[TALK] Xen system boot attestation with DRTM and TPM2
Owner: miczyg
Time: Wed 3:00 PM 8 Jul Final
Location: Palace of Parliament

This presentation will show the progress on developing TrenchBoot, an open-source implementation of DRTM, and how Xen hypervisor fits into the TrenchBoot project. An architecture comprising of purely open-source software beginning with firmware (coreboot), bootloader (GRUB) and virtualized operating system (Xen + Dom0) is being attested using the TPM 2.0. The solution intends to protect and verify the integrity of the software stack by leveraging elements of safeboot (check out safeboot.dev) and dm-verity.