Let’s continue measuring where we left off, move from the bootloader side to the kernel world, and try out the IMA, integrity measurement subsystem in Linux.
Continue reading...yocto
Fuzzing Remote Targets with Syzkaller
This is the promised follow-up to my earlier Syzkaller text. This time I’ll show how to make Syzkaller work on an actual hardware that is not emulated.
Continue reading...Adding Key-Based SSH Authentication to Yocto
This text is supposed to be a quick crash course on the different keys used in SSH servers, and how to generate and use them in Yocto.
Continue reading...Fuzzing Yocto Kernel Modules with Syzkaller
As a follow-up to my black-box fuzzing text, I will present a more accurate approach to fuzzing using Syzkaller and grey-box fuzzing.
Continue reading...Raspberry Pi 4, LetsTrust TPM and Yocto
Getting LetsTrust TPM module working with Yocto was fairly simple but there were a few things I learned along the way that may be worth sharing.
Continue reading...Yocto Hardening: Measured Boot
So far we have mostly been focusing on hardening the kernel and userspace, but this time we will zoom out a bit and take a look at securing the entire system.
Continue reading...Yocto Emulation: Setting Up QEMU with TPM
Last time we got QEMU to launch u-boot, started kernel, and mounted a virtual drive. This time we are “just” going to add a TPM device to the virtual machine.
Continue reading...Yocto Emulation: Setting Up QEMU with U-Boot
Yocto provides a script for using QEMU in the form of runqemu. However, that script just boots up the kernel using whatever method QEMU considers the best.
Continue reading...Yocto Hardening: Kernel and GCC Configuration
This time we’re going to be doing two things to improve the security: hardening the Linux kernel, and setting hardening flags for GCC.
Continue reading...Aioli Audiostreamer: Music To The People
Instead of getting the streaming working robustly, I chose to add a Bluetooth connection between the Raspberry Pi and an external audio source.
Continue reading...
