2025-12-03 –, Walnascar
Previous presentations at the Yocto Summit on Secure Boot have primarily focused on what Secure Boot is. This presentation instead walks a developer through the step-by-step process to generate a Poky (walnascar) build that supports Secure Boot.
After briefly introducing Secure Boot and meta-secure-core, dive into project creation. I will create a genericx86-64 build and demo how to provision the keys and secure boot on hardware. Then I will create an intel-corei7-64 build (using meta-intel) showing changes required to use that machine. After demoing booting intel-corei7-64, I’ll show how to generate your own keys instead of using the sample keys provided. Lastly, I’ll walk through how to change the Grub password from the default.
Trademarks displayed in this presentation are the property of their respective owners. No claim of ownership is intended, and all recognized trademarks, logos, and service marks belong to the companies or individuals to whom they are registered.
I have 20 years of embedded software experience, using the Yocto Project for the last 4 years. I specialize in drivers, Board Support Packages (BSPs), board bring up and operating system configuration.