How to mitigate ROCA TPM vulnerability?

Published at April 17, 2019 · Krystian Hebel ·  9 min read

ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. Discovering whether TPM is vulnerable All vulnerable keys have the same structure....

Meltdown and spectre. What are they and what they are not?

Published at March 20, 2019 · Michał Żygowski ·  6 min read

Meltdown and Spectre At the turn of the year 2017 and 2018, the world of security and computing has shaken. It was the time when we first heard about vulnerabilities that affect almost every modern processor (mainly x86 architecture) manufactured during the last 20 years. They have been named as Meltdown and Spectre and belong to one family of flaws caused by speculative execution. In this post, I will describe what they are and how they are threatening the users of modern machines....

Yocto meta-rte is now open for everyone

Published at March 13, 2019 · Marta Szelecka ·  3 min read

Yocto meta-rte is now open for everyone We are happy to announce that our 3mdeb’s Yocto meta-rte is now available on our GitHub. But let’s say briefly what the Yocto Project is and why we decided to work with it. First of all, like everything that we love the most, Yocto Project is open sourced. The project is hosted by the Linux Foundation and gives you templates, methods, and set of interoperable tools for creating OS images for embedded Linux systems....

Flashing eMMC on Hummingboard Edge using fastboot? part 2

Published at March 8, 2019 · Maciej Pijanowski ·  10 min read

fastboot FastBoot protocol is a tool developed for Android, which allows for communicating with bootloaders over USB or Ethernet. U-Boot configuration U-Boot fastboot documentation suggests to set CONFIG_USB_GADGET_(VENDOR_NUM|PRODUCT_NUM|MANUFACTURER). Note that USB_GADGET_VENDOR_NUM and USB_GADGET_PRODUCT_NUM is not related to your actual board, rather it is some dummy id of device which is compatible with fastboot. In this case it is CelkonA88 device from Google. Fastboot client Install fastboot: On Debian-based distros:...

3mdeb at Embedded World 2019

Published at February 23, 2019 · Marta Szelecka ·  2 min read

3mdeb at Embedded World 2019 We are excited to inform You that 3mdeb will take part in embedded world Exhibition & Conference - Embedded World 2019 next week! In place full of enthusiasts You can meet us personally between 26.02-28.02 in Nuremberg, Germany. Come and talk with us about amazing world of embedded systems. We will tell You not only about our work and innovations, but also share our knowledge, help and present to You our products and demos:...

How to enable Core Performance Boost on AMD platforms?

Published at February 14, 2019 · Michał Żygowski ·  12 min read

Pushing hardware to its limits In the epoch of efficient and fast processors, performance becomes one of the most crucial aspects when choosing and working with hardware. We want our computers to execute their tasks with possibly highest speeds. But what really influences the performance of our platforms? It’s the processor’s manufacturer design one may say. In this post, I will show You how firmware may boost Your silicon to higher performance level....

Quick start guide to kas - best tool for setting up the Yocto projects

Published at February 7, 2019 · Maciej Pijanowski ·  7 min read

Introduction If you are using the Yocto Project, you certainly have encountered the hassle of managing multiple layers and tracking their revisions. I’ve been using the Yocto Project for nearly 3 years by now and have mostly been using the tool for this purpose. While I’m not a huge fan of it, it is relatively simple to use and gets the job of fetching layers and controlling their revisions done properly....

Enabling ECC on PC Engines platforms

Published at October 16, 2018 · Krystian Hebel ·  14 min read

In this post I want to share some findings about ECC on PC Engines apu platforms. I’ll try to shortly describe what ECC is, why is it so desired, what problems with enabling this feature were encountered and how to test whether ECC works or not using MemTest86. Introduction Sometimes a bit in RAM changes its value spontaneously due to electrical or magnetic interference. It can be caused by background radiation, cosmic rays or recently attacks using row hammering....

debos image for HummingBoard Edge

Published at October 10, 2018 · Maciej Pijanowski ·  7 min read

Intro In my previous posts I have shared my first experience with debos and how to run debos in a container. In today’s post, I’d like to present how can we use all of that to generate base Debian image for an ARM board. My board of choice for this particular example will be the HummingBoard Edge. The post is inspired by the feedback from the new users (such as this one) that there are no end-to-end examples how to quickly start using this tool....

RTE for automated kernel deployment and everyday use

Published at October 3, 2018 · Piotr Król ·  8 min read

We continue our effort to enable IOMMU and as side effect I have to play with various technologies to exercise reliable development environment which base on RTE. In this blog post I would like to present semi-automated technique to debug firmware, Xen and Linux kernel. The goal is to have set of tools that help in enabling various features in Debian-based dom0. We would like: update Linux kernel which is exposed over HTTP server update rootfs provided through NFS I will use following components:...