[PATCH] Adding password protection to U-boot
Joerg Reisenweber
joerg at openmoko.org
Wed Jun 11 07:21:22 CEST 2008
Am Di 10. Juni 2008 schrieb Francesco Albanese:
> Hello,
>
> this is a patch for u-boot1.3.2rc2 compiled and patched using
> MMakefile. I've added a new command "lock" for setting a password to
> lock/unlock the access to the terminal and prevent flashing the device
> via DFU.
>
> Features:
>
> - Password stored as SHA256 non-salted hash and written in the env
> var. partition (a salting method can be added afterwards)
> - If the password is set, user is prompted for a password after a
> serial connection is established
> - If the device is locked down, a DFU flashing attempt will produce an
> on-screen error on the Neo
Anyway, remember you have TWO bootloaders to patch on FR: NAND *plus* NOR.
NOR can be flashed by debug board only. So maybe it's a good idea to
check/evaluate this patch and then use it for factory NOR-boot (password
unset of course). Otherwise it won't become a story of bold success.
btw: IMEI is a bad candidate for salt. Too predictable, no real random but a
small interval - not all existing and possible IMEIs are used on Neos. If you
think of GSM for random, maybe a few data of actual network conditions would
serve better, like cell-id of current and neighbour cells.
cheers
jOERG
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : http://lists.openmoko.org/pipermail/openmoko-devel/attachments/20080611/13562875/attachment.pgp
More information about the openmoko-devel
mailing list
