Verified U-Boot on BBB?

DrewFustini · June 9, 2015, 7:22pm

Anyone familiar with doing "secure" boot on a BBB?

Someone raised the idea on another forum of secure boot on BBB:
http://www.element14.com/community/thread/43371/l/high-security-version-of-bbb

I came across this on LWN.net:

"Verified U-Boot"
https://lwn.net/Articles/571031/

It is from 2013 but does mention the BaegleBone Black:

"The crypto code is simple and does not deal with multiple indirections and
data conversions. In fact, it typically takes longer to hash a kernel
than it does to verify it using RSA. On a BeagleBone Black (OMAP4), it
takes about 6ms to verify a configuration and only adds 6.2KB to
U-Boot's code size."

It strikes me as wrong to equate BBB with OMAP4, but hopefully this
really is talking about the BBB.

thanks,
drew

RobertCNelson · June 9, 2015, 7:29pm

You'd have to special order the chips from TI... Unless your name is
Google/etc, i doubt you'd get access to it..

If you want a secure bbb, it's best to dump it in a gallon of apoxy,
then a bucket of cement, then drop into the ocean..

Not useful, but secure...

Regards,

Gerald_Coley1 · June 9, 2015, 7:41pm

The design and the processor do not support secure boot.

Gerald

DrewFustini · June 9, 2015, 8:07pm

…that may still be useful for OpenROV

thanks for the quick answer, Gerald and Robert.