Posted on Thu 13 March 2025 in UEFI • Tagged with Bootloaders, Security, U-Boot, UEFI • 3 min read
U-Boot, in most of the supported architectures, relocates itself on top of DRAM but leaves the memory as RWX
Arm64 is a notable exception
Posted on Fri 21 January 2022 in UEFI • Tagged with Bootloaders, Security, U-Boot, UEFI, TPM, Measured Boot, Secure Boot • 5 min read
UEFI Secure and measured Boot is the minimal basis for a trustworthy device nowadays.
Let's take a look on how modern U-Boot with the help of OP-TEE can provide that without any specialized hardware.
Posted on Tue 31 August 2021 in UEFI • Tagged with Bootloaders, Security, U-Boot, UEFI, TPM • 5 min read
TPMs are starting to play an important role in system security and integrity.
So let's take a look on the latest U-Boot additions enabling TPMs when booting with UEFI
Posted on Sat 19 December 2020 in UEFI • Tagged with Bootloaders, Security, U-Boot, UEFI, Arm • 5 min read
Critical system variables, like the UEFI ones, must be protected against a variety of attacks.
On Arm servers and desktops, which typically run EDK2, dedicated flashes are used. Those
would normally be accessible from the secure world only, since they are storing critical
variables for our systems integrity and security.
But what's the status of devices running on U-Boot?