BMC- secure boot

ratagupt
Guppy

Posts: 87

BMC- secure boot Jun 29, 2022 9:19:21 GMT

Quote

Post by ratagupt on Jun 29, 2022 9:19:21 GMT

Hi Team,

How can we model the secure boot on the BMC, I have seen the secure boot schema "https://redfish.dmtf.org/schemas/SecureBoot.v1_1_0.json" but seems this is mainly for the host side.
Can we extend it for BMC too where BMC supports the secure boot? OpenBMC is based on AST2600 which supports secure boot.

mraineri
Administrator

Posts: 1,134

BMC- secure boot Jun 29, 2022 13:37:43 GMT

Quote

Post by mraineri on Jun 29, 2022 13:37:43 GMT

"Secure Boot" is specifically UEFI Secure Boot, and you're right in that it's meant for the host side of things.

When you're referring to secure boot for the AST2600, do you really mean UEFI Secure Boot, or is it a hardware root of trust that you're trying to show?

ratagupt Guppy Posts: 87	BMC- secure boot Jun 30, 2022 9:54:28 GMT Quote Select Post Deselect Post Link to Post Back to Top Post by ratagupt on Jun 30, 2022 9:54:28 GMT Mike, You got it correctly, it is hardware root of trust.

mraineri Administrator Posts: 1,134	BMC- secure boot Jun 30, 2022 12:40:00 GMT Quote Select Post Deselect Post Link to Post Back to Top Post by mraineri on Jun 30, 2022 12:40:00 GMT Right now the published schemas do not have a method for this. We can certainly take this as feedback and discuss how to model such a component.

Post by ratagupt on Jun 29, 2022 9:19:21 GMT

Post by mraineri on Jun 29, 2022 13:37:43 GMT

Post by ratagupt on Jun 30, 2022 9:54:28 GMT

Post by mraineri on Jun 30, 2022 12:40:00 GMT