Ambala, Haryana, India
Experienced Linux based systems developer with deep dive into kernel security, trusted execution environments and embedded toolchain. Experienced trainer for OpenEmbedded/Yocto, OP-TEE and Trusted Firmware - A training courses. Involved as a product security architect for an e-paper tablet device targeting enterprise and retail customers. Worked on Linux Board Support Packages (BSPs) for various Arm based SoCs coming from different silicon vendors: Qualcomm, NXP, TI, Renesas, Socionext etc. Involvement in interesting research work regarding Fully Homomorphic Encryption (FHE) accelerators to cater to future security use-cases like Confidential AI, secure electronic voting, protecting user's data privacy etc. Presented talks at OSS India 2025, OSS NA 2025, EOSS 2024, Linux Plumbers 2022, Arm dev summit 2021 and several Linaro Connect events. Open source contributions: ----------------------------------------- Linux kernel: - Reviewer for TEE kernel subsystem. - Maintainer for TEE based Trusted Keys. - Author of TEE bus driver framework. - Maintainer for OP-TEE based HWRNG driver. - Contributions to kernel debugger (kgdb). - pseudo NMI debugging features for arm64 eg. hard-lockup detector. edk2/UEFI: - Qualcomm subsystem maintainer. - Author of OP-TEE driver. - Author of OP-TEE based RNG driver. U-Boot: - OF_UPSTREAM DT maintainer. - Reviewer for Qualcomm subsystem, maintaining multiple SoCs support. OpenEmbedded: - meta-arm-toolchain layer maintainer. - Author of ARM GCC 9.2 toolchain support in meta-linaro and meta-arm layers. OP-TEE: - Enabled Rust no-std language support for Trusted Applications. - Maintainer of ftrace debugging framework. - Platform maintainer (Qualcomm, Socionext: DeveloperBox, Renesas: RZ/N1). Trusted Firmware-A (TF-A): - Maintainer of I/O firmware encryption framework. - Platform maintainer (Qualcomm, SynQuacer SoC). Linux test project (LTP): - Notable contributor to LTP 20190517 release (https://github.com/linux-test-project/ltp/releases/tag/20190517). GitHub: https://github.com/b49020 Overall contribution via mailing lists: https://patches.linaro.org/team/no-team/?submitter=9254&state=*&page=1 Credly badges: https://www.credly.com/users/sumit-garg.bb95def8/badges#credly
Role: Open source boot and security architect ————————————————————————- - Bringing open source boot firmware chain alive on Qcom platforms across different BUs - Contributing and taking on Qcom platform maintainer role for various firmware projects like: - Trusted-Firmware-A - OP-TEE - edk2 - U-Boot - Playing a key role in open source security solutions in the Linux kernel via TEE (OP-TEE/QTEE) based services. - End-to-end secure DRM media pipeline - Secure key/crypto operations (TEE based PKCS#11 tokens).
Project work: --------------------- - Involved as a product security architect for an e-paper tablet device targeting enterprise and retail customers. - Successful enablement of secure video pipeline (DRM) solution on NXP iMX8MQ SoC. - Enabled U-Boot support for various Qualcomm SoCs (QCS404, APQ8016, SDM845c etc) - Enabled Secure boot solution on Qualcomm QCS404 SoC - Enabled EFI measured boot and dual bank Over the Air (OTA) firmware update solution for TI AM64x SoC. - Added PCIe driver support in U-Boot for iMX8MP SoC. Involvement in interesting research work regarding Fully Homomorphic Encryption (FHE) accelerators to cater to future security use-cases like Confidential AI, secure electronic voting, protecting user's data privacy etc. The major idea beneath FHE crypto algorithms is that it allows operations on encrypted user data so that the user doesn't need to share data with cloud service providers in plain format.
Platform Security: ---------------------------- - Developed OTA firmware update solution for server systems via BMC. - Introduce TEE based Trusted keys in Linux. - Developed innovative hardware RNG solution based on sensor noise. - Introduced TEE bus framework in Linux kernel. - Introduced I/O firmware encryption feature in TF-A. - Introduced encryption and rollback protection features for Trusted Applications in OP-TEE. Toolchain: --------------- - Enabled support for ARM GCC toolchain support in OpenEmbedded meta-linaro and meta-arm layers. Debugging: ------------------ - Introduced function tracer (ftrace) debugging framework in OP-TEE. - Developed innovative NMI debugging capabilities for arm64 leveraging pseudo NMIs.
Worked on ARM platform security(ARM Trustzone). Specifically on secure boot and run time platform security termed as TEE(Trusted Execution Environment). NXP's ARMv7 and ARMv8 platforms maintainer in OP-TEE github open source project. For details refer to following link: https://github.com/OP-TEE/optee_os/blob/master/MAINTAINERS.md Experience on PCIe based embedded device booting. Developed bare metal Boot ROM source code to run on Cortex M4 (ARMv7-M architecture) based SoC. Experience in enabling Secure Boot on ARMv8 architecture based SoC. Contributions in u-boot (boot-loader) denx open source community. For details refer to following link: https://patchwork.ozlabs.org/project/uboot/list/?series=&submitter=68653&state=*&q=&archive=&delegate= Good understanding of Cryptographic algorithms like RSA, ECC, AES, SHA etc. Experience in development of PKCS (Public Key Cryptography Standards) based Linux use-space library.
Worked as an software developer and functional level tester for Blackbox LTE Layer-1 testing software under productization team at freescale semiconductor pvt. ltd.