Back To Schedule
Monday, August 19 • 9:50am - 10:30am
TrenchBoot - How to Nicely Boot System with Intel TXT and AMD SVM - Daniel Kiper, Oracle & Daniel Smith, Apertus Solutions*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It reduces the attack surface introduced by platform firmware.

TrenchBoot contributors are working to add SecureLaunch boot capability to the Linux kernel, making it capable of using Intel TXT or AMD SVM Secure Launch for platform hardware security. This will enable a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure.

This talk introduces the TrenchBoot architecture, the role of SecureLaunch, the goals that drove its development, and some examples how both can increase the platform security. Within this discussion, mechanisms will be presented on how DRTM-enabled capabilities for client, server and embedded platforms may be integrated into Linux distributions.

avatar for Daniel Smith

Daniel Smith

Chief Technologist, Apertus Solutions
Daniel Smith began using Linux in 1997, building Linux-based endpoint security solutions in 2004 and contributing to the OpenXT virtualization platform in 2014, later serving as release manager for OpenXT 7.0. He developed the first open-source implementation of DRTM forward sealing... Read More →
avatar for Daniel Kiper

Daniel Kiper

Software Developer, Oracle
Daniel Kiper works as software developer for Oracle. He is TrenchBoot technical leader inside Oracle. He is also one of GRUB2 maintainers. Earlier he worked on kexec, kdump, makedumpfile, crash tool and memory hotplug development.

Monday August 19, 2019 9:50am - 10:30am PDT
Sapphire D
  Refereed Presentation
  • Session Slides Included Yes