[U-Boot] UBI/UBIFS complete integrity check

[Lukasz Majewski <lukma@denx.de>]

Hi Liam,

> Hi Lukasz,
> 
> Thanks for taking the time to answer.
> 
> On 11/04/2017 05:17 PM, Lukasz Majewski wrote:
> > Hi Liam,
> >   
> >> Hi everyone,
> >>
> >> I'm currently using a UBIFS root file system (stored on SPI-NOR
> >> flash) and would like to perform a full integrity check before
> >> booting it. The rootfs is read-only and until now, I've been
> >> computing an md5sum on the whole mtd device from an initramfs and
> >> comparing it to a stored md5sum. If both md5sums don't match, I
> >> need to stop the boot process completely.
> >>
> >> If possible, I was hoping to drop initramfs and do the integrity
> >> check from U-Boot.  
> > 
> > U-boot has support for crc32 and sha1 (256). It should be possible
> > to do the integrity checking in it.
> > 
> > If you have more SDRAM than SPI-NOR, then you can calculate
> > sha1/crc32 of the whole memory.
> >   
> >> I know UBI/UBIFS does a CRC-32 of the data it writes to
> >> flash but the intent here is to prevent booting an image where
> >> even a _single bit_ of flash may have been corrupted.  
> > 
> > Ok. I see.
> >   
> >>
> >> My question is, does UBI/UBIFS have this kind of complete integrity
> >> check built-in?  
> > 
> > As fair as I'm aware - not. The only recent improvement was the
> > "encryption/decryption" support  
> 
> I don't think I have enough time right now but would this integrity
> check be an interesting feature to add?

It depends how "secure" your project needs to be...

It is just one of the options to consider.

> 
> >   
> >> If not, can I take advantage of these CRC-32,  
> > 
> > It may be hard to access UBI metadata (from PEB/LEB).
> >   
> >> to do
> >> something equivalent to my md5sum check from U-Boot.  
> > 
> > It may be possible to read the whole SPI-NOR Memory content to RAM,
> > calculate crc32/sha1 and compare with some stored value (e.g. in
> > u-boot envs). This all should be done with u-boot prompt.  
> 
> This was my backup plan. I should have enough RAM to do it.

Ok. Good.

> 
> >   
> >> Thanks,
> >>
> >> Liam Beguin
> >> Xiphos Systems Corp.
> >> http://xiphos.com
> >> _______________________________________________
> >> U-Boot mailing list
> >> U-Boot at lists.denx.de
> >> https://lists.denx.de/listinfo/u-boot  
> > 
> > 
> > 
> > Best regards,
> > 
> > Lukasz Majewski
> > 
> > --
> > 
> > DENX Software Engineering GmbH,      Managing Director: Wolfgang
> > Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell,
> > Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email:
> > wd at denx.de 
> 
> Thanks,
> 
> Liam Beguin
> Xiphos Systems Corp.
> http://xiphos.com
> 



Best regards,

Lukasz Majewski

--

DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20171106/9dcffa00/attachment.sig>