View Single Post
Old 08-21-2024, 06:40 AM   #15
pazos
cosiņeiro
pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.
 
Posts: 1,406
Karma: 2451781
Join Date: Apr 2014
Device: BQ Cervantes 4
We still don't now if SecureBoot is enabled (via efuse) on that board. The BSP might provide an u-boot source tree that's able to deal with verified boot but that isn't enough to enforce the chain of trust.

If uboot verifies the kernel but nothing verifies uboot it should be possible to overwrite uboot entirely.

Also we don't know what happens if the kernel signature doesn't match. Since u/NiMa has access to the serial port I would suggest to check:

1. If uboot prompt is available
2. There's no watchdog to trigger a reset on the AP after a few seconds standing at the uboot prompt
3. Try to load a kernel image to ram and jump to it, see what uboot does.
pazos is offline   Reply With Quote