_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
ahegao has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
ahegao has quit [Quit: SIGTERM]
_whitelogger_ has joined #linux-sunxi
warpme has quit []
JohnDoe_71Rus has quit [Quit: KVIrc KVIrc Quasar 5.2.6, revision: 5.2.6+git-7606-51f3abb83, build type: debug, sources date: 20160102, built on: 2024-11-13 20:14:24 UTC 5.2.6+git-7606-]
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
Schimsalabim has quit [Ping timeout: 480 seconds]
Schimsalabim has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
<Jookia>
triskit: hmm. i wonder where the patches would be
<Jookia>
i feel like we'd have heard of these patches by now or seen them in binary dumps unless they're doing them at the factory
<triskit>
Jookia: efuses, presumably. Then the ROM loads them into the debugger at startup. But yeah, I didn’t find any indication Allwinner does this
<Jookia>
well there's the 256 byte efuse block you could dump and compare
<triskit>
Just was curious because ROM patches like that are commonplace at $work
wingrime1 has joined #linux-sunxi
<Jookia>
it would be nice to think allwinner are patching security vulns :D
<Jookia>
maybe the hack just needs a tweak?
wingrime-ww has quit [Ping timeout: 480 seconds]
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]
_whitelogger_ has joined #linux-sunxi
<triskit>
Maybe. I was actually thinking more for the purposes of making secure boot actually secure. But I think I read in the logs that secure boot can be bypassed by just making a "special" TOC0 header that triggers some stack corruption.
<triskit>
So I probably shouldn't waste too much effort on it
<triskit>
Thinking through it some more, if Allwinner cared about being able to patch the ROM, they'd just make the BROM copy itself into SRAM and apply patches from the efuses before jumping to it...
vagrantc has joined #linux-sunxi
_whitelogger_ has quit [Remote host closed the connection]