August 27 - 28 - Vancouver, BC, Canada
Click for Information & Registration
Back To Schedule
Tuesday, August 28 • 9:10am - 9:50am
Using the TPM NVRAM to Protect Secure Boot Keys in POWER9 OpenPOWER Systems - Claudio Siqueira de Carvalho, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In OpenPOWER systems, most firmware code used to boot the platform OS is stored in the processor flash memory (PNOR). Although PNOR is non-volatile memory, it is unprotected. In order to secure boot the platform OS, it is well known that only platform OSs signed with authorized keys should booted. However, saving the authorized keys in a secure non-volatile memory is as important as using them to verify the platform OS. In this presentation, Claudio Carvalho will show how the shielded non-volatile memory (NVRAM) of the Trusted Platform Module (TPM) has become essential in OpenPOWER systems to protect the secure boot keys stored in PNOR. This discussion includes design and implementation aspects that are both currently in progress for the OpenPOWER firmware and the Linux Kernel layers.

avatar for Claudio Siqueira de Carvalho

Claudio Siqueira de Carvalho

Secure and Trusted Boot Developer, LTC, IBM
Claudio Carvalho is a brazilian Linux enthusiastic with over 15 years of experience in the Linux field. He started his career as a package builder during his Master's degree at the University of Campinas, building packages for Linux distributions based on Arch and Debian. In 2011... Read More →

Tuesday August 28, 2018 9:10am - 9:50am PDT
Room 301
  Refereed Presentations
  • Experience Level Any