[U-Boot] Does U-boot support ASLR?

Scott Wood scottwood at freescale.com
Thu Feb 9 20:28:07 CET 2012


On 02/09/2012 12:58 PM, Mike Frysinger wrote:
> On Thursday 09 February 2012 13:37:15 Jason Markley wrote:
> 
> please don't top post, and keep the mailing list in cc
> 
>> I agree any proposal would need to be accompanied by good reasoning.
>> I'm honestly a little confused as to why a generally accepted security
>> feature such as ASLR would NOT be useful for u-boot.  U-boot has the
>> capability to interact with the outside world via the network as well as
>> the console.  When using the U-boot API, it also remains resident in
>> memory.  Wouldn't something like ASLR enhance the security posture of
>> U-boot in those situations?
> 
> u-boot is running in supervisor mode / ring 0 / etc...  you have full access 
> to the hardware with a simple `mw` command.  randomizing the address base of 
> u-boot doesn't gain you anything.  so no, i see no advantage of u-boot itself 
> utilizing ASLR regardless of what it interacts with.

This assumes that the full command line interface is enabled, and is the
mechanism of interaction in question.  It doesn't apply to interactions
over the network, special serial protocols, etc.

> ignoring this, there are two fundamental issues with ASLR:
>  - this early on, u-boot has very little (if no) entropy, so any attempts to 
> generate random numbers are going to be fairly predictable

This doesn't apply if there's a hardware random number generator -- and
even poor entropy is more effort to guess than a fixed address.

>  - scripts that u-boot runs at boot time often times need a chunk of memory to 
> load and boot stuff out of.  if u-boot could randomly be in the middle of that, 
> then your board now randomly fails to boot.  the only way around that would be 
> to have u-boot do virtual addresses, and that's clearly a non-starter.

You'd just need to document which areas U-Boot could be in, and which
areas are free for user use.

It probably doesn't make sense as default behavior, but I could see it
being useful in some situations.

-Scott



More information about the U-Boot mailing list