*PLEASE NOTE: ALL SESSION TIMES ARE LISTED IN UTC by default*
We recommend changing the setting to your local timezone by going to the "Timezone" drop down menu on the right side of this page
***You will not be able to view any session streaming links unless you are REGISTERED and LOGGED in to Sched.***Register at connect.linaro.org and you will receive an invite from Sched.com to login.
Slack channel for session LVC20-302: https://linaroconnect.slack.com/archives/C01BK3BKHA5
Description: UEFI Secure boot is a verification mechanism for ensuring that code launched by the device firmware is trusted and that each efi payload loaded is validated. According to the UEFI Spec these keys, certificates against which the images are verified are stored as Authenticated Variables in UEFI. UEFI Authenticated Variable is designed to provision and maintain the UEFI secure boot status.
An authenticated variable implementation requires an isolated execution environment to do the authentication and update variables. Up to now using a secure flash for variable, implied disabling a Secure OS, since the mechanism for storing variables and running a Trusted OS is mutually exclusive.
Management Mode (MM) is a generic term used to describe a secure isolated execution environment provided by the CPU and related silicon that is entered when the CPU detects a MMI. - For x86 systems, this can be implemented with System Management Mode (SMM). - For ARM systems, this can be implemented with TrustZone (TZ).
So with Management Mode, we can say that core provides a Secure Partition kind of thing to run Secure Software.
In this presentation we will discuss how on ARM based systems, OP-TEE provides a Secure Partition kind of environment to run software for saving authenticated variables