CRP and BOOT_SRC vs privacy?

henrik_glader · ‎10-16-2018

Hi everyone, nice community you got here = )

I've been looking in to using a LPC43XX chip in a upgrade design.

Thus playing around with the MCB4357 board several years ago I don't remember too much of it so be aware, you may get hit by a numbers of n00b questions.

First off, regarding privacy and boot without any security measurements.

Selecting CRP3 gives some basic intrusion resistance and disables the ISP override (P2_7), what happens if BOOT_SRC is {0, 0, 0, 0}?

If its possible to program the BOOT_SRC to {1, 1, 1, 1} would that mean the chip only boots from the internal FLASH?

Is there any hacks affecting these options, like stressing the chip in various ways during the boot?

(yes, I know theres probably no answer on his one)

Thank you in advance

/Henrik

bernhardfink · ‎10-16-2018

CRP3 is the strongest protection the LPC43xx can provide. The flash parts of LPC1800/4300 will always try to boot from internal flash first, except the ISP pin P2_7 is sampled LOW after reset. In CRP3 this pin function is disabled, therefore the part will always boot from internal flash in case a valid flash signature has been found. Only if this is not the case, the bootcode looks for the boot memory specified with the fuses or the boot pins.

In a nutshell, if you have enabled CRP3 without having a valid code in internal flash, you're locked out and you can throw the board away.

Hacking the device using whatever techniques cannot be excluded, but up to now I don't know of any structured & easy-to-reproduce attack.

Regards,

Bernhard.

henrik_glader · ‎10-16-2018

Thank you for the reply, Bernard = )

Then CRP3 it is along with careful revision management it is.

By documentation (and as you state) I'd guess, there exists a backdoor, if you have CRP3 and a broken image (in both flash banks) the ROM proceeds with the BOOT_SRC selection.

I'm not sure but I think a non-funcional board is the prefered option than a recovery, would that be avoided writing a non-valid source in BOOT_SRC?

-

In the case of careful software upgrade.

I'd go for two identical images in the flash banks to sort of get a second life but that requires the flash endurance is prolonged in the second bank because the first one is valid and *exhausted*.

Would that idea hold water?

Wondering

/Henrik

bernhardfink · ‎10-16-2018

Hi Henrik,

there is no backdoor in the bootcode which allows to enter the chip when CRP3 is activated.

You need to manage it with your own code implementation, so it will be your personal backdoor.

An alternative is CRP2, where the bootcode allows the ISP mode but limited to flash erase functionality. So you can protect your code and you can recover/reuse the hardware.

For "careful" software updates you use the 2 flash banks in turn, with some clever cross checks before switching the banks.

For "very careful" software updates you might add a small external QSPI flash as temporary storage for whatever.

Regards,

Bernhard.

henrik_glader · ‎10-25-2018

Hi Bernard : )

Ok, I will check the CRP2 option

If I'd been a hacker I might try to partially erase and add a small code to gain access to internals like the ROM and maybe some flash.

The external flash is a good idea, I will think that thru.

Thank you = )

/Henrik