SAN19-105 - Integrating UEFI services with ATF and u-boot FIT on mbed Linux

Session Abstract

A discussion on proposed adoption of UEFI secure boot and capsule update mechanisms in conjunction with u-boot FIT and ATF root-of trust on a high security Linux system.
- What benefits does adding UEFI secure boot to the mix bring ?
- What benefits does adding UEFI capsule update bring ?
- EFI stub booting ?
- Is grub required ?
- Does the UEFI secure boot method bring additional security over straight u-boot FIT image signing
- Does capsule update provide the right path to isolate user-space Linux from low-level device specific update logic ?

Session Speakers

Bryan O'Donoghue

Software engineer (Linaro)

Embedded developer, Linux, u-boot, zephyr, ATF, OP-TEE.
Linaro member services.

comments powered by Disqus