From owner-freebsd-embedded@FreeBSD.ORG Mon Jun 11 11:08:32 2007 Return-Path: X-Original-To: freebsd-embedded@FreeBSD.org Delivered-To: freebsd-embedded@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2D30C16A41F for ; Mon, 11 Jun 2007 11:08:32 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 1AA8D13C4C1 for ; Mon, 11 Jun 2007 11:08:32 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l5BB8Vbu026562 for ; Mon, 11 Jun 2007 11:08:31 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l5BB8U6R026558 for freebsd-embedded@FreeBSD.org; Mon, 11 Jun 2007 11:08:30 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 11 Jun 2007 11:08:30 GMT Message-Id: <200706111108.l5BB8U6R026558@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-embedded@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jun 2007 11:08:32 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o misc/15876 embedded [picobsd] PicoBSD message of the day problems o misc/28255 embedded [picobsd] picobsd documentation still references old . o kern/42728 embedded [picobsd] many problems in src/usr.sbin/ppp/* after c f misc/52255 embedded [picobsd] picobsd build script fails under FreeBSD 5.0 o misc/52256 embedded [picobsd] picobsd build script does not read in user/s o kern/101228 embedded [nanobsd] [patch] Two more entries for FlashDevice.sub 6 problems total. From owner-freebsd-embedded@FreeBSD.ORG Mon Jun 11 22:05:19 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AADC416A46D for ; Mon, 11 Jun 2007 22:05:19 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from solow.pil.dk (relay.pil.dk [195.41.47.164]) by mx1.freebsd.org (Postfix) with ESMTP id 7420F13C469 for ; Mon, 11 Jun 2007 22:05:19 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from tirith.brixandersen.dk (osgiliath.brixandersen.dk [87.53.223.189]) by solow.pil.dk (Postfix) with ESMTP id 4E5281CC0EF for ; Mon, 11 Jun 2007 23:41:14 +0200 (CEST) Received: by tirith.brixandersen.dk (Postfix, from userid 1001) id C516BBA53; Mon, 11 Jun 2007 23:41:13 +0200 (CEST) Date: Mon, 11 Jun 2007 23:41:13 +0200 From: Henrik Brix Andersen To: freebsd-embedded@freebsd.org Message-ID: <20070611214113.GC44552@tirith.brixandersen.dk> Mail-Followup-To: freebsd-embedded@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="GRPZ8SYKNexpdSJ7" Content-Disposition: inline X-PGP-Key: http://www.brixandersen.dk/files/HenrikBrixAndersen.asc User-Agent: Mutt/1.5.15 (2007-04-06) Subject: JTAG recommendations? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jun 2007 22:05:19 -0000 --GRPZ8SYKNexpdSJ7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, Since I recently got a new notebook without a parallel port I can no longer use my old parallel port based JTAG cable. I searched the web for USB based JTAG cables with open source drivers, but there aren't many of those available, it seems. The best match seems to be the JTAGkey/JTAGkey-Tiny from Amontec [1] - a solution based on the FTDI FT2232L USB UART IC (but I think these cables are somewhat expensive compared to their complexity). However, this leads on to the next problem. My old parallel port cable is supported by the devel/jtag port from the openwince [2] project. However, this software is quite a mess. It hasn't seen a release since late 2003, new features are available as a mix of 3rd party and upstream CVS patches, and it doesn't support any USB based JTAG cables. The JTAG software found in the OpenOCD [3] project, however, seems to support USB based JTAG cables such as the JTAGkey - but it isn't in ports yet, so I guess this is not what other FreeBSD developers/users use? My question - before I choose to either bite the apple and buy a JTAGkey or construct my own USB JTAG cable - is: what do you guys'n'gals use for your everyday JTAG needs? Which cable? Which software? I can't be the only one in need of an modern, open source friendly JTAG solution :) Regards, Brix [1] http://www.amontec.com/ [2] http://openwince.sourceforge.net/jtag/ [3] http://openocd.berlios.de/web/ --=20 Henrik Brix Andersen --GRPZ8SYKNexpdSJ7 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: GnuPG signed iD8DBQFGbcF5v+Q4flTiePgRAuYEAJ9tK3hbfFuC7rPmZQTHvzEqmpf9pgCgreYO pZ27k22Ticnzsyn3EzdTZHs= =BiFM -----END PGP SIGNATURE----- --GRPZ8SYKNexpdSJ7-- From owner-freebsd-embedded@FreeBSD.ORG Tue Jun 12 07:32:27 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1EE3C16A46C for ; Tue, 12 Jun 2007 07:32:27 +0000 (UTC) (envelope-from freebsd-embedded@dino.sk) Received: from bsd.dino.sk (bsd.dino.sk [213.215.72.60]) by mx1.freebsd.org (Postfix) with ESMTP id AD58613C458 for ; Tue, 12 Jun 2007 07:32:26 +0000 (UTC) (envelope-from freebsd-embedded@dino.sk) Received: from fox.dino.sk (home.dino.sk [84.245.95.252]) (AUTH: PLAIN milan, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by bsd.dino.sk with esmtp; Tue, 12 Jun 2007 09:23:38 +0200 id 00000224.466E49FA.0000DB7A From: Milan Obuch To: freebsd-embedded@freebsd.org, Henrik Brix Andersen Date: Tue, 12 Jun 2007 09:21:08 +0200 User-Agent: KMail/1.9.6 References: <20070611214113.GC44552@tirith.brixandersen.dk> In-Reply-To: <20070611214113.GC44552@tirith.brixandersen.dk> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200706120921.09263.freebsd-embedded@dino.sk> Cc: Subject: Re: JTAG recommendations? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2007 07:32:27 -0000 On Monday 11 June 2007, Henrik Brix Andersen wrote: > Hi, > ... > > I searched the web for USB based JTAG cables with open source drivers, > but there aren't many of those available, it seems. The best match > seems to be the JTAGkey/JTAGkey-Tiny from Amontec [1] - a solution > based on the FTDI FT2232L USB UART IC (but I think these cables are > somewhat expensive compared to their complexity). > ... > > The JTAG software found in the OpenOCD [3] project, however, seems to > support USB based JTAG cables such as the JTAGkey - but it isn't in > ports yet, so I guess this is not what other FreeBSD developers/users > use? > If you could compile software manually and test it, I can help you with creating a port. Not sure I am the best person to do it, but I could help a bit. > My question - before I choose to either bite the apple and buy a > JTAGkey or construct my own USB JTAG cable - is: what do you > guys'n'gals use for your everyday JTAG needs? Which cable? Which > software? > > I can't be the only one in need of an modern, open source friendly > JTAG solution :) > ... Well, I would like to be able to work with my S3C2410 based board fully under FreeBSD, but I did not succeed yet to build a working kernel/loader for my board, even JTAG adapter I got with the board works with sofware running under Windows. It connects to parallel port, bears a WIGGLER mark on it, if anybody has some experience with it I would like to hear. That being said, being a bit experienced in some areas, I consider myself only a newbie in JTAG area, I would like to ask what are you doing with JTAG? There are still areas where one could still discover something new... Regards, Milan -- This address is used only for mailing list response. Do not send any personal messages to it, use milan in address instead. From owner-freebsd-embedded@FreeBSD.ORG Tue Jun 12 08:38:27 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EDF9D16A400 for ; Tue, 12 Jun 2007 08:38:27 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from solow.pil.dk (relay.pil.dk [195.41.47.164]) by mx1.freebsd.org (Postfix) with ESMTP id B303A13C48C for ; Tue, 12 Jun 2007 08:38:27 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from tirith.brixandersen.dk (osgiliath.brixandersen.dk [87.53.223.189]) by solow.pil.dk (Postfix) with ESMTP id 733F21CC0F2 for ; Tue, 12 Jun 2007 10:38:26 +0200 (CEST) Received: by tirith.brixandersen.dk (Postfix, from userid 1001) id C0777BA53; Tue, 12 Jun 2007 10:38:25 +0200 (CEST) Date: Tue, 12 Jun 2007 10:38:25 +0200 From: Henrik Brix Andersen To: freebsd-embedded@freebsd.org Message-ID: <20070612083825.GA56032@tirith.brixandersen.dk> Mail-Followup-To: freebsd-embedded@freebsd.org References: <20070611214113.GC44552@tirith.brixandersen.dk> <200706120921.09263.freebsd-embedded@dino.sk> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline In-Reply-To: <200706120921.09263.freebsd-embedded@dino.sk> X-PGP-Key: http://www.brixandersen.dk/files/HenrikBrixAndersen.asc User-Agent: Mutt/1.5.15 (2007-04-06) Subject: Re: JTAG recommendations? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2007 08:38:28 -0000 --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 12, 2007 at 09:21:08AM +0200, Milan Obuch wrote: > If you could compile software manually and test it, I can help you with= =20 > creating a port. Not sure I am the best person to do it, but I could help= a=20 > bit. Thanks, but that's not the problem - I know how to create a port. That's not the issue here - I was asking what other people on FreeBSD use for their JTAG needs, seeing that OpenOCD isn't in ports I doubt that is in widespread use among FreeBSD users (else, someone would have submitted a port). > Well, I would like to be able to work with my S3C2410 based board fully u= nder=20 > FreeBSD, but I did not succeed yet to build a working kernel/loader for m= y=20 > board, even JTAG adapter I got with the board works with sofware running= =20 > under Windows. It connects to parallel port, bears a WIGGLER mark on it, = if=20 > anybody has some experience with it I would like to hear. See http://www.macraigor.com/wiggler.htm - it's the de facto standard when it comes to parallel port JTAG connections. It is supported by both openwince-jtag and OpenOCD. > That being said, being a bit experienced in some areas, I consider myself= only=20 > a newbie in JTAG area, I would like to ask what are you doing with JTAG?= =20 > There are still areas where one could still discover something new... I use it for downloading new firmware images to devices and debugging said firmware. Regards, Brix PS: No need to CC: me on reply, I am subscribed to the freebsd-embedded@ mailing list. --=20 Henrik Brix Andersen --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: GnuPG signed iD8DBQFGbluBv+Q4flTiePgRAl6hAJ4vOieEPOR+UJ0yj9FZcyGGr4zwHwCdFOD3 PRnAq6oe65K+dW/PWxGKIic= =3fMU -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI-- From owner-freebsd-embedded@FreeBSD.ORG Fri Jun 15 11:07:39 2007 Return-Path: X-Original-To: freebsd-embedded@FreeBSD.org Delivered-To: freebsd-embedded@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E0D4716A46E for ; Fri, 15 Jun 2007 11:07:39 +0000 (UTC) (envelope-from krassi@bulinfo.net) Received: from mx.bulinfo.net (mx.bulinfo.net [193.194.156.1]) by mx1.freebsd.org (Postfix) with ESMTP id 9E46513C45A for ; Fri, 15 Jun 2007 11:07:39 +0000 (UTC) (envelope-from krassi@bulinfo.net) Received: from localhost (localhost [127.0.0.1]) by mx.bulinfo.net (Postfix) with ESMTP id DC090655C6 for ; Fri, 15 Jun 2007 14:07:37 +0300 (EEST) Received: from mx.bulinfo.net ([127.0.0.1]) by localhost (mx.bulinfo.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16664-05 for ; Fri, 15 Jun 2007 14:07:36 +0300 (EEST) Received: from [192.168.2.188] (pythia.bulinfo.net [212.72.195.5]) by mx.bulinfo.net (Postfix) with ESMTP id 7DC2A655C5 for ; Fri, 15 Jun 2007 14:07:36 +0300 (EEST) Message-ID: <467272F7.4010301@bulinfo.net> Date: Fri, 15 Jun 2007 14:07:35 +0300 From: Krassimir Slavchev User-Agent: Thunderbird 2.0.0.0 (X11/20070601) MIME-Version: 1.0 To: freebsd-embedded@FreeBSD.org X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mx.bulinfo.net Cc: Subject: Embedded systems protection? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2007 11:07:40 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello All, I am looking for ideas how an embedded system can be secured against copying ... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGcnL3xJBWvpalMpkRAnOpAJ4tEU1AcuJWJpiyYHRLrvd972wjUwCglUMZ D7yw7/X6pQUNvbhlDCmanSs= =a7XI -----END PGP SIGNATURE----- From owner-freebsd-embedded@FreeBSD.ORG Fri Jun 15 11:59:28 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B3EC216A468 for ; Fri, 15 Jun 2007 11:59:28 +0000 (UTC) (envelope-from dunceor@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.168]) by mx1.freebsd.org (Postfix) with ESMTP id 4F0EE13C447 for ; Fri, 15 Jun 2007 11:59:28 +0000 (UTC) (envelope-from dunceor@gmail.com) Received: by ug-out-1314.google.com with SMTP id u2so917212uge for ; Fri, 15 Jun 2007 04:59:27 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Vq95iFCoFejrx3wDaH1nhroynCxmco4AvlVV3iE6IzcxaWLeO+Hr3wbG3qXJnjfefYWH+nZ4w65MjgXh88KrUXBwUI9DdFNUjrC0nvb22sr+IRUB5M2hcw6oPgYP3kU4+E5cxUoBiClA3tDgzDvBiZdUTjL82+Z81kT/4gD0NU8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=a4tARwet/xOpHPc/Orqfz1rUBcjNukPNlBSpZCSATCMUEW6ZgTIxYQO3z6/Eeal0hwdQyLJB/HOCHv6x2Gpd311kVHgp4cmrfNET4yf+Fm49rxABI3KnzGQyYZ08wTPMW7itdc3rQT5ER29K0zmwyfAMRXY+jPN9Vpq3ixZxKVE= Received: by 10.82.116.15 with SMTP id o15mr5480144buc.1181907289315; Fri, 15 Jun 2007 04:34:49 -0700 (PDT) Received: by 10.82.174.3 with HTTP; Fri, 15 Jun 2007 04:34:49 -0700 (PDT) Message-ID: <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> Date: Fri, 15 Jun 2007 13:34:49 +0200 From: "=?UTF-8?Q?Karl_Sj=C3=B6dahl_-_dunceor?=" To: "Krassimir Slavchev" In-Reply-To: <467272F7.4010301@bulinfo.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <467272F7.4010301@bulinfo.net> Cc: freebsd-embedded@freebsd.org Subject: Re: Embedded systems protection? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2007 11:59:28 -0000 On 6/15/07, Krassimir Slavchev wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello All, > > I am looking for ideas how an embedded system can be secured against > copying ... > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (FreeBSD) > > iD8DBQFGcnL3xJBWvpalMpkRAnOpAJ4tEU1AcuJWJpiyYHRLrvd972wjUwCglUMZ > D7yw7/X6pQUNvbhlDCmanSs= > =a7XI > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-embedded@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-embedded > To unsubscribe, send any mail to "freebsd-embedded-unsubscribe@freebsd.org" > One way that is popular is to use a OTP flash with a cert inside that you verify to see if something has changed. Otherwise certs in different ways is the approach. br dunceor From owner-freebsd-embedded@FreeBSD.ORG Fri Jun 15 12:25:47 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BF3FF16A41F for ; Fri, 15 Jun 2007 12:25:47 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from solow.pil.dk (relay.pil.dk [195.41.47.164]) by mx1.freebsd.org (Postfix) with ESMTP id 8614813C469 for ; Fri, 15 Jun 2007 12:25:47 +0000 (UTC) (envelope-from henrik@brixandersen.dk) Received: from tirith.brixandersen.dk (osgiliath.brixandersen.dk [87.53.223.189]) by solow.pil.dk (Postfix) with ESMTP id 54BE21CC4CF for ; Fri, 15 Jun 2007 14:25:46 +0200 (CEST) Received: by tirith.brixandersen.dk (Postfix, from userid 1001) id C9178B8B3; Fri, 15 Jun 2007 14:25:45 +0200 (CEST) Date: Fri, 15 Jun 2007 14:25:45 +0200 From: Henrik Brix Andersen To: freebsd-embedded@freebsd.org Message-ID: <20070615122545.GA53280@tirith.brixandersen.dk> Mail-Followup-To: freebsd-embedded@freebsd.org References: <467272F7.4010301@bulinfo.net> <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="45Z9DzgjV8m4Oswq" Content-Disposition: inline In-Reply-To: <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> X-PGP-Key: http://www.brixandersen.dk/files/HenrikBrixAndersen.asc User-Agent: Mutt/1.5.15 (2007-04-06) Subject: Re: Embedded systems protection? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2007 12:25:47 -0000 --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 15, 2007 at 01:34:49PM +0200, Karl Sj=F6dahl - dunceor wrote: > One way that is popular is to use a OTP flash with a cert inside that > you verify to see if something has changed. How will that protect from copying? The contents of the flash can still be read. One solution, which I have used earlier, is to have a small bootloader in internal flash which then loads, verifies and decrypts the main application (which has been encrypted) from external flash. The key point here is to make sure the internal flash can not be read out by any means. Regards, Brix --=20 Henrik Brix Andersen --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: GnuPG signed iD8DBQFGcoVJv+Q4flTiePgRAkufAJ9xD3yY616iJSJZq9sj4ZnovnGyVgCbBOBu ECSgpDWsiS7bUEiYui2sZ34= =sFj8 -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq-- From owner-freebsd-embedded@FreeBSD.ORG Fri Jun 15 14:15:27 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6A77C16A469 for ; Fri, 15 Jun 2007 14:15:27 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 2AA0613C457 for ; Fri, 15 Jun 2007 14:15:27 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.8/8.13.4) with ESMTP id l5FEDDxo011867; Fri, 15 Jun 2007 08:13:13 -0600 (MDT) (envelope-from imp@bsdimp.com) Date: Fri, 15 Jun 2007 08:13:38 -0600 (MDT) Message-Id: <20070615.081338.-399282837.imp@bsdimp.com> To: dunceor@gmail.com From: "M. Warner Losh" In-Reply-To: <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> References: <467272F7.4010301@bulinfo.net> <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> X-Mailer: Mew version 5.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Fri, 15 Jun 2007 08:13:14 -0600 (MDT) Cc: freebsd-embedded@freebsd.org Subject: Re: Embedded systems protection? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2007 14:15:27 -0000 In message: <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com= > "Karl_Sj=F6dahl_-_dunceor" writes: : On 6/15/07, Krassimir Slavchev wrote: : > -----BEGIN PGP SIGNED MESSAGE----- : > Hash: SHA1 : > : > Hello All, : > : > I am looking for ideas how an embedded system can be secured agains= t : > copying ... First, you need some way to have secure hardware. You need to find some way to be able to insert code into a device, throw a switch (usually an internal fuse) that turns off the programming ability. Ideally, all of this is inside the chip. While not secure against someone with infinite money, it is secure against most users, even professionals. : One way that is popular is to use a OTP flash with a cert inside that= : you verify to see if something has changed. : = : Otherwise certs in different ways is the approach. This will only prevent unauthorized users, or at least users who haven't had their software signed (or users that are sophisticated enough to bypass these checks). An OTP flash part just makes it harder for someone to put their own software in place. If the OTP part is just a 8-pin IIC device, then popping a new one in isn't all that hard, and reading the OTP out of circuit is also easy. Warner From owner-freebsd-embedded@FreeBSD.ORG Fri Jun 15 14:37:02 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5606D16A46E for ; Fri, 15 Jun 2007 14:37:02 +0000 (UTC) (envelope-from dunceor@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.172]) by mx1.freebsd.org (Postfix) with ESMTP id BC47B13C468 for ; Fri, 15 Jun 2007 14:37:01 +0000 (UTC) (envelope-from dunceor@gmail.com) Received: by ug-out-1314.google.com with SMTP id u2so952508uge for ; Fri, 15 Jun 2007 07:37:00 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=leRYKpTTiJde6W+jHXisZ4Knx5NI6QK+UWssV+nyWGR8jMnrmF0RR4CA1jYDuLeaXndMTQZLq5ScXuvb66pkwyyGv5yX1HE1moYT9uQ7clnIUZzslwFXM96ogaKrDxh2GPHUprZLV5BuYm9kV+3dOQjoq1PZOtK46FIQxRQ2vug= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=B7OJyMZhCIGBwZsa1NOsTJh+B6Gq1o19eIbpTznIXi6rbItsnlAK/eBDU4dAhpfZTaN1Ywx2gAAnuam8Af0prnZa2VT9qqRQBqs19Tud9X8oP8M02bzydAhkZZFiprAlbkMtQ6oqaN++D84j3+u/kBWeuhoe/0d3Y3s6Z/o/vWg= Received: by 10.82.106.14 with SMTP id e14mr5818117buc.1181918219503; Fri, 15 Jun 2007 07:36:59 -0700 (PDT) Received: by 10.82.174.3 with HTTP; Fri, 15 Jun 2007 07:36:59 -0700 (PDT) Message-ID: <5d84cb30706150736v7f156277x5588b307bd72a014@mail.gmail.com> Date: Fri, 15 Jun 2007 16:36:59 +0200 From: "=?UTF-8?Q?Karl_Sj=C3=B6dahl_-_dunceor?=" To: freebsd-embedded@freebsd.org In-Reply-To: <20070615122545.GA53280@tirith.brixandersen.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 Content-Disposition: inline References: <467272F7.4010301@bulinfo.net> <5d84cb30706150434u6e722912w9edac38e62bd97c3@mail.gmail.com> <20070615122545.GA53280@tirith.brixandersen.dk> Subject: Re: Embedded systems protection? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2007 14:37:02 -0000 T24gNi8xNS8wNywgSGVucmlrIEJyaXggQW5kZXJzZW4gPGhlbnJpa0Bicml4YW5kZXJzZW4uZGs+ IHdyb3RlOgo+IE9uIEZyaSwgSnVuIDE1LCAyMDA3IGF0IDAxOjM0OjQ5UE0gKzAyMDAsIEthcmwg U2rDtmRhaGwgLSBkdW5jZW9yIHdyb3RlOgo+ID4gIE9uZSB3YXkgdGhhdCBpcyBwb3B1bGFyIGlz IHRvIHVzZSBhIE9UUCBmbGFzaCB3aXRoIGEgY2VydCBpbnNpZGUgdGhhdAo+ID4gIHlvdSB2ZXJp ZnkgdG8gc2VlIGlmIHNvbWV0aGluZyBoYXMgY2hhbmdlZC4KPgo+IEhvdyB3aWxsIHRoYXQgcHJv dGVjdCBmcm9tIGNvcHlpbmc/IFRoZSBjb250ZW50cyBvZiB0aGUgZmxhc2ggY2FuCj4gc3RpbGwg YmUgcmVhZC4KPgo+IE9uZSBzb2x1dGlvbiwgd2hpY2ggSSBoYXZlIHVzZWQgZWFybGllciwgaXMg dG8gaGF2ZSBhIHNtYWxsIGJvb3Rsb2FkZXIKPiBpbiBpbnRlcm5hbCBmbGFzaCB3aGljaCB0aGVu IGxvYWRzLCB2ZXJpZmllcyBhbmQgZGVjcnlwdHMgdGhlIG1haW4KPiBhcHBsaWNhdGlvbiAod2hp Y2ggaGFzIGJlZW4gZW5jcnlwdGVkKSBmcm9tIGV4dGVybmFsIGZsYXNoLiBUaGUga2V5Cj4gcG9p bnQgaGVyZSBpcyB0byBtYWtlIHN1cmUgdGhlIGludGVybmFsIGZsYXNoIGNhbiBub3QgYmUgcmVh ZCBvdXQgYnkKPiBhbnkgbWVhbnMuCj4KPiBSZWdhcmRzLAo+IEJyaXgKPiAtLQo+IEhlbnJpayBC cml4IEFuZGVyc2VuIDxoZW5yaWtAYnJpeGFuZGVyc2VuLmRrPgo+Cj4KCkFoIHlvdSBhcmUgYWxs IHNvIHJpZ2h0LCBJIHRob3VnaHQgYWJvdXQgcHJvdGVjdGlvbiBmcm9tIHRhbXBlcmluZyBhbmQK Zmxhc2hpbmcgdGhlaXIgb3duIHNvZnR3YXJlLCBub3Qgc2VjdXJlIGFnYWluc3QgY29weWluZy4g U29ycnkuCgpicgpkdW5jZW9yCg== From owner-freebsd-embedded@FreeBSD.ORG Sat Jun 16 21:11:27 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9580F16A400 for ; Sat, 16 Jun 2007 21:11:27 +0000 (UTC) (envelope-from gofe-freebsd-embedded@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 4F14713C44C for ; Sat, 16 Jun 2007 21:11:27 +0000 (UTC) (envelope-from gofe-freebsd-embedded@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1HzepS-0004I5-Ke for freebsd-embedded@freebsd.org; Sat, 16 Jun 2007 22:25:02 +0200 Received: from d463cd6f.datahighways.de ([212.99.205.111]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Jun 2007 22:25:02 +0200 Received: from ino-news by d463cd6f.datahighways.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Jun 2007 22:25:02 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-embedded@freebsd.org From: clemens fischer Date: Sat, 16 Jun 2007 22:09:09 +0200 Organization: more-or-less Lines: 23 Message-ID: <5ksdk4xsa3.ln2@nntp.spotteswoode.dnsalias.org> References: <20070611214113.GC44552@tirith.brixandersen.dk> <200706120921.09263.freebsd-embedded@dino.sk> <20070612083825.GA56032@tirith.brixandersen.dk> X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: d463cd6f.datahighways.de User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: JTAG recommendations? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Jun 2007 21:11:27 -0000 Henrik Brix Andersen in <20070612083825.GA56032@tirith.brixandersen.dk>: > That's not the issue here - I was asking what other people on FreeBSD > use for their JTAG needs, seeing that OpenOCD isn't in ports I doubt > that is in widespread use among FreeBSD users (else, someone would > have submitted a port). well, i actually use the openOCD software with a wiggler. there's a small patch needed re. port-IO, which i can send you. the original is based on linux-only, which has port and value reversed, and fbsd needs different includes. Dominic Rath keeps forgetting about us, although i had sent him the patch. i think he wants something more generic than a simple "#ifdef __FreeBSD__ ... #endif" scheme. you should use the version from the SVN repo. as is state-of-the-art with fbsd, you'd have to use the right auto* version numbers for the bootstrapping. ohhh... i just noticed "svn update" won't do with my old sources. this means i'll have to checkout the entire tree again. no time for that now. regards, clemens From owner-freebsd-embedded@FreeBSD.ORG Sat Jun 16 21:31:08 2007 Return-Path: X-Original-To: freebsd-embedded@freebsd.org Delivered-To: freebsd-embedded@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 205E516A468 for ; Sat, 16 Jun 2007 21:31:08 +0000 (UTC) (envelope-from gofe-freebsd-embedded@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 9EFE713C44C for ; Sat, 16 Jun 2007 21:31:07 +0000 (UTC) (envelope-from gofe-freebsd-embedded@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Hzfqx-0001Rq-SL for freebsd-embedded@freebsd.org; Sat, 16 Jun 2007 23:30:39 +0200 Received: from d463cd6f.datahighways.de ([212.99.205.111]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Jun 2007 23:30:39 +0200 Received: from ino-news by d463cd6f.datahighways.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Jun 2007 23:30:39 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-embedded@freebsd.org From: clemens fischer Date: Sat, 16 Jun 2007 23:07:26 +0200 Organization: more-or-less Lines: 43 Message-ID: References: <20070611214113.GC44552@tirith.brixandersen.dk> <200706120921.09263.freebsd-embedded@dino.sk> <20070612083825.GA56032@tirith.brixandersen.dk> X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: d463cd6f.datahighways.de User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: JTAG recommendations? X-BeenThere: freebsd-embedded@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Jun 2007 21:31:08 -0000 Henrik Brix Andersen in <20070612083825.GA56032@tirith.brixandersen.dk>: > That's not the issue here - I was asking what other people on FreeBSD > use for their JTAG needs, seeing that OpenOCD isn't in ports I doubt > that is in widespread use among FreeBSD users (else, someone would > have submitted a port). sorry, i don't have the time to wait for my post to appear on gmane. i wrote the original tiny little patch for openOCDs fbsd support, and i just checked the current SVN sources: they are still there, and they should work, although i only used bitbanging on the parallel port. note that openOCD is still very actively developed, you should definitely use the SVN repo. the only thing you might need is this: #!/bin/sh # bootstrap.fbsd aclocal19 && autoheader259 && automake19 --gnu --add-missing && autoconf259 because the linux versions don't carry version numbers in their names... i understand that USB is better specified than the parallel port. you might get away without patching anything, just using the correct "./configure ..." incantation for your FT* chip based interface. please report back with success/failure and what you had to do to get it to work. also, there's a wiki[1] where people collect configuration information, you can check there for your controller, and please update any missing pieces. last year the "edit page" link needed a login, and the creating an account wasn't automatic, you'd need to tell dominic to list you up. [1] http://openfacts.berlios.de/index-en.phtml?title=OpenOCD_configuration other than that, openOCD worked fairly well, it should work even better using USB. regards, clemens