On 04/01/2017 04:55 PM, Trammell Hudson wrote: > On Sat, Apr 01, 2017 at 07:43:40PM +0000, ron minnich wrote: >> Annnnnnnd with the linux payload we're back to linuxbios :-) > It was a good idea in 1999, and it is still a good idea.
We *may* party like it's 1999 in 2017 then... >> For a payload chooser and such I can offer two options: >> 1) petitboot has a boot menu type thing >> 2) u-root (u-root.tk) is going to have a boot menu type thing, as we've >> been asked to do one. > Heads is coming along in usability and has a strong focus on securing > the boot process through TPM measurement and using the flash security > features. Trammell, One of the three reasons we are including TPM in hardware is because of your great talk at 33c3 on Heads! But I failed to see that it offered "boot menu type thing" > It fits the 4.9.20 Linux kernel + initrd into 4 MB, including > all of the crypto, networking and other features. The eventual user > kernel (or Xen hypervisor and dom0 kernel) are GPG verified and invoked via > kexec for a slightly more secure, legacy free boot process. So this is referring more about "linux payload" than "boot menu type thing" correct? > More docs are online and pull requests are always appreciated: > > http://osresearch.net/ > What we are looking at is to include or develop a solution that accomplishes these goals: 1) allows us to skip most of vbios (but sounds like still needs the VBT) 2) deliver a payload that has a path toward securing the boot process (e.g. Heads) 3) deliver a payload that can still offer a user to install their own OS (thus allowing user-configuration and control) Thanks for writing! Todd.
signature.asc
Description: OpenPGP digital signature
-- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
