[U-Boot] U-Boot: Verified Boot: signed configuration and mix and match attack

[Simon Glass]

Hi Johann,

On 31 July 2018 at 02:22, Johann Neuhauser <jneuhauser at dh-electronics.de> wrote:
> Dear U-Boot devs,
>
> I've setup verified boot on a imx6 board and want to protect my device against the "mix and match" attacks mentioned in "doc/uImage.FIT/signature.txt".
> That's why I have only implemented signed configurations and no signed images as in doc/uImage.FIT/signed-configs.its.
> My public key in my embedded fdt has the property required = "conf";
>
> Booting a signed config with "bootm ${loadaddr}#conf at 1" and an embedded public key required for configurations does work as expected and do fail to boot if I modify the config, image, hash, signature and so on.
>
> If I boot any fit image(signed and unsigned) for example with "bootm ${loadaddr}:kernel at 1 - fdt at 1" to select the subimages directly, I could boot every image combination without signature verification although a signature is enforced for a configuration.
>
> Is this the expected behavior?
>
> I thought if I had set the public key in in the embedded fdt as required for configurations, bootm does only boot signed configurations and no subimages directly...

I don't think there is any restriction on that at the moment. You are
explicitly asking to boot particular images rather than a config. So I
suppose it would be odd if U-Boot tried to enforce a config. Are you
thinking it should try to find a config that has those images in it?
But why not just specify the config to bootm?

Bear in mind also that users don't have access to the U-Boot command
line when using verified boot, so they wouldn't be able to type this
command.

Regards,
Simon