Security Working Group meeting - Wednesday December 8 - results
Joseph Reynolds
jrey at linux.ibm.com
Fri Dec 10 04:13:12 AEDT 2021
On 12/9/21 4:21 AM, Andrew Jeffery wrote:
> On Thu, 9 Dec 2021, at 05:44, Joseph Reynolds wrote:
>
>> 4 Progress on BMC secure boot?
>>
>> AST2600 hardware secure U-boot boot, then secure booting the Linux
>> kernel. No additional pieces.
>>
>> See the AST security guide. How is signing-key management done?
>>
>> Dhananjay to follow up.
> As someone who was involved in integrating the AST2600 secure-boot support into OpenBMC, what's going on here?
Someone asked the question you see above, and Dhananjay tried to
answer. The consensus was that there is support for AST2600 secure
booting U-Boot, support for U-Boot securely loading the Linux kernel,
and no additional support. Your summary would be appreciated.
Is there a document which what a system integrator needs to use this
function? Ideally it would be linked from
https://github.com/openbmc/docs/blob/master/features.md
Joseph
>
> Andrew
More information about the openbmc
mailing list