On 14 Dec 2016, at 12:42 PM, Jeff Waugh <jdub@bethesignal.org> wrote:

On Wed, Dec 14, 2016 at 12:39 PM, Daniel P Potts <daniel.potts@gmail.com> wrote:
That was me - just didn’t want to spam the list. LK is used on some ARM mobile devices, and we are working on a variant that helps with chain of trust and running production code.

It was an interesting answer though! :-)

Some questions if you're able to answer them: Have you built the bootloading pieces yourself, or using existing code / loading protocol? Do you still use seL4's elfloader?

LK has a lot of good building blocks for signed boot signature checking, so most of the important parts use what’s already existing code there. I’m unsure if this (bootloader) is sufficient though for a trustworthy system running seL4.

Generally we’d boot run an OS/kernel’s expected bootloader rather than have to hack it around too much, so in the case of seL4 we’d most likely leave its elfloader alone.