Explore the intricacies of Dynamic Key Managed PowerPC Guest Secure Boot in this 45-minute conference talk presented by Sudhakar Kuppusamy and George Wilson from IBM's Linux Technology Center. Delve into the vulnerabilities of boot-level attacks and their potential for silent, persistent threats to operating systems. Learn about the limitations of static key secure boot solutions for Power Logical Partitions (LPARs) and discover the proposed dynamic key secure boot approach designed to enhance Power secure boot. Examine the new hypervisor Platform KeyStore concept and its role in implementing authenticated variables for verifying signatures on Power GRUB and kernels. Gain insights into the shortcomings of static key secure boot in Power LPARs, understand the mechanisms for dynamic key management, and explore the potential extension of GRUB Secure Boot Advanced Targeting (SBAT) into the kernel.
Overview
Syllabus
Dynamic Key Managed PowerPC Guest Secure Boot - Sudhakar Kuppusamy & George Wilson
Taught by
Linux Foundation