Using Linux as a Secure Boot Loader for OpenPOWER Servers

Explore the implementation of Linux as a secure boot loader for OpenPOWER servers in this conference talk. Delve into the Integrity Management Architecture (IMA) subsystem and its limitations, including the inflexibility of the "secure_boot" command line option and build time policies. Learn about the challenges in supporting run-time decisions based on firmware's secure boot settings and the limitations of IMA-appraisal in verifying file signatures. Discover the proposed solutions and patch sets that address these issues, providing a comprehensive approach to using Linux as a secure boot loader. Gain insights from IBM experts Nayna Jain and Thiago Jung Bauermann as they share their expertise in Linux kernel integrity, trusted computing, and POWER architecture development.

Using Linux as a Secure Boot Loader for OpenPOWER Servers - Nayna Jain, IBM & Thiago Jung Bauermann