[U-Boot] Password protection of U-Boot command line

Wolfgang Denk wd at denx.de
Sat Feb 11 21:14:18 CET 2012


Dear Frans,

In message <CACW_hTYv179qWbQUiuv_qQbE_bLy9b_H-qpZSbcjkPio9-2yzg at mail.gmail.com> you wrote:
>
> Graeme, if you want to keep people outisde the bootloader in a
> reasonably safe way and are developing your own hardware an option is
> to put the password in e.g. an eeprom and do a compare in u-boot.
> Of course a persistent hacker could retrieve the password but a casual
> user will not be able to enter.

For a "casual user" the existing CONFIG_AUTOBOOT_KEYED feature is
usually sufficient.

A "persistent hacker" will not be kept out in either of these ways if
he has access to the U-Boot command line.  If needed, he will install
or otherwise run code that skips these steps.

> Having the password in eeprom makes that it is not disclosed with the
> code, it can be changed etc. Just make sure users do not have easy
> (sw) access to the device the password resides in, so e.g.disable
> access one way or another.

You will still publish the code that implements these restrrictions,
so guess how difficult it is to work around it?

> One other way to prevent accidental access would be a jumper. If
> present no access to u-boot possible at all, if not present access is
> possible. And some stuff on it to view if it is tampered with.
> (if the jumper raises or lowers a gpio device on an i2c chip this can
> be easily detected in a u-boot script and depending on that action
> could be taken).

None of this is actually adding any kid of "security" or "protection"
to a device.  

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Horses just naturally have mohawk haircuts.


More information about the U-Boot mailing list