123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191 |
- <!DOCTYPE html>
- <html>
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <style type="text/css">
- @import url('../css/main.css');
- </style>
- <title>Notes about DMA and the docking station (X60/T60)</title>
- </head>
- <body>
- <div class="section">
- <h1>Notes about DMA and the docking station (X60/T60)</h1>
- </div>
- <div class="section">
- <pre>
- Use case:
- ---------
- Usually when people do full disk encryption, it's not really full disk,
- instead they still have a /boot in clear.
- So an evil maid attack can still be done, in two passes:
- 1) Clone the hdd, Infect the initramfs or the kernel.
- 2) Wait for the user to enter its password, recover the password,
- luksOpen the hdd image.
- I wanted a real full-disk encryption so I've put grub in flash and I
- have the following: The HDD has a LUKS rootfs(containing /boot) on an
- lvm partition, so no partition is in clear.
- So when the computer boots it executes coreboot, then grub as a payload.
- Grub then opens the LUKS partition and loads the kernel and initramfs
- from there.
- To prevent hardware level tempering(like reflashing), I used nail
- polish with a lot of gilder, that acts like a seal. Then a high
- resolution picture of it is taken, to be able to tell the difference.
- The problem:
- ------------
- But then comes the docking port issue: Some LPC pins are exported
- there, such as the CLKRUN and LDRQ#.
- LDRQ# is "Encoded DMA/Bus Master Request": "Only needed by
- peripherals that need DMA or bus mastering. Requires an
- individual signal per peripheral. Peripherals may not share
- an LDRQ# signal."
- So now DMA access is possible trough the dock connector.
- So I want to be able to turn that off.
- If I got it right, the X60 has 2 superio, one is in the dock, and the
- other one is in the laptop, so we have:
- ________________
- _________________ | |
- | | | Dock connector:|
- |Dock: NSC pc87982|<--LPC--->D_LPC_DREQ0 |
- |_________________| |_______^________|
- |
- |
- |
- |
- ___________________|____
- | v |
- | SuperIO: DLDRQ# |
- | NSC pc87382 LDRQ# |
- |___________________^____|
- |
- |
- |
- |
- ___________________|___
- | v |
- | Southbridge: LDRQ0 |
- | ICH7 |
- |_______________________|
- The code:
- ---------
- Now if I look at the existing code, there is some superio drivers, like
- pc87382 in src/superio/nsc, the code is very small.
- The only interesting part is the pnp_info pnp_dev_info struct.
- Now if I look inside src/mainboard/lenovo/x60 there is some more
- complete dock driver:
- Inside dock.c I see some dock_connect and dock_disconnect functions.
- Such functions are called during the initialisation (romstage.c) and
- from the X60 SMI handler (smihandler.c).
- Questions:
- ----------
- 1) Would the following be sufficent to prevent DMA access from the
- outside:
- > int dock_connect(void)
- > {
- > int timeout = 1000;
- > + int val;
- > +
- > + if (get_option(&val, "dock") != CB_SUCCESS)
- > + val = 1;
- > + if (val == 0)
- > + return 0;
- > [...]
- > }
- >
- > void dock_disconnect(void) {
- > + if (dock_present())
- > + return;
- > [...]
- > }
- 2) Would an nvram option be ok for that? Should a Kconfig option be
- added too?
- > config DOCK_AUTODETECT
- > bool "Autodetect"
- > help
- > The dock is autodetected. If unsure select this option.
- >
- > config DOCK_DISABLED
- > bool "Disabled"
- > help
- > The dock is always disabled.
- >
- > config DOCK_NVRAM_ENABLE
- > bool "Nvram"
- > help
- > The dock autodetection is tried only if it is also enabled
- > trough nvram.
- </pre>
- </div>
- <div class="section">
- <p>
- Copyright © 2014, 2015 Leah Rowe <info@minifree.org><br/>
- Permission is granted to copy, distribute and/or modify this document
- under the terms of the GNU Free Documentation License, Version 1.3
- or any later version published by the Free Software Foundation;
- with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
- A copy of the license can be found at <a href="../gfdl-1.3.txt">../gfdl-1.3.txt</a>
- </p>
- <p>
- Updated versions of the license (when available) can be found at
- <a href="https://www.gnu.org/licenses/licenses.html">https://www.gnu.org/licenses/licenses.html</a>
- </p>
- <p>
- UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
- EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
- AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
- ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
- IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
- WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
- PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
- ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
- KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
- ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
- </p>
- <p>
- TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
- TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
- NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
- INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
- COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
- USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
- ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
- DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
- IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
- </p>
- <p>
- The disclaimer of warranties and limitation of liability provided
- above shall be interpreted in a manner that, to the extent
- possible, most closely approximates an absolute disclaimer and
- waiver of all liability.
- </p>
-
- </div>
- </body>
- </html>
|