From: Stefano Babic <sbabic@denx.de>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 2/2] usbarmory: Add board_run_command() function
Date: Wed, 29 Jun 2016 11:20:09 +0200 [thread overview]
Message-ID: <577392C9.30806@denx.de> (raw)
In-Reply-To: <CAPnjgZ2LvrBiBdn+rd+gL4Vk_X6aw5S9ECkyH3B24a55SRTYcQ@mail.gmail.com>
Hi Simon,
On 28/06/2016 20:43, Simon Glass wrote:
> Hi,
>
> On 27 June 2016 at 03:38, Stefano Babic <sbabic@denx.de> wrote:
>> Hi Andrej,
>>
>> On 20/06/2016 18:18, Andrej Rosano wrote:
>>
>>>>
>>>> I ten to NACK this. You can do exactly the same with a U-Boot script,
>>>> and if you want to have this as default, you can change your default
>>>> environment. This is just a wrapper around the hush shell.
>>>
>>> The intention of the patch is to boot the kernel while having the CLI disabled
>>> (CONFIG_CMDLINE=n). The U-Boot script needs the CLI to be enabled AFAIK.
>>>
>>> It is better having the CLI disabled when using the Verified Boot, otherwise
>>> there are chances to bypass the FIT image verification (e.g. using md/mw
>>> commands in case are available):
>>
>> Why is it not enough to disable the CONSOLE ? I mean, if there is no
>> user interface (and this is done in a lot of ways, for example setting
>> stdin / stdout), there is no ways to bypass it because the interface is
>> not availabel. Or is there some other security issues I am not aware of ?
>
> It is an extra level of security - providing a very simple command
> execution instead of the general CLI. That is actually the original
> purpose of board_run_command(). E.g. for Chrome OS we had an option to
> either run the normal CLI or a simple (secure) one. Also see
> cli_process_fdt() which provides for a 'bootsecure' mode, controlled
> from the FDT.
I see, thanks for explanation. My fear is that the process diverges and
boards start to embed U-Boot scripts inside the code, letting them not
very maintainable. But I have understood the issue and I put this patch
for merging in my queue.
Best regards,
Stefano
--
=====================================================================
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sbabic at denx.de
=====================================================================
prev parent reply other threads:[~2016-06-29 9:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-20 15:21 [U-Boot] [PATCH 1/2] usbarmory: switch to using kernel zImage andrej at inversepath.com
2016-06-20 15:21 ` [U-Boot] [PATCH 2/2] usbarmory: Add board_run_command() function andrej at inversepath.com
2016-06-20 15:46 ` Stefano Babic
2016-06-20 16:18 ` Andrej Rosano
2016-06-27 10:38 ` Stefano Babic
2016-06-28 18:43 ` Simon Glass
2016-06-29 9:20 ` Stefano Babic [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=577392C9.30806@denx.de \
--to=sbabic@denx.de \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox