Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, October 24 • 2:00pm - 2:50pm
Verified Boot on Chrome OS and How to do it yourself - Simon Glass, Google

Sign up or log in to save this to your schedule and see who's attending!

Chrome OS uses a first stage read-only firmware and second-stage updatable firmware. The updatable firmware is signed and contains kernel keys and a dm-verify hash, so that the firmware, Linux kernel and root filesystem are all protected against corruption and attack. This system is described and discussed. As part of Google's upstream efforts in U-Boot, a generalized secure boot system has been developed and released with U-Boot 2013.07. This implementation uses the FIT format, which collects together images, such as kernels, device tree, RAM disks. Support is provided for TPMs (Trust Platform Module), RSA-based signing and verificaiton, and hashing with hardware acceleration. This system is also described and discussed, along with the specific steps needed to implement it in your designs.

Speakers
avatar for Simon Glass

Simon Glass

Software Engineer, Google Inc
After writing a programmable RDBMS on ARM computers, Simon Glass worked at ARM in Cambridge, UK setting up the applications group, smart card effort and then working on ARM10. Returning to New Zealand, he started Bluewater Systems and grew it to 20 people, focussing on embedded ARM electronics/Linux. Simon then joined Google and to work on ARM Chromebooks (firmware lead). Simon is a primary contributor to U-Boot and maintains driver model and x86... Read More →


Thursday October 24, 2013 2:00pm - 2:50pm
Tinto

Attendees (22)