Presented by

  • Joel Stanley

    Joel Stanley
    @shenki
    https://jms.id.au

    Joel is a firmware and kernel hacker at IBM OzLabs. Based in Adelaide, he works on ensuring our low level bits and bytes are all upstream and up to date.

Abstract

The OpenBMC project has brought modern Linux technologies to the firmware in your new server. A missing piece of this is ensuring the firmware is the image you expect it to be running, weather that is something your vendor shipped, an update, or something you build yourself from the open source project. The next generation of BMC hardware will allow a hardware root of trust to secure the entire boot chain. Come hear about how that works, and how the design goes to great lengths to ensure user freedoms to replace firmware while still being secure are preserved. This talk will coverTPMs, EEPROMs, keys, and signing, from a firmware perspective. Linux Australia: http://mirror.linux.org.au/pub/linux.conf.au/2020/room_7/Friday/Securing_firmware_Secure_and_Trusted_boot_in_OpenBMC.webm YouTube: https://www.youtube.com/watch?v=iOLC0FMe7Xs