Re: Configuring for secure boot / Using bootchooser

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Sascha,

seems I ran into trouble (see below) with CONFIG_SHELL_NONE.

Am Montag, 20. Januar 2020, 20:53:51 CET schrieb Sascha Hauer:
> Hi Christian,
> 
> On Mon, Jan 20, 2020 at 05:38:36PM +0100, Christian Eggers wrote:
> > Board: phytec-som-imx6
> > 
> > I need to configure barebox in a way, that a malicious attacker can not
> > break into the system. It looks like I need to perform the following
> > steps:
> > 
> > 3. Prevent access to the barebox shell
> > --> CONFIG_CMD_LOGIN?
> > --> CONFIG_SHELL_NONE?
> 
> I wouldn't trust CONFIG_CMD_LOGIN that much. If you do, at least make
> sure to use a safe hash function for the password, i.e. not the default
> md5.
> Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
> do. This also forces you to program your boot process in C which helps
> you to get a well defined boot without diving into potentially unsafe
> shell commands.

I've tried to implement my boot process in C. Attaching the MTD partition to 
UBI and directly calling bootm_data() looks straightforward and seems to work.

	bootm_data_init_defaults(&data);
	data.os_file = "/dev/nand0.root.ubi.kernel";

	ret = bootm_boot(&data);
	if (ret) {
		printf("handler failed with: %s\n", strerror(-ret));
		goto error_return;
	}

Now I'm trying to integrate bootchooser. My first attempt was to call 
bootchooser directly from my barebox_main:

	bc = bootchooser_get();
	if (IS_ERR(bc))
		return PTR_ERR(bc);

	ret = bootchooser_boot(bc);

	bootchooser_put(bc);

Unfortunately this doesn't work, because there is no boot provider available 
for booting the result of bootchooser (e.g. "nand0.root.ubi.kernel").

>From the documentation of the "boot" command, this should be possible:

----------------8<---------------
BAREBOX_CMD_HELP_TEXT("BOOTSRC can be:")
BAREBOX_CMD_HELP_TEXT("- a filename under /env/boot/")
BAREBOX_CMD_HELP_TEXT("- a full path to a boot script")
BAREBOX_CMD_HELP_TEXT("- a device name")   
BAREBOX_CMD_HELP_TEXT("- a partition name under /dev/")  <---- tried this one
BAREBOX_CMD_HELP_TEXT("- a full path to a directory which")
BAREBOX_CMD_HELP_TEXT("   - contains boot scripts, or")
BAREBOX_CMD_HELP_TEXT("   - contains a loader/entries/ directory containing 
bootspec entries")
---------------->8---------------

Looking into bootentry_create_from_name() I didn't find how booting from "a 
device name" or "a partition name" can work.

Also using the shell doesn't help:
----------------8<---------------
barebox:/ boot nand0.root.ubi.kernel
Nothing bootable found on 'nand0.root.ubi.kernel'
Nothing bootable found
---------------->8---------------
So I'm able to run bootm_boot() directly from C, but I've not found a way to 
boot indirectly via bootchooser.

Any hints how I can use bootchooser from my own barebox_main() with 
CONFIG_SHELL_NONE?




_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux