ron minnich wrote:
On Wed, Feb 5, 2014 at 7:53 AM, Peter Stuge peter@stuge.se wrote:
I read a little about the quark soc and it seems to have some pretty tight signature checks on firmware. I got the impression that it was unpossible to use any other firmware than the UEFI it comes with.
Word from Intel: "hook up a dediprog and reprogram."
https://communities.intel.com/servlet/JiveServlet/downloadBody/21828-102-2-2... https://communities.intel.com/docs/DOC-21828
The top of page 38 (1.2 Component Overview) reads:
"To enable secure applications, the SoC features an on-die Boot ROM that is used to establish a hardware Root of Trust (RoT). The immutable code located within the Boot ROM is used to initiate an iterative firmware authentication process ensuring only trusted code is executed when taking the platform out of reset."
Sounds like a documentation clarification is needed on release notes."
Sounds like it..
//Peter
On Wednesday, February 05, 2014 08:26:46 PM Peter Stuge wrote:
the SoC features an on-die Boot ROM that is used to establish a hardware Root of Trust (RoT).
"RoT" sounds about right.
Alex
So I'm continuing my discussion with intel, they are being quite responsive. Peter, thanks for pushing on this, we need the answer!
ron
-
mrnuke -
Peter Stuge -
ron minnich