justinlynn
commented
3 years ago This also needs porting to zero-gravitas and zero-colors branches which I'm happy to do once we've discussed if this is the right approach here.
Closed justinlynn closed 1 year ago
justinlynn
commented
3 years ago This also needs porting to zero-gravitas and zero-colors branches which I'm happy to do once we've discussed if this is the right approach here.
justinlynn
commented
2 years ago Hi team, is there anything else I can do here to judge interest in this patch? Is this something that might possibly be included?
loicpoulain
commented
2 years ago Hi @justinlynn, valid point! but I think it simply going to be configured as read-only instead. Note that for contribution to Linux kernel code, you need to add your 'Signed-of-by' tag in the commit message: https://www.kernel.org/doc/html/latest/process/submitting-patches.html#developer-s-certificate-of-origin-1-1
justinlynn
commented
2 years ago Understood and agreed. Will modify for compliance.
Eeems
commented
1 year ago @justinlynn @loicpoulain has there been any progress on getting this merged?
loicpoulain
commented
1 year ago @justinlynn @loicpoulain has there been any progress on getting this merged?
So OTP is normally read-only with latest releases/kernels (and not exposed through the legacy /sys/fsl... interface).
Eeems
commented
1 year ago @justinlynn @loicpoulain has there been any progress on getting this merged?
So OTP is normally read-only with latest releases/kernels (and not exposed through the legacy /sys/fsl... interface).
So this change is no longer required?
loicpoulain
commented
1 year ago @justinlynn @loicpoulain has there been any progress on getting this merged?
So OTP is normally read-only with latest releases/kernels (and not exposed through the legacy /sys/fsl... interface).
So this change is no longer required?
Indeed, the OTP is not writable anymore from userspace, as /sys/bus/nvmem/devices/imx-ocotp0/nvmem is read-only. So the proposed change was valid but is no longer required with latest releases.
justinlynn
commented
1 year ago Thanks everyone. If this is the case, happy to have this PR closed. 👍🏻
As everything on the RM devices runs as the root user, buggy scripts or other otherwise non-malicious activities could accidentally write to the OTP fuse files without limitation (exposed in
/sys/fsl_otp/). This could potentially brick devices, the only fix would involve board level rework to replace the SoC.Obviously, because everything runs as the root user, nothing stops malware from loading the module itself and doing the same thing but making the function a loadable module would prevent users from accidentally bricking their devices using simple file writes.
Users may still opt-in to access and program the eFuse OTP on the CPU, risking bricking their device, via loading the
fsl_otpkernel module.Please note that this resembles the motherboard bricking issues exposed recently by certain buggy UEFI BIOS implementations exposing their persistent variables in the filesystem. It's clearly unexpected behaviour for filesystem operations to brick or otherwise permanently damage hardware.
See https://web.archive.org/web/20201111165337/https://lwn.net/Articles/674940/ for additional context as to why that's relevant.