search

raspberrypi / rpi-eeprom

Installation scripts and binaries for the Raspberry Pi 4 and Raspberry Pi 5 bootloader EEPROMs
https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#raspberry-pi-boot-eeprom
Other
1.28k stars 205 forks source link

Feature request: Storing additional files in EEPROM #613

Open hailfinger opened 1 month ago

hailfinger commented 1 month ago

Describe the bug

The recently added cacertder option enables storing a CA Certificate DER encoded file in the EEPROM. This is a really nice feature and conceptually similar to a use case I'm facing: Sometimes, in an IoT fleet a SD card may die (age, temperature, ...) and the cryptographic key material and device configuration stored on it is gone as well. It would be cool if there was an option to store such info in the EEPROM so people could just put in a new SD card, use automatic HTTP boot to write an SD card image, then the newly written SD card image could restore device-specific data.

Alternatives: Non-key configuration data could theoretically be retrieved via https by the newly written image, however making cryptographic keys available for download is not exactly a best practice.

A single file with 4-8 kB size would suffice in my case (archive of keys+config).

Steps to reproduce the behaviour

Let a SD card die, use a blank SD card to re-provision a Pi 4B based IoT device via the awesome HTTP boot feature.

Device (s)

Raspberry Pi 4 Mod. B

Bootloader configuration.

[all] BOOT_UART=0 WAKE_ON_GPIO=1 POWER_OFF_ON_HALT=0

On some devices, IMAGER_REPO_URL is set to provide a custom image for writing to the SD card.

System

No response

Bootloader logs

No response

USB boot

No response

NVMe boot

No response

Network (TFTP boot)

No response

dividuum commented 1 month ago

Not the requested solution, but the boot loader config supports comments afaik, so you could embed it as a base64 blob in there like this:

# f00base64doobdedoob
timg236 commented 1 month ago

Yes mime-encoded blobs in the config file is the way to go here. Arbitrary user-data blobs in the SPI firmware was been ruled out because it limits the ability to do A/B booting and adds a lot of complexity to upgrades. However, we might be able to increase the config size limit to 16KB on Pi5 without too much difficulty.

hailfinger commented 1 month ago

Yes mime-encoded blobs in the config file is the way to go here. Arbitrary user-data blobs in the SPI firmware was been ruled out because it limits the ability to do A/B booting and adds a lot of complexity to upgrades. However, we might be able to increase the config size limit to 16KB on Pi5 without too much difficulty.

Thanks @dividuum @timg236 , I will try that.