A/B boot with secure U-Boot env for SWUpdate
819 views
Skip to first unread message
marin.doetterer
Oct 9, 2023, 4:20:37 PM10/9/23
to swupdate
Greetings,
While searching for an embedded update framework I came across SWUpdate.
The goal is to implement an OTA update for an A/B boot system.
It is important for me to meet the requirements for secure-boot, so that the attack vector for overwriteable u-boot env is bypassed.
As described in (https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf - page 18/45), " by default, the environment can be trusted only if it's in the U-Boot binary (ENV_IS_NOWHERE)".
I found in your mailing list the conversation about this topic (2021) where CONFIG_ENV_WRITEABLE_LIST and CONFIG_ENV_EMBEDDED are noted (https://groups.google.com/g/swupdate/c/jnX4x95yEs8).
Using "CONFIG_ENV_WRITEABLE_LIST" minimizes the attack vector, but it still poses a threat.
Unfortunately, I can't find any further information about CONFIG_ENV_EMBEDDED. Is this already supported by U-Boot?
Would you have any suggestions on how else to solve the problem with the U-Boot env variables?
Thanks a lot for your help!
Best regards,
Marin
While searching for an embedded update framework I came across SWUpdate.
The goal is to implement an OTA update for an A/B boot system.
It is important for me to meet the requirements for secure-boot, so that the attack vector for overwriteable u-boot env is bypassed.
As described in (https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf - page 18/45), " by default, the environment can be trusted only if it's in the U-Boot binary (ENV_IS_NOWHERE)".
I found in your mailing list the conversation about this topic (2021) where CONFIG_ENV_WRITEABLE_LIST and CONFIG_ENV_EMBEDDED are noted (https://groups.google.com/g/swupdate/c/jnX4x95yEs8).
Using "CONFIG_ENV_WRITEABLE_LIST" minimizes the attack vector, but it still poses a threat.
Unfortunately, I can't find any further information about CONFIG_ENV_EMBEDDED. Is this already supported by U-Boot?
Would you have any suggestions on how else to solve the problem with the U-Boot env variables?
Thanks a lot for your help!
Best regards,
Marin
Stefano Babic
Oct 9, 2023, 5:26:48 PM10/9/23
to marin.doetterer, swupdate
Hi Marin,
On 09.10.23 22:20, 'marin.doetterer' via swupdate wrote:
> Greetings,
>
> While searching for an embedded update framework I came across SWUpdate.
>
> The goal is to implement an OTA update for an A/B boot system.
>
> It is important for me to meet the requirements for secure-boot, so that
> the attack vector for overwriteable u-boot env is bypassed.
>
>
> As described in
> (https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf
> <https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf> - page
> 18/45), " by default, the environment can be trusted only if it's in the
> U-Boot binary (ENV_IS_NOWHERE)".
ENV_IS_NOWHERE simply means there is no environment at all. The scripts
/ variables are linked (as array of strings) into U-Boot, and no
environment is stored.
>
>
> I found in your mailing list the conversation about this topic (2021)
> where CONFIG_ENV_WRITEABLE_LIST and CONFIG_ENV_EMBEDDED are noted
> (https://groups.google.com/g/swupdate/c/jnX4x95yEs8).
> <https://groups.google.com/g/swupdate/c/jnX4x95yEs8).>
Right - as signed environment was up now rejected by U-Boot, because
this means that "saveenv" does not work anymore, or U-Boot should be
able to sign itself.
>
>
> Using "CONFIG_ENV_WRITEABLE_LIST" minimizes the attack vector, but it
> still poses a threat.
And which are the drawbacks ?
With CONFIG_ENV_WRITEABLE_LIST, you can add a single variable (used for
toggling the software) and you can fix the type (int) to avoid that an
attacker can attach a script. The only thing that can happen is that an
attacker is able to toggle to the other partition, but this can be made
unusable after a successful update.
Think about that kernel should be signed as well to have secure boot
working.
Which are still the issues you see with CONFIG_ENV_WRITEABLE_LIST ?
>
> Unfortunately, I can't find any further information about
> CONFIG_ENV_EMBEDDED.
What is this supposed to do ?
> Is this already supported by U-Boot?
What should be supported and what should be done ?
ENV_IS_NOWHERE is too simplistic: it just drop the environment.
There are also other use cases where toggling is done without U-Boot
environment (see CONFIG_SSBLSWITCH), using other structures or switching
boot partition (for MBR partition table), but there is no additional
protection compared to CONFIG_ENV_WRITEABLE_LIST.
>
>
> Would you have any suggestions on how else to solve the problem with the
> U-Boot env variables?
The problem was solved with CONFIG_ENV_WRITEABLE_LIST. If there is still
an issue, please expose it.
Best regards,
Stefano Babic
>
>
> Thanks a lot for your help!
>
> Best regards,
>
> Marin
>
> --
> You received this message because you are subscribed to the Google
> Groups "swupdate" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to swupdate+u...@googlegroups.com
> <mailto:swupdate+u...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/swupdate/MBxtpiMoG0miFCFAGblYJ-EzFCOE7w609PRLi79xkuzHA0LwBc6wTM3IO0R0STGLLFjtl4qEkFAx30QWGGHUanEo7hUmw6IIHZuz_RIFJh4%3D%40protonmail.com <https://groups.google.com/d/msgid/swupdate/MBxtpiMoG0miFCFAGblYJ-EzFCOE7w609PRLi79xkuzHA0LwBc6wTM3IO0R0STGLLFjtl4qEkFAx30QWGGHUanEo7hUmw6IIHZuz_RIFJh4%3D%40protonmail.com?utm_medium=email&utm_source=footer>.
On 09.10.23 22:20, 'marin.doetterer' via swupdate wrote:
> Greetings,
>
> While searching for an embedded update framework I came across SWUpdate.
>
> The goal is to implement an OTA update for an A/B boot system.
>
> It is important for me to meet the requirements for secure-boot, so that
> the attack vector for overwriteable u-boot env is bypassed.
>
>
> As described in
> (https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf
> <https://elinux.org/images/e/e0/Josserand-schulz-secure-boot.pdf> - page
> 18/45), " by default, the environment can be trusted only if it's in the
> U-Boot binary (ENV_IS_NOWHERE)".
/ variables are linked (as array of strings) into U-Boot, and no
environment is stored.
>
>
> I found in your mailing list the conversation about this topic (2021)
> where CONFIG_ENV_WRITEABLE_LIST and CONFIG_ENV_EMBEDDED are noted
> (https://groups.google.com/g/swupdate/c/jnX4x95yEs8).
Right - as signed environment was up now rejected by U-Boot, because
this means that "saveenv" does not work anymore, or U-Boot should be
able to sign itself.
>
>
> Using "CONFIG_ENV_WRITEABLE_LIST" minimizes the attack vector, but it
> still poses a threat.
With CONFIG_ENV_WRITEABLE_LIST, you can add a single variable (used for
toggling the software) and you can fix the type (int) to avoid that an
attacker can attach a script. The only thing that can happen is that an
attacker is able to toggle to the other partition, but this can be made
unusable after a successful update.
Think about that kernel should be signed as well to have secure boot
working.
Which are still the issues you see with CONFIG_ENV_WRITEABLE_LIST ?
>
> Unfortunately, I can't find any further information about
> CONFIG_ENV_EMBEDDED.
> Is this already supported by U-Boot?
ENV_IS_NOWHERE is too simplistic: it just drop the environment.
There are also other use cases where toggling is done without U-Boot
environment (see CONFIG_SSBLSWITCH), using other structures or switching
boot partition (for MBR partition table), but there is no additional
protection compared to CONFIG_ENV_WRITEABLE_LIST.
>
>
> Would you have any suggestions on how else to solve the problem with the
> U-Boot env variables?
an issue, please expose it.
Best regards,
Stefano Babic
>
>
> Thanks a lot for your help!
>
> Best regards,
>
> Marin
>
> You received this message because you are subscribed to the Google
> Groups "swupdate" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to swupdate+u...@googlegroups.com
> <mailto:swupdate+u...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/swupdate/MBxtpiMoG0miFCFAGblYJ-EzFCOE7w609PRLi79xkuzHA0LwBc6wTM3IO0R0STGLLFjtl4qEkFAx30QWGGHUanEo7hUmw6IIHZuz_RIFJh4%3D%40protonmail.com <https://groups.google.com/d/msgid/swupdate/MBxtpiMoG0miFCFAGblYJ-EzFCOE7w609PRLi79xkuzHA0LwBc6wTM3IO0R0STGLLFjtl4qEkFAx30QWGGHUanEo7hUmw6IIHZuz_RIFJh4%3D%40protonmail.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages