[LinuxBIOS] C3 Lightning Talk abstract
c-d.hailfinger.devel.2006 at gmx.net
Thu Dec 7 14:00:16 CET 2006
Stefan Reinauer wrote:
> * Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> [061207 13:19]:
>>> Have BIOS check payload you mean? Or have payload check rootfs? I
>>> guess they blend into one.
>> Both. But the BIOS checking the payload is IMO key to a secure boot
>> (if you don't trust the payload, you can't trust any assessment of
>> rootfs security by the payload).
> But: If you can't "trust" the payload, how can you trust the other 64k
> of LinuxBIOS in the flash?
You're right. I was unclear with my terminology.
>>>> * Automatic authenticated BIOS updates
>>> Are the details ironed out yet? Is userspace still involved?
>> A paper was due a few weeks ago, but nothing has surfaced yet.
> Who is doing that?
Ivan Krstic and others. I'll keep you updated.
More information about the coreboot