Open openoms opened 5 years ago
There is a recovery image provided with which the EEPROM can be updated if in doubt: https://www.raspberrypi.org/downloads/ Unfortunately I could not yet find a signature to verify it`s content let alone verifying the EEPROM without flashing.
Now there is a sha256 hash provided for the RPi4 bootloader image:
Will need to either reflash the boards with the verified image or find the way to clone it from the bootloader and check the hash.
@openoms any updates on this? Also, is there anything that can be done to protect one's machine from manipulation once it's running in production? (Understand you are just concerned about supply-chain attacks here.)
EDIT: Assuming you confirmed that this is indeed an issue, it seems that the auto-updates could also be an attack vector.
As Damian brought to our attention the RPi4 has a writable 512 KB EEPROM which can be tampered with: https://twitter.com/meeDamian/status/1179052293053792256 From the docs (https://www.raspberrypi.org/documentation/hardware/raspberrypi/booteeprom.md):
How could we verify what is there? also:
The Raspbian images contain a bootcode.bin so
the EEPROM should be ignored when it is present.EDIT: it rather seems that the RPi4 is always booting from the EEPROM regardless of the SDcard content.
Discussed in the RPi forum too: https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=253843