Skip to content

EBBR Notes 2020.08.31

Jump to bottom Edit New page
Grant Likely edited this page Aug 31, 2020 · 5 revisions

Agenda

  • Housekeeping items
  • Issue review
  • EBBR testing progress (Grant)
  • EBBR Scope -- doing a better job to describe the purpose of EBBR
  • DT security profiles (Joakim)
  • Tightening requirements as U-Boot implementation matures (make fewer things optional)
  • Security requirements - Secure boot and secure capsule update

Attendees

  • Takahiro AKASHI (Linaro)
  • Ilias Apopolos (Linaro)
  • Joakim Bech (Linaro)
  • Sughosh Ganu (Arm)
  • Sumit Garg (Linaro)
  • Simon Glass (Google)
  • Ruchika Gupta (NXP)
  • Priyanka Jain (NXP)
  • Grant Likely (Arm)
  • Jose Marinho (Arm)
  • Francois Ozog (Linaro)
  • Atish Patra
  • Heinrich Schuchardt
  • Stuart Yoder (Arm)

Notes

Housekeeping

Meeting Timing

This meeting clashes with the system devicetree meeting. Need to reschedule. Also should look at Asia friendly time zones.

Action: Grant to look at alternate time and possibly alternate weeks with an Asia friendly time slot.

Issue Review

(Notes added to individual issues)

EFI_RNG issue #31

Meta-question: do we require security requirements to EBBR?

  • KASLR won't work without EFI_RNG
  • EBBR has historically dealt only with the firmware->OS interfaces; early boot security is not covered
  • Tentative way forward: Have additional security option to EBBR; patches to be reviewed on list when written.

Testing activity

  • Takahiro wants a compliance test suite for secure boot. -- SCT team no longer exists, and SCT development has stalled -- Stuart: FWTS has some secure boot tests -- Takahiro: That only checks the variable services. Load image isn't covered
  • U-Boot fat driver has a bug in deleting long file names. Causes filesystem corruption when running SCT filesystem tests.

DT Security Profiles

  • Joakim: (might be better as part of DT-Evolution, but still valuable to discuss here)
    • How to we verify DTBs in memory?
      • Immutable DTB?
      • Need some flexibility; and allow for different threat models
      • Proposing separate levels of security. Suggested 6 levels as a starting point
      • Perhaps map to PSA levels
        • Side question: should EBBR map to the same security levels?

Meeting ended at 17:00 BST

Add a custom footer
Add a custom sidebar
Clone this wiki locally