BMC Image Signing Proposal

Stewart Smith stewart at linux.vnet.ibm.com
Wed May 16 09:03:12 AEST 2018


Yugi Mani <yupalani at microsoft.com> writes:
> Good point. We at MSFT are using legacy (non-UBI) layout. We have a manifest for boot verification and we append the hash to image for update verification. 
> I can share details about the design/implementation, if you have any
> specific questions.

I'd be interested in what you came up with as we have the same two
issues with OpenPOWER: update verification (not security so much as
stopping people doing something silly like flashing the wrong firmware
image), as well as partial downgrade protection (i.e. the host has to
verify the integrity of the whole image, not just individual components)


-- 
Stewart Smith
OPAL Architect, IBM.



More information about the openbmc mailing list