Protected UEFI Variables With U-BootMonday, January 4, 2021
Critical system variables, like the UEFI ones, must be protected against a variety of attacks. On Arm servers and desktops, which typically run EDK2, dedicated flashes are used. Those would normally be accessible from the secure world only, since they are storing critical variables for our systems integrity and security. But what's the status of devices running on U-Boot?