U-Boot Verified Boot vulnerability: CVE-2020-10648

March 18, 2020 ~ hucktech ~ Leave a comment

Excerpt from comments in part1 of patch:

When booting a FIT, if ‘bootm’ is used without a specified configuration, U-Boot will use the default one provided in the FIT. But it does not actually check that the signature is for that configuration. This means that it is possible to duplicate a configuration conf-1 to produce conf-2 (with all the signatures intact), set the default configuration to conf-2 and then boot the image. U-Boot will verify conf-2 (in fact since hashed-nodes specifies the conf-1 nodes it will effectively verify conf-1). Then it will happily boot conf-2 even though it might have a different kernel. This series corrects this problem and adds a test to verify it. It also updates fit_check_sign to allow the configuration to be specified. This vulnerability was found by Dmitry Janushkevich and Andrea Barisani of F-Secure, who also wrote the vboot_forge script included here. This is CVE-2020-10648. […]

https://lists.denx.de/pipermail/u-boot/2020-March/403409.html

No useful info yet:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10648
https://bugs.launchpad.net/bugs/cve/2020-10648

U-Boot v2018.11 released

November 20, 2018 ~ hucktech ~ Leave a comment

Tom Rini of Konsulko announced the latest release of U-Boot, including a bit of info about the two recent CVEs:

[…]I’m going to mention here as well that both CVE-2018-18439 and CVE-2018-18440 exist and are issues. As a community we’re still working on more robust fixes to them, but I want to thank Simon Goldschmidt for taking the lead on coming up with code changes for them. In the immediate term (and for older releases) note that the filesystem-based attack can be mitigated by passing a maximum size to the load command.[…]

https://lists.denx.de/pipermail/u-boot/2018-November/347424.html

Wolfgang Denk of DENX has some stats about the release at:

https://lists.denx.de/pipermail/u-boot/2018-November/347506.html

Bushwhacking your way around a bootloader

November 16, 2018 ~ hucktech ~ Leave a comment

My #Blackhoodie18 slides on u-boot bootloader bushwhacking & my corresponding analysis tools are now available @ https://t.co/k9vOiT7Tvr

— .bx (ʇoqoɹ ɐ ʇou) (@bxsays) November 16, 2018

Tools and techniques for traversing treacherous code bases
– or- How I managed to develop understanding of U-Boot

Click to access blackhoodie-slides-bx.pdf

libcyres: Interface to Cyres, to be consumed by U-Boot, OP-TEE, and UEFI. Contains routines to manipulate and pass certificate chains between boot stages.

November 14, 2018 ~ hucktech ~ Leave a comment

Jordan Rhee of Microsoft has created a new project. All the documentation was used for the Title.

https://github.com/jordanrh1/libcyres

Now I’m wondering what Project Cyres is.

CVE-2018-18440 and CVE-2018-18439: U-Boot boundary checks

November 2, 2018 ~ hucktech ~ Leave a comment

We published a security advisory concerning U-Boot issues that allow secure/verified boot bypass.

CVE-2018-18440: U-Boot insufficient boundary checks in filesystem image load

CVE-2018-18439: U-Boot insufficient boundary checks in network image boothttps://t.co/VdXZvGNXjx

— Andrea Barisani (@AndreaBarisani) November 2, 2018

CVE-2018-18440: U-Boot insufficient boundary checks in filesystem image load

CVE-2018-18439: U-Boot insufficient boundary checks in network image boot

https://github.com/inversepath/usbarmory/blob/master/software/secure_boot/Security_Advisory-Ref_IPVR2018-0001.txt

Asset InterTech: Using U-boot as production test strategy — really?

November 1, 2018 ~ hucktech ~ Leave a comment

Using U-boot as production test strategy — really? https://t.co/Qdkeb67dMO

— ASSET InterTech (@ASSETInterTech) November 1, 2018

https://blog.asset-intertech.com/test_data_out/2018/11/using-u-boot-as-production-test-strategy-really.html

[…]Here is where I see a dilemma with using U-Boot for test. First I have to build U-Boot, and second have enough of the system operational, DDR (DDR controller/PHY) and SD flash interface etc. before testing can begin. Testing often involves non-operational system or minimally functionally operational hardware. The use of U-Boot expects a significant portion of the target hardware operational.

Second, assuming that you were successful in building U-Boot you now need to load it on the flash of the UUT. Be sure to follow the below warning. If U-Boot is already installed and running on your board, you can use these instructions to download another U-Boot image to replace the current one.

Warning: Before you can install the new image, you must erase the current one. If anything goes wrong your board will be dead. It is strongly recommended that you have a backup of the old, working U-Boot image or you know how to install an image on a virgin system.

Next U-Boot has limited testing capabilities.[…]

U-Boot v2018.11-rc1 released

October 16, 2018October 16, 2018 ~ hucktech ~ Leave a comment

The RC of the November release of U-Boot is out. Usually, you basically haev to follow the U-Boot mailing list to track changes, but this announcement was more verbose than normal:

List of changes between -rc1 and -rc2:

– The SPI-NAND changes have fully been integrated now.
– ARM Versatile Express updates
– QEMU support in RiscV
– Rockchip updates
– fixes to rkimage for SPL boot via USB
– fixes to make_fit_atf.py, incl. entry-point calculation and python3 compatibility
– OP-TEE support for ARMv7-based SoCs
– fixes to RGMII/GMII selection on the RK3328
– ARC updates
– CPU and board info prints
– Synopsys IoT development kit support
– Take care of global uninitialized variables.
– Add support for SD-card detection on all ARC boards
– R-Mobile, SoCFPGA updates
– Sandbox SPL/TPL support
– Various DM, Test updates.
– Various general ARM, Meson, TI K2/K3 updates
– OP-TEE AVB support

We’re looking at release on November 12th, 2018.

https://lists.denx.de/pipermail/u-boot/2018-October/342659.html

ARM: the boot problem

September 14, 2018 ~ hucktech ~ Leave a comment

The Boot Problem – Diversity is good, but one historical downside of the Arm ecosystem has been a tendency towards fragmentation. Read more here https://t.co/lfwGe7mMhu

— Linaro (@LinaroOrg) September 13, 2018

https://www.linaro.org/blog/the-boot-problem/

https://github.com/ARM-software/ebbr

CVE-2018-3968: Cisco using outdated U-boot in Cujo

August 2, 2018 ~ hucktech ~ Leave a comment

Let’s hope Cisco Talos will let Mitre/NVD about the details soon. No info on the Talos or Cisco security sites, nor even *Twitter*!, AFAICT. 🙂

https://lists.denx.de/pipermail/u-boot/2018-August/336973.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3968

——– Forwarded Message ——–
Subject: [U-Boot] Talos Security Advisory (TALOS-2018-0633/CVE-2018-3968 )
Date: Thu, 2 Aug 2018 18:52:03 +0000

Hello,

Cisco Talos team discovered a security issue impacting Cujo product using an outdated version of U-boot. We’ve assigned a CVE for this issue (CVE-2018-3968) and have attached a copy of the security advisory provided to Cujo.

U-Boot v2018.07 released …with Spectre work-arounds

July 10, 2018 ~ hucktech ~ Leave a comment

Tom Rini announced the latest release of U-Boot, on the u-boot mailing list:

[…]On the ARM side of things, we have the framework in, and in some cases, it is now enabled, what portion of the “Spectre” work-arounds. Since dealing with the issues entirely is a system-level problem and not just “whack some bits once and you’re good” I want to stress that to deal with the issue entirely you’re going to need more than just these changes enabled.[…]

[IMO, the U-Boot project has terse release announcements; to really understand what is new in U-Boot, you have to diff the sources and track all the current patches and issues on the mailing list, and the list is high-traffic and one of the main posters does not have an email client that properly supports threading…]

More info:
https://lists.denx.de/pipermail/u-boot/2018-July/334014.html
http://git.denx.de/?p=u-boot.git
ftp://ftp.denx.de/pub/u-boot/
https://www.denx.de/wiki/U-Boot/

PS: Most recent set of U-Boot release stats:

https://www.denx.de/wiki/U-Boot/UbootStat_2018_07

CVE-2018-1000205: U-Boot, Verified Boot input validation

June 28, 2018 ~ hucktech ~ Leave a comment

Re: https://firmwaresecurity.com/2018/06/26/cve-2018-1000205-u-boot/

and https://firmwaresecurity.com/2018/06/07/teddy-reed-on-u-boots-verified-boot/

There is now a description for the CVE. Ah, this makes sense, the Verified Boot issues that Teddy Reed brought up earlier:

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000205

https://lists.denx.de/pipermail/u-boot/2018-June/330454.html

https://lists.denx.de/pipermail/u-boot/2018-June/330898.html

CVE-2018-1000205: U-Boot

June 26, 2018 ~ hucktech ~ 1 Comment

“This vulnerability has been received by the NVD and has not been analyzed.”

https://nvd.nist.gov/vuln/detail/CVE-2018-1000205

bootloader_instrumentation_suite: [U-Boot] Bootloader research tools (very much a work in progress)

June 22, 2018 ~ hucktech ~ Leave a comment

My instrumentation toolsuite (now named Fiddle) still lacks an up-to-date README, but now has example targets (uboot/arm + test.c for multiple archs (writes only traced in arm)). Requires radare2 + gdb w/ python2. Run https://t.co/g2fXynKIkQ to install. https://t.co/Ywx8sSQ7Kf

— .bx (ʇoqoɹ ɐ ʇou) (@bxsays) June 22, 2018

A friendly reminder that this is research code (i.e., a brittle pile of crap), so it will probably be a headache both to get it to work and to work with. I plan on quietly and slowly updating the tools and documentation when I can find spare the time to do so.

— .bx (ʇoqoɹ ɐ ʇou) (@bxsays) June 22, 2018

https://github.com/bx/bootloader_instrumentation_suite

This test suite helps you keep track of different versions of
u-boot/build tools, static analysis of that build’s binaries, and
runtime trace results of running that binary on a given hardware
configuration. For each u-boot/build configuration it keeps a database
of information it statically gathered for each boot stage, boot stage
images/ELF files, a prepared SD card image, and test results of
runtime trace analyses. If it detects changes in the u-boot source or
build tools it will create a new set of test result directories with a
new sdcard image and static analysis results.

REcon U-Boot talk, slides uploaded [temporarily]

June 20, 2018 ~ hucktech ~ Leave a comment

.@bxsays did a really awesome talk on her work on instrumenting uboot memory writes in order to express memory policies to harden bootloaders at @reconmtl and the slides (missing during the talk due to technical issues) are now available and pretty spectacular clarifying things. https://t.co/1ckEJvxhEL

— o̶ (@Chican3ry) June 19, 2018

The slides I created for my @reconmtl talk are now available at: https://t.co/1OhVVQO7PC
Get them before the school deletes my account ; )

— .bx (ʇoqoɹ ɐ ʇou) (@bxsays) June 16, 2018

Click to access recon.pdf

Teddy Reed on U-Boot’s Verified Boot

June 7, 2018 ~ hucktech ~ 1 Comment

Teddy Reed, author of UEFI Firmware Parser, among other things, has some U-Boot Verified Boot issues:

Verified boot production uses question

Hi all, question, is anyone using the U-Boot verified-boot in production? I am using configuration verification for several OpenCompute/OpenBMC boards. After a deep-dive review I found some edge cases that in rare circumstances could lead to a signature check bypass. I think this is low-risk at best since the scenario requires special hardware behavior to exist. Our board were susceptible in the general sense, but we had implemented some additional sanity checks on the FIT structures that
prevented this. There are some proposed changes that attempt to mitigate this [1], [2], [3]. Any one of these changes mitigates the bypass scenario. If you don’t mind reaching out to me I can share the exact situation/details.

[1] https://lists.denx.de/pipermail/u-boot/2018-June/330454.html
[2] https://lists.denx.de/pipermail/u-boot/2018-June/330487.html
[3] https://lists.denx.de/pipermail/u-boot/2018-June/330599.html

https://lists.denx.de/pipermail/u-boot/2018-June/330898.html

Android bootloader flow documentation published

May 28, 2018 ~ hucktech ~ Leave a comment

Alex Deymo notes that the Android project has more documentation on their boot process, and posted about it on the U-Boot mailing list:

“Just an FYI, earlier this month the team spent some time polishing and publishing in source.android.com documentation about the flows the bootloader goes through in Android, specially true for stock Android like in Pixels phones or other devices based of recent AOSP versions. This documentation includes the interaction between userspace and the bootloader such as the properties userspace expects when booting A/B devices, the whole A/B flow, the bootloader message in the misc partition (BCB), how they interact with the “recovery mode” in Android and much more.

https://lists.denx.de/pipermail/u-boot/2018-May/329886.html

https://source.android.com/devices/bootloader/

U-Boot gets Android Verified Boot (AVB) 2.0

April 26, 2018 ~ hucktech ~ Leave a comment

Igor Opaniuk of Linaro posted a patch to the U-Boot list, adding Android Verified Boot 2.0 support:

This series of patches introduces support of Android Verified B oot 2.0,which provides integrity checking of Android partitions on MMC. It integrates libavb/libavb_ab into the U-boot, provides implementation of AvbOps, subset of `avb` commands to run verification chain (and for debugging purposes), and it enables AVB2.0 verification on AM57xx HS SoC by default. Currently, there is still no support for verification of A/B boot slots and no rollback protection (for storing rollback indexes there are plans to use eMMC RPMB). Libavb/libavb_ab will be deviated from AOSP upstream in the future, that’s why minimal amount of changes were introduced into the lib sources, so checkpatch may fail. For additional details check [1] AVB 2.0 README and doc/README.avb2, which is a part of this patchset.[…]

https://lists.denx.de/pipermail/u-boot/2018-April/326562.html

GlobalLogic: U-Boot and Android Verified Boot

April 7, 2018 ~ hucktech ~ Leave a comment

Noticed a new document on Slideshare on U-Boot and AVB:

U-boot and Android Verified Boot 2.0 from GlobalLogic Ukraine

Verified Boot – Introduction to U-Boot’s Secure Boot

March 22, 2018 ~ hucktech ~ Leave a comment

Verified Boot – Introduction to U-Boot’s Secure Boot
Submitted by admin on Sun, 09/24/2017 – 13:37

First things first, Uboot for the uninitiatited is an open source bootloader that is commonly used on Linux ARM, and MIPS systems, but has roots in the PowerPC (PPC) days. It supports a number of computer architectures and is secretly hiding away in many devices you or I use everyday (e.g., home routers).[…]

https://www.pacificsimplicity.ca/blog/verified-boot-%E2%80%93-introduction-u-boot%E2%80%99s-secure-boot

Emulating Exynos 4210 BootROM in QEMU

March 7, 2018 ~ hucktech ~ Leave a comment

New article : Emulating #Exynos 4210 #BootROM in #QEMU https://t.co/TWGbGO9C1F #retrohacking #arm #android #samsung #security pic.twitter.com/ZIPhaopNl5

— You (@zeewox) March 7, 2018

[…]This project allows to debug BootROM dynamically with GDB. It has been helpful for analyzing secure boot mechanism that loads and authenticates the next stage from flash memory.[…]

Nicely-written. Includes coverage of U-Boot and U-Boot Secure Boot.

https://www.fredericb.info/2018/03/emulating-exynos-4210-bootrom-in-qemu.html#emulating-exynos-4210-bootrom-in-qemu
https://github.com/frederic/qemu-exynos-bootrom

Exynos 4 Dual 45nm

PS: I just learned about this blog. Catching up, there are some interesting older posts, eg:

Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM
https://www.fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html#amlogic-s905-soc-bypassing-not-so