💾 Archived View for gemini.bortzmeyer.org › fosdem › event-11646.gmi captured on 2023-03-21 at 01:06:31. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-17)
-=-=-=-=-=-=-
Daniel Axtens and Cezary Sobczak
Type devroom
Starts on day 2 (2021-02-07) at 14:00 (Brussels time, UTC+1) in room Firmware (duration 00:45)
Matrix room #firmware:fosdem.org
Much of the Secure and Trusted Boot ecosystem is built around UEFI. However, not all platforms implement UEFI, including IBM's Power machines.
In this talk, I will talk about my team's ongoing work on secure boot of virtual machines on Power. This is an important use case, as many Power machines ship with a firmware hypervisor, and all user workloads run as virtual machines or "Logical Partitions" (LPARs).
Linux Virtual Machines on Power boot via an OpenFirmware (IEEE1275) implementation which is loaded by the hypervisor. The OpenFirmware implementation then loads grub from disk, and grub then loads Linux. To secure this, we propose to: