Security Working Group meeting - Wednesday December 8 - results

Joseph Reynolds jrey at
Fri Dec 10 04:13:12 AEDT 2021

On 12/9/21 4:21 AM, Andrew Jeffery wrote:
> On Thu, 9 Dec 2021, at 05:44, Joseph Reynolds wrote:
>> 4 Progress on BMC secure boot?
>> AST2600 hardware secure U-boot  boot, then secure booting the Linux
>> kernel. No additional pieces.
>> See the AST security guide.  How is signing-key management done?
>> Dhananjay to  follow up.
> As someone who was involved in integrating the AST2600 secure-boot support into OpenBMC, what's going on here?

Someone asked the question you see above, and Dhananjay tried to 
answer.  The consensus was that there is support for AST2600 secure 
booting U-Boot, support for U-Boot securely loading the Linux kernel, 
and no additional support.  Your summary would be appreciated.

Is there a document which what a system integrator needs to use this 
function?  Ideally it would be linked from


> Andrew

More information about the openbmc mailing list