Excessive device authorization sets

poursteady · October 21, 2020, 3:50pm

No results for eeprom here’s what I see in those directories though:

ps157:~$ sudo find / -name eeprom
ps157:~$ sudo find / -name i2c   
/sys/kernel/debug/tracing/events/i2c
/sys/bus/i2c
ps157:~$ cd /sys/bus/i2c
ps157:/sys/bus/i2c$ ls -al
drwxr-xr-x    4 root     root             0 Jan  1 00:00 .
drwxr-xr-x   23 root     root             0 Jan  1 00:00 ..
drwxr-xr-x    2 root     root             0 Jan  1 00:00 devices
drwxr-xr-x   11 root     root             0 Jan  1 00:00 drivers
-rw-r--r--    1 root     root          4096 Jan  1 00:02 drivers_autoprobe
--w-------    1 root     root          4096 Jan  1 00:02 drivers_probe
--w-------    1 root     root          4096 Jan  1 00:00 uevent
ps157:/sys/bus/i2c$ cd devices/
ps157:/sys/bus/i2c/devices$ ls -al
drwxr-xr-x    2 root     root             0 Jan  1 00:00 .
drwxr-xr-x    4 root     root             0 Jan  1 00:00 ..
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 0-0024 -> ../../../devices/platform/ocp/44e0b000.i2c/i2c-0/0-0024
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 0-0034 -> ../../../devices/platform/ocp/44e0b000.i2c/i2c-0/0-0034
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 0-0050 -> ../../../devices/platform/ocp/44e0b000.i2c/i2c-0/0-0050
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 0-0070 -> ../../../devices/platform/ocp/44e0b000.i2c/i2c-0/0-0070
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 2-0054 -> ../../../devices/platform/ocp/4819c000.i2c/i2c-2/2-0054
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 2-0055 -> ../../../devices/platform/ocp/4819c000.i2c/i2c-2/2-0055
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 2-0056 -> ../../../devices/platform/ocp/4819c000.i2c/i2c-2/2-0056
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 2-0057 -> ../../../devices/platform/ocp/4819c000.i2c/i2c-2/2-0057
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 i2c-0 -> ../../../devices/platform/ocp/44e0b000.i2c/i2c-0
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 i2c-1 -> ../../../devices/platform/ocp/4802a000.i2c/i2c-1
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 i2c-2 -> ../../../devices/platform/ocp/4819c000.i2c/i2c-2
ps157:/sys/bus/i2c/devices$

dellgreen · October 21, 2020, 4:42pm

depending on your kernel version it might be nvmem somewhere rather than eeprom

poursteady · October 21, 2020, 6:34pm

I do see nvmem but nothing in either of the files/directories

ps157:~$ sudo find / -name nvmem
/sys/devices/platform/ocp/44e3e000.rtc/rtc/rtc0/omap_rtc_scratch0/nvmem
/sys/bus/nvmem

ps157:/sys/bus/nvmem$ ls -al
drwxr-xr-x    4 root     root             0 Jan  1 00:00 .
drwxr-xr-x   23 root     root             0 Jan  1 00:00 ..
drwxr-xr-x    2 root     root             0 Jan  1 00:00 devices
drwxr-xr-x    2 root     root             0 Jan  1 00:00 drivers
-rw-r--r--    1 root     root          4096 Jan  1 00:05 drivers_autoprobe
--w-------    1 root     root          4096 Jan  1 00:05 drivers_probe
--w-------    1 root     root          4096 Jan  1 00:00 uevent
ps157:/sys/bus/nvmem$ cd devices/
ps157:/sys/bus/nvmem/devices$ ls -al
drwxr-xr-x    2 root     root             0 Jan  1 00:00 .
drwxr-xr-x    4 root     root             0 Jan  1 00:00 ..
lrwxrwxrwx    1 root     root             0 Jan  1 00:00 omap_rtc_scratch0 -> ../../../devices/platform/ocp/44e3e000.rtc/rtc/rtc0/omap_rtc_scratch0

dellgreen · October 21, 2020, 8:48pm

As an example of things to check, below are some links to not exactly what you use but should highlight what you should be double checking on your OS build to see if you have eeprom fully configured in your kernel.

Looks like there is some kernel device tree config you can check

looks like there is also kernel driver config to check you have enabled

github.com

beagleboard/linux/blob/7a920684860a790099061b67961d0b5ffa033fdf/drivers/misc/eeprom/Kconfig

menu "EEPROM support"

config EEPROM_AT24
	tristate "I2C EEPROMs / RAMs / ROMs from most vendors"
	depends on I2C && SYSFS
	select NVMEM
	help
	  Enable this driver to get read/write support to most I2C EEPROMs
	  and compatible devices like FRAMs, SRAMs, ROMs etc. After you
	  configure the driver to know about each chip on your target
	  board.  Use these generic chip names, instead of vendor-specific
	  ones like at24c64, 24lc02 or fm24c04:

	     24c00, 24c01, 24c02, spd (readonly 24c02), 24c04, 24c08,
	     24c16, 24c32, 24c64, 24c128, 24c256, 24c512, 24c1024

	  Unless you like data loss puzzles, always be sure that any chip
	  you configure as a 24c32 (32 kbit) or larger is NOT really a
	  24c16 (16 kbit) or smaller, and vice versa. Marking the chip
	  as read-only won't help recover from this. Also, if your chip

This file has been truncated. show original

github.com

beagleboard/meta-beagleboard/blob/master/common-bsp/recipes-kernel/linux/linux-mainline-3.8/beaglebone/defconfig

#
# Automatically generated file; DO NOT EDIT.
# Linux/arm 3.8.13 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
CONFIG_GENERIC_GPIO=y
CONFIG_HAVE_PROC_CPU=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_TRACE_IRQFLAGS_SUPPORT=y
CONFIG_RWSEM_GENERIC_SPINLOCK=y
CONFIG_ARCH_HAS_CPUFREQ=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_VECTORS_BASE=0xffff0000
CONFIG_ARM_PATCH_PHYS_VIRT=y
CONFIG_GENERIC_BUG=y
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"

This file has been truncated. show original

poursteady · October 21, 2020, 10:11pm

Thanks, will take a look at the kernel configurations and see if we can pull the serial number instead.

As I’ve been decommissioning and re-authorizing the devices creating this issue, I am noticing that all of the duplicate devices reporting with the same mac address are coming from a single customer in South Korea. And a few of the devices we have records for, seemingly had different MAC addresses when we tested them in our factory prior to delivery.

Is it at all possible that there’s a networking device in the middle of their devices and the mender server that’s reporting out the same address? Otherwise, since their hostnames and IP Addresses are different would that mean that they all have BBB’s with the same eth0 network interface?

dellgreen · October 21, 2020, 10:42pm

As I’ve been decommissioning and re-authorizing the devices creating this issue, I am noticing that all of the duplicate devices reporting with the same mac address are coming from a single customer in South Korea. And a few of the devices we have records for, seemingly had different MAC addresses when we tested them in our factory prior to delivery.

thats intriguing

Is it at all possible that there’s a networking device in the middle of their devices and the mender server that’s reporting out the same address? Otherwise, since their hostnames and IP Addresses are different would that mean that they all have BBB’s with the same eth0 network interface?

i don’t think that any intermediate networking device is involved here as the mender device identity data (which you are using BBB MAC address for) is passed at the application layer of the OSI model and protected between BBB and server with TLS in transit. I would of expected them to need to get access to the root filesystem of your device to be able to attempt to modify it in some way, or rewrite the eeprom data. I should state I am in no-way a security professional so could be wrong.

Topic		Replies	Views
Device reapproval after update General Discussions	7	480	November 22, 2022
Mender - Enrolment Duplicates & Firewall Settings Debian family	4	463	April 13, 2022
Authentication request rejected by the Mender.Bitcortex server General Discussions mender-client , inventory	4	13	July 22, 2024
Strange problem when upgrading a device via hosted.mender.io General Discussions	0	501	March 25, 2022
Autoprovision multiple existing devices without board integration General Discussions mender-client , preauthorization	6	360	January 31, 2023

Excessive device authorization sets

Related topics