11:00
-
11:10
-
11:10
Day 2
Tamper-resistant factory data from the bootloader
<p>Secure-boot chains in embedded systems have largely converged on common building blocks like FIT, dm-verity or UKIs.</p>
<p>The bootloader is anchored in hardware trust, then verifies an operating system image, and the chain continues, eventually covering the application.</p>
<p>But there is a gap when it comes to adding unit-specific bits of information, such as per-device configuration, hardware calibration, or MAC addresses needed early in boot.</p>
<p>In this segment, I present the TLV framework recently added to the barebox bootloader, to which I contributed signature support. It allows device-specific key-value pairs to become part of the secure-boot chain from early on, providing the system with authenticated, replay-protected per-unit data.</p>
<p>This short presentation discusses
- factory data and its relevance to a secure-boot chain
- the barebox implementation using a signed Tag-Length-Value format
- when and how to prevent interchange of TLV blobs across units
- integration of the new feature</p>