← Back to context

Comment by flto

20 hours ago

> Also your boot-chain is still closed and proprietary

Nowadays the entire thing until you land in EL1 needs to be signed by Qualcomm as well. This is without "Secure Boot" enabled. OEMs only get to run code under the hypervisor. And you might want to use a part of the hardware but someone decided the VM your code runs in shouldn't have access to that, too bad.

5 comments

flto

Reply
my123  15 hours ago

not all true. And Qualcomm taking over EL2 is optional now

  • flto  14 hours ago

    What is not true?

    EL2 is still locked down for the chip this post is about, AFAIK. And everything else is is staying locked.

    • my123  13 hours ago

      AFAIK Google runs their own EL3 on the Snapdragon Chromebooks. (And KVM at EL2)

      Lots of this is customer dependent but what you say is true for the typical android phone config that most use

      2 replies →