Explore the intricacies of securing firmware through secure and trusted boot in OpenBMC in this 39-minute conference talk from linux.conf.au 2020. Delve into the OpenBMC project's implementation of modern Linux technologies in server firmware, focusing on ensuring the integrity of running firmware images. Learn about the next generation of BMC hardware's hardware root of trust, which secures the entire boot chain while preserving user freedoms to replace firmware. Gain insights into TPMs, EEPROMs, keys, and signing from a firmware perspective. Understand the history and importance of OpenBMC, device trees, and the distinctions between secure boot and trusted boot. This presentation offers valuable knowledge for those interested in firmware security, open-source projects, and the evolving landscape of server management technologies.
Overview
Syllabus
Introduction
What is OpenBMC
The history of OpenBMC
Why do we care
OpenBMC
Device tree
Demo
Firmware
Secure boot
The downside
Secure boot vs Trusted boot
Taught by
linux.conf.au
Related Courses
-
Using the TPM NVRAM to Protect Secure Boot Keys in POWER9 OpenPOWER Systems
-
Becoming a Tyrant - Implementing Secure Boot in Embedded Devices
-
I Boot when U-Boot
-
Secure Boot from A to Z - Building a Complete Chain-of-Trust
-
Modern Secure Boot Attacks - Alex Matrosov - Ekoparty Security Conference - 2019
-
Exploring Modern and Secure Operations of Kubernetes Clusters on the Edge
