Read it directly from either the firmware or the otp, as those both require a great deal more effort to spoof, though likely still not impossible. You can see the last line is the Serial number, that should be easy to parse, even for a beginnerĪnd, as already discussed above, can be spoofed by someone with a small amount of Linux knowledge creating a custom kernel module. There's little you can do to avoid that level of dedication.įeatures : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm crc32 A hash mechanism on the serial number is considered sufficient to protect the codec licences within the firmware, although admittedly that is a little harder to reverse engineer as it isn't running on the ARM.Ī determined hacker will disassemble your code and find the conditional jump between pass and fail of your crypto check and make it always go the "success" route. It all depends on how much money and effort you want to expend in locking down your project. Just keep that private key private or the whole system falls down. A read of the datasheet and Wikipedia will give you more details. This corresponds to the dmidecode output: ID: FB 06 00 00 01 03 00 00 matches a 06FB CPUID, i.e. Thus in your case it’s the CPU itself which is returning the Intel (R) Xeon (R) CPU E5335 2.00GHz string. There are a various libraries available for them, but as I understand it you'll program a private key into the device (write only), and your code has the corresponding public key to run a hash of some data and verify that it is a chip you have programmed. On x86, it uses the CPUID Processor Brand String feature, where supported. You could use an I2C crypto module such as those from Atmel. How would you stop someone copying the contents of the EEPROM and putting it on a cloned board? There's nothing unique in having a single I2C EEPROM. Printf("%s\n", PSN) //compare with: lshw | grep serial:īrekee12 wrote:Why do not put an eeprom onto the i2cbus with your special code it is much simpler. xxxx-xxxx-xxxx-xxxx-XXXX-XXXXĬhar PSN //24 Hex digits, 5 '-' separators, and a '\0' Sprintf(PSN, "%s-%C%C%C%C-%C%C%C%C", PSN, str, str, str, str, str, str, str, str) numcpus sysconf( SCNPROCESSORSONLN ) (In QNX systems, you can use numcpus sysinfonumcpu()) For shell scripting, you can use cat /proc/cpuinfo. ?x=3 gives least significant 64 bits in edx and ecx You can use this for mostly all kind of linux distro. Sprintf(PSN, "%C%C%C%C-%C%C%C%C", str, str, str, str, str, str, str, str) Please also note that if you run your kernel in a virtual machine, you only see the CPU cores dedicated to the VM guest.//?x=1 gives most significant 32 bits in eax Also please note that if there is a htt in flags, you are running a hyper-threading CPU, which means that your mileage may vary. Please note that you need to parse and compare the physical id, core id and cpu cores to get an accurate result, if you really care about the number of CPUs vs. While(getdelim(
0 Comments
Leave a Reply. |