Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Secure Boot from A to Z - Building a Complete Chain-of-Trust

Linux Foundation via YouTube

Overview

Explore a comprehensive guide to implementing Secure Boot from start to finish in this 49-minute conference talk. Delve into the intricacies of building a complete chain-of-trust for a platform, based on real-world experience with an i.MX6 custom board. Learn about each link in the chain-of-trust, from boot ROM to filesystem, including bootloader and kernel. Discover practical techniques for signing binaries, securing kernel booting automation within the bootloader, and implementing dm-verity and switchroot for filesystem security. Gain insights from experienced embedded Linux engineers Quentin Schulz and Mylène Josserand as they cover topics such as encryption vs. signature, root of trust, creating keys, device tree configuration, image verification, root filesystem setup, and Yocto integration. Enhance your understanding of secure boot implementation and best practices in embedded systems.

Syllabus

Introduction
Encryption vs Signature
Consequences
Root of Trust
Bootloader
Creating keys
Device tree
Container
Image
Configuration
Verification
Root filesystem
Verity Setup
Ash Tree Setup
Ash Tree on Device
Ash Offset
Devicemapper
Boot Environment Script
Summary
Yocto
Conclusion
Questions

Taught by

Linux Foundation

Reviews

Start your review of Secure Boot from A to Z - Building a Complete Chain-of-Trust

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.