Cezary Sobczak

Disaggregated computing today relies more on add-in-cards like FPGAs/Smart NICs/xPUs. Traditionally add-in-cards have relied on IPMI based manageability solutions. However, the newer standards from DMTF (PMCI protocol stack) provide more robust and scalable solutions for add-in card manageability. SPDM provides the attestation and secure communication channel between the BMC and the add-in cards. MCTP/PLDM stack provides mechanisms for the BMC to auto discover card’s capabilities and carry out manageability functions like sensor monitoring, event logging, firmware updates etc. This provides significant advantage over IPMI which lacked secure communications and had limitations on supporting advanced high speed interfaces like PCIe and had limitations on number of sensors it could support.

We plan to present on how add-in-cards can be managed through PMCI protocols and how do we model the add-in-cards’ manageability functions in a way a DataCentre orchestration software can consume it (i.e. Redfish modelling of add-in-cards). The implementation is planned for OpenBMC and a variety of Add-In-Cards can be supported through a standard manageability model.

Much of the Secure and Trusted Boot ecosystem is built around UEFI. However, not all platforms implement UEFI, including IBM's Power machines.

In this talk, I will talk about my team's ongoing work on secure boot of virtual machines on Power. This is an important use case, as many Power machines ship with a firmware hypervisor, and all user workloads run as virtual machines or "Logical Partitions" (LPARs).

Linux Virtual Machines on Power boot via an OpenFirmware (IEEE1275) implementation which is loaded by the hypervisor. The OpenFirmware implementation then loads grub from disk, and grub then loads Linux. To secure this, we propose to:

• Teach grub how to verify Linux-module-style "appended signatures". Distro kernels for Power are already signed with these signatures for use with the OpenPower 'host' secure boot scheme.

• Sign grub itself with an appended signature, allowing firmware to verify grub.