The Linux kernel has over 26 years of development, and in that time a rather large number of licenses as well as license header variants have accumulated in it. Scanners can only guess at what’s meant, and usually a significant amount of manual verification work is needed to “clear” the kernel by companies before they can use it in a product. Last year, the kernel community agreed on using the SPDX ids as a way of moving us towards being able to understand the licensing of the kernel with a “grep”. A brief overview of the state of the kernel licensing cleanup will be presented, as well as tooling available to help. Discussing the kernel subsystems that Linaro is active in, and any problems with applying the SPDX ids in files, will be the focus of the remainder of the session.
YVR18-219: Cleaning up kernel licensing: subsystem by subsystem
BKK19-111 - DRM HW Composer for Beagle X15 BoardTuesday, April 16, 2019
Describing the process of adaptation AOSP DRM HWC to be used on Beagle X15 Board (4.14 kernel).
This can be used as an example of launching the external/drm_hwc on a board: a simple "How to" with the minimun steps required to get the drm_hwc functional.
SAN19-413 - TEE based Trusted Keys in LinuxFriday, October 4, 2019
Protecting key confidentiality is essential for many kernel security use-cases such as disk encryption, file encryption and protecting the integrity of file metadata. Trusted and encrypted keys provides a mechanism to export keys to user-space for storage as an encrypted blob and for the user-space to later reload them onto Linux keyring without the user-space knowing the encryption key. The existing Trusted Keys implementation relied on a TPM device but what if you are working on a system without one?
This session will introduce a Trusted Keys implementation which relies on a much simpler trusted application running in a Trusted Execution Environment (TEE) for sealing and unsealing of Trusted Keys using a hardware unique key provided by the TEE.