[OLPC-devel] Secure BIOS on the OLPC

Ivan Krstić krstic at solarsail.hcs.harvard.edu
Fri Sep 1 10:12:15 EDT 2006


Carl-Daniel Hailfinger wrote:
> Can we be absolutely sure
> the EC code can't be tricked the same way?

The gist of it is that the EC doesn't set #SPIWP high on reboot, it just
starts with it high after being power cycled, and is set permanent-low
by the instruction; this keeps it low as long as the EC has power. The
EC can't be convinced it lost power: it either has it, or it doesn't,
and I can't see circumstances (that don't involve tampering with the
board physically) where the EC wouldn't have power and the rest of the
machine would. I'm aware of the concern, however, and if there's any
indication from our hardware folks that we can't do this securely, I
will revert to the original keys-pressed solution.

-- 
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D



More information about the Devel mailing list