[Replicant] [PATCH 2/2] freedom-privacy-security-issues: TrustZone: Explain its issues.
Paul Kocialkowski
contact at paulk.fr
Sat Dec 16 15:00:33 UTC 2017
Hi,
Le samedi 16 décembre 2017 à 11:44 +0100, Denis 'GNUtoo' Carikli a
écrit :
> This explains the interaction between a signed bootloader and
> TrustZone.
See comments below.
> Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo at no-log.org>
> ---
> freedom-privacy-security-issues.php | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/freedom-privacy-security-issues.php b/freedom-privacy-
> security-issues.php
> index cf380d2..ee57822 100644
> --- a/freedom-privacy-security-issues.php
> +++ b/freedom-privacy-security-issues.php
> @@ -87,6 +87,7 @@
> However, it also occurs that the
> bootloaders are cryptographically signed with a private key.
> In that case, the bootrom will check
> the signature against a public key that cannot be replaced and only
> run the bootloader if the signature matches.
> That sort of tivoization prevents
> replacing pre-installed bootloaders, even when their sources are
> released as free software.
> + This is even more problematic when
> the bootloader is in charge of loading code into TrustZone as that
> code gives full control of the processor to software that is
> proprietary and/or cannot be modified.
I don't think we should be talking about TrustZone here in particular
bur rather talk about privileged execution environments in general. We
could rephrase it like this:
" This is even more problematic when the bootloader is in charge of
loading the privileged execution environment, such as TrustZone, as that
code gives full control of the processor to software that is proprietary
and cannot be modified."
Note that if the code cannot be modified, it is proprietary per-se.
> There are some good platforms that
> don't perform such signature checks and can run free bootloaders (e.g.
> Allwinner Ax, TI OMAP General-
> Purpose).
> </p>
--
Paul Kocialkowski,
developer of free digital technology and hardware support.
Website: https://www.paulk.fr/
Coding blog: https://code.paulk.fr/
Git repositories: https://git.paulk.fr/ https://git.code.paulk.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20171216/13625d2d/attachment.asc>
More information about the Replicant
mailing list