On Sat, Apr 27, 2019 at 09:56:08AM +0200, Alexander Graf wrote:
>
> >>> UEFI gets a bad rap at being complicated, but I think the U-Boot work
> >>> has shown that implementing the core UEFI ABI doesn't require much code
> >>> and isn't the complicated mess they everyone fears it to be.
> >> Depend
Hi,
> > > Background: during the last Linaro connect in Bangkok I was told
> > > that Linaro Edge (LEDGE) were working on a secure software update
> > > mechanism based on UEFI capsules that would flash firmware updates
> > > from a UEFI application, instead of using a Linux agent such as
> > > SW
On 26.04.19 15:46, Heinrich Schuchardt wrote:
>
> On 4/26/19 1:21 PM, Jan Kiszka wrote:
>> On 26.04.19 12:21, Grant Likely wrote:
>>> On 26/04/2019 10:49, Jan Kiszka wrote:
On 26.04.19 11:07, Francois Ozog wrote:
>>> [...]
> Here are the guiding principles of our efforts :
> 0) we wan
On 4/26/19 1:21 PM, Jan Kiszka wrote:
> On 26.04.19 12:21, Grant Likely wrote:
>> On 26/04/2019 10:49, Jan Kiszka wrote:
>>> On 26.04.19 11:07, Francois Ozog wrote:
>> [...]
Here are the guiding principles of our efforts :
0) we want a cross architecture (x86/Arm/...), cross vendor and
On Fri, 26 Apr 2019 at 11:49, Jan Kiszka wrote:
> On 26.04.19 11:07, Francois Ozog wrote:
> > On Fri, 26 Apr 2019 at 10:30, Christian Storm
> > wrote:
> >>
> >> Hi,
> >>
> > Background: during the last Linaro connect in Bangkok I was told
> > that Linaro Edge (LEDGE) were working on a se
On 26.04.19 12:21, Grant Likely wrote:
On 26/04/2019 10:49, Jan Kiszka wrote:
On 26.04.19 11:07, Francois Ozog wrote:
[...]
Here are the guiding principles of our efforts :
0) we want a cross architecture (x86/Arm/...), cross vendor and cross
processor model update solution
1) untrusted world
- team-le...@linaro.org as it is now a public discussion
On Fri, 26 Apr 2019 at 12:21, Grant Likely wrote:
> On 26/04/2019 10:49, Jan Kiszka wrote:
> > On 26.04.19 11:07, Francois Ozog wrote:
> [...]
> >> Here are the guiding principles of our efforts :
> >> 0) we want a cross architecture (x86/
On 26/04/2019 10:49, Jan Kiszka wrote:
> On 26.04.19 11:07, Francois Ozog wrote:
[...]
>> Here are the guiding principles of our efforts :
>> 0) we want a cross architecture (x86/Arm/...), cross vendor and cross
>> processor model update solution
>> 1) untrusted world cannot update trusted world
>
On 26.04.19 11:07, Francois Ozog wrote:
On Fri, 26 Apr 2019 at 10:30, Christian Storm
wrote:
Hi,
Background: during the last Linaro connect in Bangkok I was told
that Linaro Edge (LEDGE) were working on a secure software update
mechanism based on UEFI capsules that would flash firmware updat
On Fri, 26 Apr 2019 at 10:30, Christian Storm
wrote:
>
> Hi,
>
> > > > Background: during the last Linaro connect in Bangkok I was told
> > > > that Linaro Edge (LEDGE) were working on a secure software update
> > > > mechanism based on UEFI capsules that would flash firmware updates
> > > > from
Hi Jan, Francois:
Grant: thanks!
> From: Jan Kiszka
> On 24.04.19 03:23, daniel.sangor...@toshiba.co.jp wrote:
> > Hello Francois, Jan, Christian, and all
> > EFI Boot Guard is now shipped in quite a few devices, to my knowledge not
> > only at
> > Sorry for the late reply, I was waiting for t
On 24/04/2019 02:23, daniel.sangor...@toshiba.co.jp wrote:
> Hello Francois, Jan, Christian, and all
>
> Sorry for the late reply, I was waiting for the administrator of the Boot
> Architecture mailing list to accept my subscription request, but it seems it
> will take a bit more time. I will se
[prolonging the CCs with the efibootguard mailing list]
On 24.04.19 03:23, daniel.sangor...@toshiba.co.jp wrote:
Hello Francois, Jan, Christian, and all
EFI Boot Guard is now shipped in quite a few devices, to my knowledge not only at
Sorry for the late reply, I was waiting for the administrat
Hello Francois, Jan, Christian, and all
Sorry for the late reply, I was waiting for the administrator of the Boot
Architecture mailing list to accept my subscription request, but it seems it
will take a bit more time. I will send this reply and hope it will not be
blocked. I have also added the
On Tue, Apr 23, 2019 at 9:15 AM Francois Ozog wrote:
>
> Thanks Heinrich,
>
> I now see how EFIBootGuard integrates in the secureboot process.
>
> If we wan to push integrity checking beyond executable image, for instance
> validating:
>
>- Linux initrd and commandline
>- grub modules and
Thanks Heinrich,
I now see how EFIBootGuard integrates in the secureboot process.
If we wan to push integrity checking beyond executable image, for instance
validating:
- Linux initrd and commandline
- grub modules and configfile.
- efibootguard configuration files
It starts to look ha
On Fri Apr 19 10:48:51 UTC 2019
François Ozog wrote
> We will be conducting a UEFI gap analysis to support EFIBootGuard in
> U-Boot.
>
> As we are working on UEFI SecureBoot implementation in U-Boot, how do
> you expect the boot process to be secured? Would U-Boot UEFI
> SecureBoot verify EFIBootG
Hi Daniel,
We will be conducting a UEFI gap analysis to support EFIBootGuard in U-Boot.
As we are working on UEFI SecureBoot implementation in U-Boot, how do
you expect the boot process to be secured? Would U-Boot UEFI
SecureBoot verify EFIBootGuard signature and in turn EFIBootGuard will
check e
18 matches
Mail list logo
