Boot chain security | Any progress to get rid of the untrusted state?

It’s good to look forward for new features, but I read here and there everytime the phrase “privacy and security” OS in relation to SFOS. With the current state of the boot process (e.g. Sony devices) I do not
see such “protection” of users data respectively privacy.

Are there any attempts to work with Sony to get rid of the untrusted state in the boot chain? How do Jolla’s customers (companies) handle such deficiency? Do they get/use a signed image? I personally would pay 20% more for the license, if that mentioned here could be addressed. If this helps to push this forward … any hints? Thanks.

I doubt Sony will ever sign Jolla’s keys or add them to bootloader.
They can’t control it, so won’t happen.

And J probably wouldn’t accept to get Sony to sign every update, knowing how fast and non-bureaucratic Sony is.

Could the bootloader be replaced with another one? Or is there also some protection to prevent that.

I would assume there is some kind of lowest possible level security feature that prevents bootloader from executing on power up, unless it is signed by Qualcomm either by the key they use for Sony’s bootloader or some possible oversight left behind engineering test key.

That is kind of the point with bootloaders, there is some hardware TPM / SPU to prevent one from doing that, it may be stored and fused in the CPU / SoC.

This was just discussed in the community meeting. Jolla said this is something Sony would have to provide.

https://irclogs.sailfishos.org/meetings/sailfishos-meeting/2023/sailfishos-meeting.2023-02-16-08.00.txt

Thanks for the pointer. Sure, the upstream project must provide such change, but did Jolla requested it? On Sony’s page I can not find a channel to ask for it. Does Jolla have a contact point to do it? This is also in Jolla’s interest - its a big selling feature! Anyway, it will take time …

I found this link that gives some info how boot process starts on ARM architecture.