From mboxrd@z Thu Jan 1 00:00:00 1970 From: Simon Glass Date: Thu, 2 Aug 2018 06:52:27 -0600 Subject: [U-Boot] U-Boot: Verified Boot: signed configuration and mix and match attack In-Reply-To: References: Message-ID: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi Johann, On 31 July 2018 at 02:22, Johann Neuhauser wrote: > Dear U-Boot devs, > > I've setup verified boot on a imx6 board and want to protect my device against the "mix and match" attacks mentioned in "doc/uImage.FIT/signature.txt". > That's why I have only implemented signed configurations and no signed images as in doc/uImage.FIT/signed-configs.its. > My public key in my embedded fdt has the property required = "conf"; > > Booting a signed config with "bootm ${loadaddr}#conf at 1" and an embedded public key required for configurations does work as expected and do fail to boot if I modify the config, image, hash, signature and so on. > > If I boot any fit image(signed and unsigned) for example with "bootm ${loadaddr}:kernel at 1 - fdt at 1" to select the subimages directly, I could boot every image combination without signature verification although a signature is enforced for a configuration. > > Is this the expected behavior? > > I thought if I had set the public key in in the embedded fdt as required for configurations, bootm does only boot signed configurations and no subimages directly... I don't think there is any restriction on that at the moment. You are explicitly asking to boot particular images rather than a config. So I suppose it would be odd if U-Boot tried to enforce a config. Are you thinking it should try to find a config that has those images in it? But why not just specify the config to bootm? Bear in mind also that users don't have access to the U-Boot command line when using verified boot, so they wouldn't be able to type this command. Regards, Simon