[Kern Meetup Blr] [CFP] : Talk Proposal - Untangling Secure Key Provisioning in U-Boot: Scalable eFuse Programming in Production
53 views
Skip to first unread message
Harsha Vardhan
Nov 20, 2025, 12:16:57 PM (9 days ago) Nov 20
to kernel-meet...@googlegroups.com, k-mala...@ti.com, kha...@ti.com, h-...@ti.com
Hi Team,
Please find my talk proposal for the upcoming Bangalore Linux kernel meetup.
Title
Untangling Secure Key Provisioning in U-Boot: Scalable eFuse Programming in Production
Abstract
Secure provisioning is a foundational step in productizing embedded Linux systems, especially when enabling secure boot and establishing silicon identity through eFuses or one-time programmable (OTP) memory. Yet many teams still rely on manual fuse programming flows that are error-prone and difficult to scale particularly when dealing with complex, vendor-specific fuse maps. This talk explores how modern U-Boot capabilities streamline secure device provisioning in real manufacturing workflows. It introduces an upstream enhancement to U-Boot’s fuse subsystem developed as part of authenticated boot enablement for TI’s K3 AM62L SoC that supports bulk, structured eFuse programming using the fuse writebuff command. This approach makes fuse provisioning more automation-friendly, and suitable for production use. Attendees will gain practical guidance on adopting these device provisioning improvements and integrating U-Boot-based provisioning into factory flows.
Agenda / Key Points to be Elaborated
1. Challenges in Traditional eFuse Programming on Embedded Systems
2. U-Boot’s Existing Fuse Subsystem and Its Limitations in Production Flows
3. Design and Upstream Integration of the 'fuse writebuff' command
4. Structured, Automated Provisioning using Memory Buffers
5. Practical Provisioning and Production Workflow Considerations
Format: Regular Talk (25+5 minutes)
Bio -
Harsha is a security-focused embedded software engineer at Texas Instruments, working on secure boot enablement and secure key provisioning for production platforms. He is an upstream contributor to U-Boot and authored the buffer-based eFuse programming enhancement used in this session. His work spans silicon root-of-trust configuration, cryptographic key management, and lifecycle state enforcement for embedded Linux systems.
Thanks and regards,
Harsha Vardhan V M
Please find my talk proposal for the upcoming Bangalore Linux kernel meetup.
Title
Untangling Secure Key Provisioning in U-Boot: Scalable eFuse Programming in Production
Abstract
Secure provisioning is a foundational step in productizing embedded Linux systems, especially when enabling secure boot and establishing silicon identity through eFuses or one-time programmable (OTP) memory. Yet many teams still rely on manual fuse programming flows that are error-prone and difficult to scale particularly when dealing with complex, vendor-specific fuse maps. This talk explores how modern U-Boot capabilities streamline secure device provisioning in real manufacturing workflows. It introduces an upstream enhancement to U-Boot’s fuse subsystem developed as part of authenticated boot enablement for TI’s K3 AM62L SoC that supports bulk, structured eFuse programming using the fuse writebuff command. This approach makes fuse provisioning more automation-friendly, and suitable for production use. Attendees will gain practical guidance on adopting these device provisioning improvements and integrating U-Boot-based provisioning into factory flows.
Agenda / Key Points to be Elaborated
1. Challenges in Traditional eFuse Programming on Embedded Systems
2. U-Boot’s Existing Fuse Subsystem and Its Limitations in Production Flows
3. Design and Upstream Integration of the 'fuse writebuff' command
4. Structured, Automated Provisioning using Memory Buffers
5. Practical Provisioning and Production Workflow Considerations
Format: Regular Talk (25+5 minutes)
Bio -
Harsha is a security-focused embedded software engineer at Texas Instruments, working on secure boot enablement and secure key provisioning for production platforms. He is an upstream contributor to U-Boot and authored the buffer-based eFuse programming enhancement used in this session. His work spans silicon root-of-trust configuration, cryptographic key management, and lifecycle state enforcement for embedded Linux systems.
Thanks and regards,
Harsha Vardhan V M
Kaiwan N Billimoria
Nov 23, 2025, 12:48:06 AM (6 days ago) Nov 23
to Harsha Vardhan, kernel-meet...@googlegroups.com, k-mala...@ti.com, kha...@ti.com, h-...@ti.com
+1
--
You received this message because you are subscribed to the Google Groups "Kernel Meetup Bangalore" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kernel-meetup-ban...@googlegroups.com.
To view this discussion, visit https://groups.google.com/d/msgid/kernel-meetup-bangalore/CAK1OxRHqsQgMPzKHq8df9n_iUXSpH%3DvQ5R40-1BMT%2BE27_u%2B2g%40mail.gmail.com.
Kamlesh Gurudasani
Nov 25, 2025, 4:07:13 AM (4 days ago) Nov 25
to Kernel Meetup Bangalore, Harsha Vardhan, k-mala...@ti.com, kha...@ti.com, h-...@ti.com, Kaiwan N Billimoria
+1
To view this discussion, visit https://groups.google.com/d/msgid/kernel-meetup-bangalore/CAPDLWs9bket18nFCY9boe40wH3A7jUMkRAnCOoh0o%2BvZtkHQbw%40mail.gmail.com.
Pratham T
Nov 26, 2025, 5:22:36 AM (3 days ago) Nov 26
to Harsha Vardhan, kernel-meet...@googlegroups.com, k-mala...@ti.com, kha...@ti.com, h-...@ti.com
+1
--
Pratham Deshmukh
Nov 28, 2025, 4:02:34 AM (yesterday) Nov 28
to Harsha Vardhan, kernel-meet...@googlegroups.com, k-mala...@ti.com, kha...@ti.com, h-...@ti.com
+1
--
Reply all
Reply to author
Forward
0 new messages