yocto

Yocto Hardening: Measured Boot

So far we have mostly been focusing on hardening the kernel and userspace, but this time we will zoom out a bit and take a look at securing the entire system.

August 27, 2024 by ejaaskel Yocto

Yocto Emulation: Setting Up QEMU with TPM

Last time we got QEMU to launch u-boot, started kernel, and mounted a virtual drive. This time we are “just” going to add a TPM device to the virtual machine.

April 20, 2024 by ejaaskel Yocto

Yocto Emulation: Setting Up QEMU with U-Boot

Yocto provides a script for using QEMU in the form of runqemu. However, that script just boots up the kernel using whatever method QEMU considers the best.

April 1, 2024 by ejaaskel Yocto

Yocto Hardening: Kernel and GCC Configuration

This time we’re going to be doing two things to improve the security: hardening the Linux kernel, and setting hardening flags for GCC.

November 8, 2023 by ejaaskel Yocto

Aioli Audiostreamer: Music To The People

Instead of getting the streaming working robustly, I chose to add a Bluetooth connection between the Raspberry Pi and an external audio source.

October 31, 2023 by ejaaskel Aioli

Yocto Hardening: Firewalls, Part 2: firewalld

Find all of the Yocto hardening texts from here! People often ask me two things. The first question is “Why did you choose to write this...

September 16, 2023 by ejaaskel Yocto

Yocto Hardening: Firewalls, Part 1: nftables

Find all of the Yocto hardening texts from here! The eternal task of making the Yocto Linux build an impenetrable fortress continues. Next, we’ll look into...

September 9, 2023 by ejaaskel Yocto