* [U-Boot] U-Boot TFTP protection
@ 2018-06-15 6:44 Stefan Johansson
2018-06-19 7:40 ` Lukasz Majewski
2018-06-19 22:03 ` Simon Glass
0 siblings, 2 replies; 3+ messages in thread
From: Stefan Johansson @ 2018-06-15 6:44 UTC (permalink / raw)
To: u-boot
Hello,
We have been looking at protecting U-Boot from (malicious) TFTP overwrites.
We want to do this after our ARMv7 U-Boot has relocated.
The memory map looks like this (I hope):
--------------------------- Top of DRAM
| U-Boot (Protected)
| -------------------------- U_Boot_start
| Heap (Protected)
| -------------------------- Start_Heap = U_Boot_start - Heap_Size
| Stack (Protected)
| -------------------------- Start_Stack = Start_Heap - Stack_Size
| Buffers (Protected)
| -------------------------- ???
| Free DRAM (Not Protected)
--------------------------- Start of DRAM
I seem to get lost in the code trying to find possible buffers, can you please give a hint how I can find the address "???"
Best Regards,
Stefan
^ permalink raw reply [flat|nested] 3+ messages in thread
* [U-Boot] U-Boot TFTP protection
2018-06-15 6:44 [U-Boot] U-Boot TFTP protection Stefan Johansson
@ 2018-06-19 7:40 ` Lukasz Majewski
2018-06-19 22:03 ` Simon Glass
1 sibling, 0 replies; 3+ messages in thread
From: Lukasz Majewski @ 2018-06-19 7:40 UTC (permalink / raw)
To: u-boot
Hi Stefan,
> Hello,
> We have been looking at protecting U-Boot from (malicious) TFTP
> overwrites. We want to do this after our ARMv7 U-Boot has relocated.
>
> The memory map looks like this (I hope):
>
> --------------------------- Top of DRAM
> | U-Boot (Protected)
> | -------------------------- U_Boot_start
> | Heap (Protected)
> | -------------------------- Start_Heap = U_Boot_start - Heap_Size
> | Stack (Protected)
> | -------------------------- Start_Stack = Start_Heap - Stack_Size
> | Buffers (Protected)
> | -------------------------- ???
> | Free DRAM (Not Protected)
> --------------------------- Start of DRAM
>
> I seem to get lost in the code trying to find possible buffers, can
> you please give a hint how I can find the address "???"
By default the tftp writes its data to the address pointed by the
"loadaddr" env variable.
printenv loadaddr
>
> Best Regards,
> Stefan
>
> _______________________________________________
> U-Boot mailing list
> U-Boot at lists.denx.de
> https://lists.denx.de/listinfo/u-boot
Best regards,
Lukasz Majewski
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180619/47c7331d/attachment.sig>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [U-Boot] U-Boot TFTP protection
2018-06-15 6:44 [U-Boot] U-Boot TFTP protection Stefan Johansson
2018-06-19 7:40 ` Lukasz Majewski
@ 2018-06-19 22:03 ` Simon Glass
1 sibling, 0 replies; 3+ messages in thread
From: Simon Glass @ 2018-06-19 22:03 UTC (permalink / raw)
To: u-boot
Hi Stefan,
On 15 June 2018 at 00:44, Stefan Johansson
<stefan.j.johansson@verisure.com> wrote:
>
> Hello,
> We have been looking at protecting U-Boot from (malicious) TFTP overwrites.
> We want to do this after our ARMv7 U-Boot has relocated.
>
> The memory map looks like this (I hope):
>
> --------------------------- Top of DRAM
> | U-Boot (Protected)
> | -------------------------- U_Boot_start
> | Heap (Protected)
> | -------------------------- Start_Heap = U_Boot_start - Heap_Size
> | Stack (Protected)
> | -------------------------- Start_Stack = Start_Heap - Stack_Size
> | Buffers (Protected)
> | -------------------------- ???
> | Free DRAM (Not Protected)
> --------------------------- Start of DRAM
>
> I seem to get lost in the code trying to find possible buffers, can you please give a hint how I can find the address "???"
Well gd->start_addr_sp is the stop of the stack. The size of the stack
is not necessarily fixed and will grow downwards from there. But I
suppose you could set a particular size and protect from start of DRAM
to to the assumed bottom of the stack area.
Regards,
Simon
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-06-19 22:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-15 6:44 [U-Boot] U-Boot TFTP protection Stefan Johansson
2018-06-19 7:40 ` Lukasz Majewski
2018-06-19 22:03 ` Simon Glass
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.