Integrating rustBoot with NXP's AHAB - aka `secure boot` in i.MX8 series of chips.

Friday talks: an unstructured talk about adding `rustBoot` support for NXP's AHAB i.e. advanced high assurance boot.

PS: It's also a test-run of my first live-stream. Sorry about the random interruptions and white-mode background.

Benefits:
memory safety: most of the bootloader is written in rust's safe-fragment with a limited set of well-defined api(s) for unsafe HW access and as a consequence, it makes rustBoot immune to a whole host of memory safety bugs. ex: things like parsing image-headers (i.e. container-formats) in rustBoot is much safer.
type-safety: rustBoot takes advantage of rust's powerful type-system to make invalid boot-states, un-representable at compile time and along with constructs such as sealed states, global singletons, it improves the overall security of the entire code-base.
efficient memory-usage with zero dynamic memory allocation (no heap required)

0:00 greetings and stream-setup
7:04 intro to the i.MX8M Nano (DDR4)
9:09 overview - NXP i.MX8M boot-flow
18:45 side-note on documentation for NXP i.MX8M secure boot
20:00 i.MX8 secure boot guide for AHAB
43:20 cortex-a rustBoot implementation
48:00 cryto stuff - trust anchor, OTP memory and bootROM
1:04:15 overview of existing cortex-a impl for rpi4
1:05:29 shout-out to Andre Richter for his raspberry-pi tutorials
1:07:35 full walkthrough of cortex-a impl for rpi4
1:36:30 questions and note on future work for i.mx8m

#rust #secureboot #crypto #hardware #embeddedsystems #programming

Credits:
rustBoot repo: https://nihalpasham.github.io/rustBoo...
i.MX 8, i.MX 8X Secure Boot guide using AHAB - https://bit.ly/3WwLqkI