Security

From coreboot
Jump to navigation Jump to search

The wiki is being retired!

Documentation is now handled by the same processes we use for code: Add something to the Documentation/ directory in the coreboot repo, and it will be rendered to https://doc.coreboot.org/. Contributions welcome!

This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.

This page is work in progress!

Common security features

  • Boot password (like BIOS password)
  • Signature verification - option to boot from payload only signed images

Bayou / coreinfo / GRUB2 have "BIOS password"-like feature, using SHA-1 hashes stored in NVRAM or the (flash) ROM chip. GRUB2 can also do signature verification of on-disk operating systems. TianoCore could probably be adapted to support either, too.

Both features are in the payload domain since coreboot doesn't provide a user interface.

  • RAM wiping after each boot

This is not very useful: The most interesting time would be right before power-off, which could be implemented in SMM. Unfortunately a cautious attacker just pulls the plug.


To prevent reading data after a reboot, a payload could be adapted to clean out memory. Using applications that manage sensible data sensibly (ie. wipe after use) is still a better solution.

  • Support booting from encrypted block devices/volumes

GRUB2 can do that.

Current BIOS issues

RAM wiping

SMI issues

ATA issues

Firewire issues

TPM issues