BMC Image Signing Proposal

Vernon Mauery vernon.mauery at linux.intel.com
Thu May 17 02:02:09 AEST 2018 

On 15-May-2018 06:18 PM, Yugi Mani wrote:
>Good point. We at MSFT are using legacy (non-UBI) layout. We have a manifest for boot verification and we append the hash to image for update verification.
>I can share details about the design/implementation, if you have any specific questions.

At Intel, we are using a legacy layout as well, either ping-ponging 
between partitions or using a active/temp/recovery partition scheme 
depending on the secure boot mechanism for that platform.

--Vernon

>> -----Original Message-----
>> From: openbmc <openbmc-
>> bounces+yupalani=microsoft.com at lists.ozlabs.org> On Behalf Of Lei YU
>> Sent: Monday, May 14, 2018 7:06 PM
>> To: Adriana Kobylak <anoo at linux.vnet.ibm.com>
>> Cc: Stewart Smith <stewart at linux.vnet.ibm.com>; OpenBMC Maillist
>> <openbmc at lists.ozlabs.org>
>> Subject: Re: BMC Image Signing Proposal
>>
>> I'd like to bring this topic again.
>>
>> As I know image signing feature is completed for both BMC and PNOR:
>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgit
>> hub.com%2Fopenbmc%2Fphosphor-bmc-code-
>> mgmt&data=02%7C01%7Cyupalani%40microsoft.com%7C12f250ae199b4
>> 32be89a08d5ba089773%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C
>> 0%7C636619468424007343&sdata=GHBBgm9g9kBpfNAzYxgveFoGWXXl1
>> QOr8fHwZNJNvNA%3D&reserved=0
>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgit
>> hub.com%2Fopenbmc%2Fopenpower-pnor-code-
>> mgmt&data=02%7C01%7Cyupalani%40microsoft.com%7C12f250ae199b4
>> 32be89a08d5ba089773%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C
>> 0%7C636619468424007343&sdata=CR2o%2FgVnHPfMr7w8fwOYeRsbOdF
>> B3VMiB%2FFUCnE2aHE%3D&reserved=0
>>
>> However, the above repos are only for systems with UBI-FS feature.
>> Most of machines are still using the "legacy" obmc flash layout, and thus
>> they do not have image singing feature.
>>
>> So I would like to ask for ideas about how to support image signing
>> feature for machines with "legacy" flash layout?
>> 1. Should we use UBI-FS for machines that requires image signing
>> feature?
>> 2. Or should we implement image signing feature on "legacy" flash layout
>> as well?
>>
>> Thanks!

More information about the openbmc mailing list