#11061 BLOC 1.75-fi: OFW XO-1.75 - implement firmware update security
Zarro Boogs per Child
bugtracker at laptop.org
Wed Feb 29 18:41:34 EST 2012
#11061: OFW XO-1.75 - implement firmware update security
-------------------------------------------+--------------------------------
Reporter: wmb at firmworks.com | Owner: greenfeld
Type: defect | Status: new
Priority: blocker | Milestone: 1.75-firmware
Component: ofw - open firmware | Version: Development firmware
Resolution: | Keywords:
Next_action: test in build | Verified: 0
Deployment_affected: | Blockedby:
Blocking: |
-------------------------------------------+--------------------------------
Comment(by greenfeld):
I think a simpler question is what needs to be tested (and written up as a
testcase per Quozl) to verify this ticket?
I do not know much about the low-level security architecture besides:
1. There is a hardware write lock of some sort.
2. On 1.75, the EC and OFW EEPROMs are separated.
3. I can downgrade OFW and/or the EC of a locked XO using a developer
key to force said XO to process a signed update to the same on the next
reboot.
--
Ticket URL: <http://dev.laptop.org/ticket/11061#comment:10>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list