire::mind::spirit::soul grid.coop
>
> Never pick a fight with someone who buys ink by the barrel,
> nor try buy a hacker who makes money by the megahash
>
Regards,
Simon
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-02-12 15:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-02-08 15:46 [U-Boot] u-boot legacy/FIT/FIT+signature compatability Troy Benjegerdes
2016-02-12 15:53 ` Simon Glass
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox