Google promised to open source Citadel, the firmware for the Pixel’s Titan M security chip, 2 years ago. Doing some light RE, it’s likely the code is a branch of Chromium EC project. Has modules for AVB, privkey storage/crypto, OEM un/locking. Confused why they haven’t yet?
Conversation
IANAL; but could there be other parties involved that forbid exposing the source? I know in the jailbreak scene certain binaries would never be opensourced due to licensing issues, so maybe something similar happened here?
1
Then why promise to open source? Iirc they again said they were “working on” getting it open sourced after a serious flaw in the crypto implementation was reported early this year. Nothing yet tho 🤷🏻♀️
2
1
Could have been a misunderstanding from people who didn't realize opentitan.org is a distinct project that will at most be the basis for a future iteration of it. I don't really think it was a misunderstanding though. Pixel 2 security chip applet sources are in AOSP...
2
2
I don't understand the delay and they haven't explained what's going on with it. BTW, I wouldn't describe the bug I think you're talking about as a serious flaw. It's clearly the VM aborting and returning a sentinel value. You can see that it's a standard hard-wired sentinel.
2
2
Don’t know enough about the bug to know. Google upped the flaw from high to critical after it was first reported is all I know.
1
I think it's likely that they discovered a serious problem but the specific manifestation of the bug isn't serious. They weren't converting VM errors into proper higher levels errors which is definitely a serious and broadly applicable bug. I hit similar issues with it before.