On Fri, 31 May 2019 at 19:25, Ilias Apalodimas
wrote:
>
> Hi Grant,
> > I see two ways to handle this that fits with the Secure Boot
> > authentication path:
> >
> > Option 1: Leave it to the OS loader
> > We could simply say that if the OS wants to replace the DTB, then it
> > should take care of
On 5/31/19 7:16 PM, Ilias Apalodimas wrote:
Hi Grant,
I see two ways to handle this that fits with the Secure Boot
authentication path:
Option 1: Leave it to the OS loader
We could simply say that if the OS wants to replace the DTB, then it
should take care of authentication itself within the O
Hi Grant,
> I see two ways to handle this that fits with the Secure Boot
> authentication path:
>
> Option 1: Leave it to the OS loader
> We could simply say that if the OS wants to replace the DTB, then it
> should take care of authentication itself within the OS loader (possibly
> the in-kern
On 5/31/19 5:33 PM, Alexander Graf wrote:
>
>
>> Am 31.05.2019 um 17:18 schrieb Ilias Apalodimas
>> :
>>
>> Hi Tom,
>>> On Fri, May 31, 2019 at 11:05:20AM -0400, Tom Rini wrote:
On Fri, May 31, 2019 at 02:40:32PM +0100, Steve McIntyre wrote:
On Tue, May 28, 2019 at 02:04:23PM +0300, Ilia
On 5/31/19 4:47 PM, Ilias Apalodimas wrote:
> Hi Grant,
>> On 24/05/2019 16:28, Ilias Apalodimas wrote:
>>> Hello all,
>>>
>>> Continuing the discussions we had on securing the boot flow and OS as much
>>> as
>>> possible, we came up with the following idea.
>>>
>>> We are currently sorting out wh
> Am 31.05.2019 um 17:18 schrieb Ilias Apalodimas :
>
> Hi Tom,
>> On Fri, May 31, 2019 at 11:05:20AM -0400, Tom Rini wrote:
>>> On Fri, May 31, 2019 at 02:40:32PM +0100, Steve McIntyre wrote:
>>> On Tue, May 28, 2019 at 02:04:23PM +0300, Ilias Apalodimas wrote:
>>
>> The tl;dr purpose
Hi Tom,
On Fri, May 31, 2019 at 11:05:20AM -0400, Tom Rini wrote:
> On Fri, May 31, 2019 at 02:40:32PM +0100, Steve McIntyre wrote:
> > On Tue, May 28, 2019 at 02:04:23PM +0300, Ilias Apalodimas wrote:
> > >> >
> > >> > The tl;dr purpose of my e-mail was 'Is implementing UEFI Secure Boot
> > >>
Hi Grant,
> On 24/05/2019 16:28, Ilias Apalodimas wrote:
> > Hello all,
> >
> > Continuing the discussions we had on securing the boot flow and OS as much
> > as
> > possible, we came up with the following idea.
> >
> > We are currently sorting out what's needed to add UEFI Secure Boot in
> > U
On Tue, May 28, 2019 at 02:04:23PM +0300, Ilias Apalodimas wrote:
>> >
>> > The tl;dr purpose of my e-mail was 'Is implementing UEFI Secure Boot for
>> > the
>> > EFI playloads
>>
>> I think that you'd better explain why you stick to *UEFI* secure boot.
>
>The main reason is distro support. Sin
On 5/31/19 2:12 PM, Francois Ozog wrote:
> Can we just register the OS loader as a UEFI protocol (say LoadGrubImage,
> LoadLinuxImage, LoadAndroidImage), which would do everything needed to
> check the broader environment?
> This becomes usable with both EDKII and U-Boot?
>
> LoadImage is used by
On 31/05/2019 13:12, Francois Ozog wrote:
> Can we just register the OS loader as a UEFI protocol (say
> LoadGrubImage, LoadLinuxImage, LoadAndroidImage), which would do
> everything needed to check the broader environment?
> This becomes usable with both EDKII and U-Boot?
If the protocol (or an
On 31/05/2019 13:20, Sumit Garg wrote:
> On Fri, 31 May 2019 at 17:33, Grant Likely wrote:
>>
>>
>>
>> On 27/05/2019 10:05, Ilias Apalodimas wrote:
>>> Hi Udit,
Hi Ilias
> -Original Message-
> From: Ilias Apalodimas
> Sent: Friday, May 24, 2019 9:57 PM
> To: U
On Fri, 31 May 2019 at 17:33, Grant Likely wrote:
>
>
>
> On 27/05/2019 10:05, Ilias Apalodimas wrote:
> > Hi Udit,
> >> Hi Ilias
> >>
> >>> -Original Message-
> >>> From: Ilias Apalodimas
> >>> Sent: Friday, May 24, 2019 9:57 PM
> >>> To: Udit Kumar
> >>> Cc: boot-architecture@lists.li
Hi Grant,
On Fri, May 31, 2019 at 12:03:42PM +, Grant Likely wrote:
>
>
> On 27/05/2019 10:05, Ilias Apalodimas wrote:
> > Hi Udit,
> >> Hi Ilias
> >>
> >>> -Original Message-
> >>> From: Ilias Apalodimas
> >>> Sent: Friday, May 24, 2019 9:57 PM
> >>> To: Udit Kumar
> >>> Cc: boot
Can we just register the OS loader as a UEFI protocol (say LoadGrubImage,
LoadLinuxImage, LoadAndroidImage), which would do everything needed to
check the broader environment?
This becomes usable with both EDKII and U-Boot?
LoadImage is used by to securely load shim.efi
LoadGrubImage is used by s
On 27/05/2019 10:05, Ilias Apalodimas wrote:
> Hi Udit,
>> Hi Ilias
>>
>>> -Original Message-
>>> From: Ilias Apalodimas
>>> Sent: Friday, May 24, 2019 9:57 PM
>>> To: Udit Kumar
>>> Cc: boot-architecture@lists.linaro.org; Varun Sethi
>>> Subject: Re: [EXT] Securing the boot flow in U
On 24/05/2019 16:28, Ilias Apalodimas wrote:
> Hello all,
>
> Continuing the discussions we had on securing the boot flow and OS as much as
> possible, we came up with the following idea.
>
> We are currently sorting out what's needed to add UEFI Secure Boot in U-Boot.
> This will cover the nex
17 matches
Mail list logo
