7 Dec
2006
7 Dec
'06
1:48 p.m.
* Carl-Daniel Hailfinger c-d.hailfinger.devel.2006@gmx.net [061207 13:19]:
Have BIOS check payload you mean? Or have payload check rootfs? I guess they blend into one.
Both. But the BIOS checking the payload is IMO key to a secure boot (if you don't trust the payload, you can't trust any assessment of rootfs security by the payload).
But: If you can't "trust" the payload, how can you trust the other 64k of LinuxBIOS in the flash?
- Automatic authenticated BIOS updates
Are the details ironed out yet? Is userspace still involved?
A paper was due a few weeks ago, but nothing has surfaced yet.
Who is doing that?
--
coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br.
Tel.: +49 761 7668825 • Fax: +49 761 7664613
Email: info@coresystems.de • http://www.coresystems.de/