Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update_server should provide current hashes of flash banks. #1353

Closed
lzrd opened this issue May 11, 2023 · 0 comments
Closed

Update_server should provide current hashes of flash banks. #1353

lzrd opened this issue May 11, 2023 · 0 comments

Comments

@lzrd
Copy link
Contributor

lzrd commented May 11, 2023
edited
Loading

RoT update_server should provide its current view of the stage0, A, and B flash banks.

On RoT, the unused trailing flash sectors are undefined to allow for flexibility in their future use.
The trailing sectors may be in the erased state or may hold content.

There is also a difference between the canonical byte stream that is signed and the byte stream of the contents of a flash bank which would include the signature block and may include trailing bytes in the last sector as well.

The NXP LPC55Sx also skips over one header field (IIRC) when computing the hash for signature verification.

Since we care about the contents of unused flash sectors because of their potential use in exfiltration attacks or for storing malicious code or data, we want the entire bank hashed.

This creates a bit more work during update to be able to predict the layout in the target device and hash given that we already have code to mirror the LPC55 signature verification routine.

It is suggested that update server return something like RotFlashContents below:

struct BankHash {
physaddr: u32,
length: u32,
hash: [u8; 32], // Make it clear what algorithm is in use with an appropriate type.
}

struct RotFlashContents {
stage0: BankHash,
a: BankHash,
b: BankHash,
}

stage1 (a.k.a. pre-kernel, a.k.a.) already computes the bank hashes prior to update_server's start. Update_server's primary function is to mutate those contents which makes the original stage1 information inaccurate during an update procedure.

Looking ahead, we would also want SPFlashContents, but that speculates on having the RoT implement measurement and bank selection policy enforcement against the SP using SWD. That's an issue for another day.
@lzrd lzrd mentioned this issue Mar 21, 2024
Merged
lzrd added a commit that referenced this issue Apr 30, 2024
@lzrd
Update RoT bootloader, a.k.a. stage0 (#1675)
0c001d4 
This PR has four commits to simplify reviewing.

- The first is Laura's macro to manipulate the HASHCRYPT interrupt
vector.
- 2nd is pre-main kernel changes to create a staging area for Bootleby
update and to validate the (now) four RoT flash banks and record those
results for use by update_server.
- 3rd are the API changes to support stage0 update including treating
the bootloader as a separate component with A (active) and B
(stage0next) banks.
  - last is the code in the RoT update_server to actually update stage0

Before merging this PR, Cargo.toml needs to be edited to reference the
gateway-message-service main branch.
Merging needs to be coordinated with an MGS merge.

Closes #1043, #1404, #1548, #1353,
@lzrd lzrd closed this as completed May 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lzrd