On Wed May 7, 2025 at 11:36 PM IST, Andrew Davis wrote:
> On 5/6/25 10:33 PM, Anshul Dalal wrote:
>> On Tue May 6, 2025 at 8:03 PM IST, Andrew Davis wrote:
>>> On 4/28/25 9:12 AM, Anshul Dalal wrote:
>>>> Falcon mode was disabled for TI_SECURE_DEVICE at commit e95b9b4437bc
>>>> ("ti_armv7_common: Disable Falcon Mode on HS devices") for older 32-bit
>>>> HS devices and can be enabled on K3 devices.
>>>>
>>>> For secure boot, the kernel with x509 headers can be packaged in a fit
>>>
>>> "can be", this is the issue. Security is not just allowing methods that
>>> are security checked, but forcing the use of such methods. Setting
>>> OS_BOOT opens up several paths that look for non-FIT images. These
>>> images do not enforce authentication like FIT does. This means one can
>>> bypass secure boot when OS_BOOT is enabled by simply placing a non-FIT
>>> boot image on the boot media.
>>>
>>
>> As per spl_load_image_ext_os, the SPL first tries to load the file set
>> in falcon_args_file env variable but since it's not set in our case. And
>> the only way to set them is by rebuilding u-boot as uEnv.txt is not
>> supported at SPL stage.
>>
>> This means the SPL only loads CONFIG_SPL_FS_LOAD_ARGS_NAME and
>> CONFIG_SPL_FS_LOAD_KERNEL_NAME which are set as the DTB and fitImage
>
> What is stopping me from replacing the content of the file "fitImage"
> with a normal kernel image? When loading that image the file type
> will be detected as a normal kernel image and all FIT logic bypassed,
> including authentication, breaking our secure chain of trust.
>
> Andrew
That would require booti_setup to be executed in spl_parse_image_header,
which is not possible on the R5 SPL since the required config symbol
CMD_BOOTI is only available for ARM64 platforms.
In the worst case we end up loading a 32-bit zImage which wouldn't
boot on the Cortex-A cores anyway and would additionally require
enabling CMD_BOOTZ (currently disabled) at build time.
Regards,
Anshul
>
>> respectively. Following that, authentication is enforced during FIT
>> loading by the call to board_fit_image_post_process in load_simple_fit.
>>
>> So even if the fitImage was modified, boot would fail without valid
>> signatures on HS-SE devices.
>>
>> - Anshul
>>
>>>> container (fitImage) signed with TIFS keys for authentication.
>>>>
>>>> Signed-off-by: Anshul Dalal <ansh...@ti.com>
>>>> ---
>>>> common/spl/Kconfig | 2 +-
>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/common/spl/Kconfig b/common/spl/Kconfig
>>>> index c08045f9c8d..68e900e9b91 100644
>>>> --- a/common/spl/Kconfig
>>>> +++ b/common/spl/Kconfig
>>>> @@ -1165,7 +1165,7 @@ config SPL_ONENAND_SUPPORT
>>>>
>>>> config SPL_OS_BOOT
>>>> bool "Activate Falcon Mode"
>>>> - depends on !TI_SECURE_DEVICE
>>>> + depends on !TI_SECURE_DEVICE || ARCH_K3
>>>> help
>>>> Enable booting directly to an OS from SPL.
>>>> for more info read doc/README.falcon
>>
