2019-09-04 –, Security
In this paper, we are going to explain TrenchBoot implementation for AMD and
prove a boot chain leveraging it. We will outline how this solution coexists
with open-source firmware like coreboot in flash, explain required bootloader
extension based on GRUB2 implementation, discuss Landing Zone (LZ) secure
loader implementation and required Linux kernel modifications.
Finally, we will explain what benefits this solution has over the previous OSLO,
Flicker, Soft Cards and others.
Piotr Król is Founder and Embedded Systems Consultant at 3mdeb - the licensed provider of coreboot consulting services. He attained M. Sc. degree in Computer Systems Networking and Telecommunication after graduating from the Gdańsk University of Technology. After working as Storage Controllers Validation Engineer and BIOS Software Engineer in Intel Technology Poland for over 7 years, he created his own consulting business focused on Embedded Firmware (coreboot, UEFI/EDK2/BIOS) and Embedded Linux (Yocto, Linux Device Drivers, Qt/C++/Go/Python applications). He combines his work and passion building firmware that
enables advanced hardware features and follows best security practices. His team maintains PC Engines platforms in coreboot and actively work on and contribute to Open Source Firmware. Feel free to contact Piotr if you have any questions about the related topic.