On ChromeOS, our root of trust is actually the SPI ROM. We allocate a RO section... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		yx827ha on March 24, 2022 \| parent \| context \| favorite \| on: Another Vulnerability in the LPC55S69 ROM On ChromeOS, our root of trust is actually the SPI ROM. We allocate a RO section of the SPI ROM that is controlled with the write protect pin. This RO section contains a full copy of the BIOS including vboot and the keys used to verify the RW-A/RW-B sections. We use this to build a chain of trust. RO FW verifies RW FW, RW FW verifies the payload (depthcharge), depthcharge verifies the kernel, the kernel verifies the rootfs using dm-verity. Here is a great video by Duncan explaining the whole processes in detail: https://youtu.be/HwsTRThChn0 All the components are open source too. You can read more about it here: https://doc.coreboot.org/security/vboot/index.html As for the security chip, all current Chromebooks ship with a CR50. This is a Google designed chip. The boot rom is closed source unfortunately, but it essentially just verifies and jumps to RW. You can find the RW code here if anyone is curious: https://source.chromium.org/chromiumos/chromiumos/codesearch... The security chip gives us TPM2 functionality and some ChromeOS specific features like CCD: https://chromium.googlesource.com/chromiumos/platform/ec/+/c... You should be able to use vboot with a different TPM. Reach out if you want to chat!

riking on March 24, 2022 | [–]

What I'm hearing here is "Yes, Google designed their own chip because everything on the market sucks."

sydthrowaway on March 24, 2022 | [–]

And who are you?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact