SlideShare a Scribd company logo

Open Source Firmware - oSC19

Daniel Maslowski, profile picture
Daniel Maslowski

Daniel Maslowski introduces the first Open Source Firmware Conference in Erlangen, Germany, highlighting its key features like the participation of ~200 individuals and sponsorship from OpenSUSE. The document addresses the challenges and issues related to firmware updates among vendors, emphasizing the importance of open source firmware projects like U-Boot, Coreboot, and Linuxboot for security and functionality in embedded devices. It also encourages collaboration within the open source firmware community and invites participants to future events.

Engineering
1 of 36
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Open Source Firmware Daniel Maslowski
Introduction
Who I am Hi, I’m Daniel aka OrangeCMS aka CyReVolt! :) ▶ web developer ▶ security background ▶ hacking on many things ▶ just got started with firmware ▶ I like turtles
Thank you!
First Open Source Firmware Conference (OSFC) ▶ Erlangen, Germany ▶ ~200 participants ▶ 2 days of talks ▶ 2 tracks (main + security) ▶ 2 days of workshops ▶ openSUSE was among the sponsors
Firmware
Firmware is everywhere Embedded devices ▶ SoC Laptops ▶ BIOS/UEFI (host CPU) ▶ ME (coprocessor) ▶ GbE ▶ EC
Vendor Firmware fwupd/LVFS ▶ 114 vendors listed ▶ platform is growing and vendors push their updates
Issues ▶ continuous updates are a requirement ▶ firmware updates depend on vendors ▶ vendors do not typically ship updates too often ▶ quality, updates may brick devices https://blog.scaleway.com/2018/a-look-from-behind-the-open-source-bios/
Vendors
Supply Chain
Politics Warning: may contain traces of blobs ▶ a lot of code and necessary knowledge is kept proprietary ▶ documentation on ECs, Super I/O and other chips ▶ board schematics ▶ firmware for certain chips, FSP, VGA Option ROM, … ▶ proprietary vendors implement UEFI, which is inherently complex
Security Hardware attacks are increasing in research ▶ Rowhammer ▶ Spectre ▶ Meltdown Intel ME CVEs https://mjg59.dreamwidth.org/48429.html
Firmware, Kernel and the Rings on x86 ▶ -3: ME ▶ -2: SMM / UEFI kernel ▶ -1: hypervisor ▶ 0: kernel ▶ 3: userspace https://blog.jessfraz.com/post/why-open-source-firmware-is-important-for- security/
Open Source Firmware
U-Boot https://www.denx.de/wiki/U-Boot ▶ supports multiple architectures ▶ more than 1000 boards ▶ powers many embedded devices, such as SBCs and routers ▶ initializes hardware ▶ can directly boot a Linux kernel ▶ can run multiple other payloads
coreboot https://coreboot.org/ ▶ similar to U-Boot ▶ supports many boards and multiple architectures ▶ can directly boot a Linux kernel or run other payload ▶ ported to multiple older Thinkpads ▶ used for Chromebooks by Google ▶ now also applied to servers ▶ popular among hackers
LinuxBoot https://www.linuxboot.org/ ▶ announced in January 2018 ▶ remove overhead from bootloaders ▶ Linux provides device drivers and networking ▶ can be run from UEFI, U-Boot, or coreboot https://www.phoronix.com/scan.php?page=news_item&px=LinuxBoot-OSFC- 2018-State
Equipment
Screwdrivers
Magnifying Lens
Test Clip
Programmer
Tooling ▶ host toolchain ▶ project toolchain ▶ extra utilities for creating images etc ▶ flash utilities, e.g., flashrom
Start hacking
coreboot / QEMU Build your first image and run it in an emulator
Disassemble all the Devices!
XMG C404 (Gigabyte P34v2) coreboot port (WIP) Works ▶ RAM ▶ Video (blob only) ▶ keyboard and touchpad ▶ Bluetooth ▶ WiFi ▶ USB ▶ suspend / resume Needs work ▶ Embedded Controller (runs hot) ▶ ACPI (lid close doesn’t trigger S3) https://github.com/orangecms/coreboot/tree/gigabyte-p34v2 https://gist.github.com/orangecms/b6a8f036a30b7ac3b42c30c35fa295b4
Call for Action
Get OEMs on Board https://www.tuxedocomputers.com/ https://www.schenker-tech.de/ https://www.xmg.gg/
Integrate Firmware Upgrades in OS Distros ▶ zypper up firmware ▶ build firmware in OBS ▶ run checks on openQA ▶ bring kernel and firmware development closely together ▶ join the Open Source Firmware community
And now…
Happy Anniversaries! ▶ U-Boot and coreboot both turn 20 this year
Invitation Join OSFC 2019 in San Francisco! ▶ https://osfc.io/
Thanks again!
Invitation Number 2 Meet 9elements Cyber Security at it-sa! ▶ https://security.9elements.com/ ▶ https://www.it-sa.de

More Related Content

PDF
A million ways to provision embedded linux devices
Mender.io
 
PDF
EuroBSDCon 2021 - (auto)Installing BSD Systems
Vinícius Zavam
 
PPT
OpenWRT guide and memo
家榮 吳
 
PDF
Docker on Windows
Carl Su
 
PDF
Openwrt startup
晓东 杜
 
PDF
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Mender.io
 
PDF
Embedded linux build systems
Mender.io
 
PDF
Porting Puppet to OpenBSD
Puppet
 
A million ways to provision embedded linux devices
Mender.io
 
EuroBSDCon 2021 - (auto)Installing BSD Systems
Vinícius Zavam
 
OpenWRT guide and memo
家榮 吳
 
Docker on Windows
Carl Su
 
Openwrt startup
晓东 杜
 
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Mender.io
 
Embedded linux build systems
Mender.io
 
Porting Puppet to OpenBSD
Puppet
 

What's hot (12)

PDF
tizen-oshw-tds14sh
Phil www.rzr.online.fr
 
PDF
Lt2013 uefisb.talk
Udo Seidel
 
ODP
Firefox OS pratiquer le web mobile - JDLL
Christophe Villeneuve
 
PDF
Qiscus bot esp8266
Ashari Juang
 
PDF
Configuring wifi in open embedded builds
Mender.io
 
PDF
Perfecting video playback on the web
Janessa Det
 
PDF
Installing nagios core_from_source
laonap166
 
ODP
Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache
Vu Hung Nguyen
 
PDF
Tizen platform-dev-tds14sh
Phil www.rzr.online.fr
 
PPTX
DotJS Lightning Talk Vorlon.js
Etienne Margraff
 
PPTX
Telehack: May the Command Line Live Forever
Gregory Hanis
 
TXT
Version
MJ GS
 
tizen-oshw-tds14sh
Phil www.rzr.online.fr
 
Lt2013 uefisb.talk
Udo Seidel
 
Firefox OS pratiquer le web mobile - JDLL
Christophe Villeneuve
 
Qiscus bot esp8266
Ashari Juang
 
Configuring wifi in open embedded builds
Mender.io
 
Perfecting video playback on the web
Janessa Det
 
Installing nagios core_from_source
laonap166
 
Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache
Vu Hung Nguyen
 
Tizen platform-dev-tds14sh
Phil www.rzr.online.fr
 
DotJS Lightning Talk Vorlon.js
Etienne Margraff
 
Telehack: May the Command Line Live Forever
Gregory Hanis
 
Version
MJ GS
 
Ad

Similar to Open Source Firmware - oSC19 (20)

PDF
Open Source Firmware - FrOSCon 2019
Daniel Maslowski
 
PDF
LAS16-200: Firmware summit - Tianocore Progress and Status
Linaro
 
PDF
Getting Started with Buildroot
Trevor Woerner
 
PDF
SystemReady IR and MediaTek Genio-1200-EVK - Tech part - COSCUP 20240804
Macpaul Lin
 
PDF
Strategies for developing and deploying your embedded applications and images
Mender.io
 
PDF
Elc Europe 2020 : u-boot- porting and maintaining a bootloader for a multimed...
Neil Armstrong
 
PDF
kocialkowski-overview-linux-userspace-graphics-stack.pdf
VishalKumarJha10
 
PDF
Why the yocto project for my io t project elc_edinburgh_2018
Mender.io
 
PPT
101 1.1 hardware settings v2
Acácio Oliveira
 
PPT
1.1 hardware settings v2
Acácio Oliveira
 
PPT
Beagle board101 esc-boston-2009b
Michael Hallak-Stamler
 
PDF
ELC_NA-2015-AFT_for_CI-Igor.Stoppa
Igor Stoppa
 
PPTX
ChromePad - Chromium OS for ThinkPad
AndrewWright224
 
PPTX
ChromePad - Chromium OS ThinkPad X220
AndrewWright224
 
ODP
The Deck by Phil Polstra GrrCON2012
Philip Polstra
 
PDF
Embedded Linux primer
Drew Fustini
 
PPT
BITS: Introduction to linux, distributions and installation
BITS
 
PDF
Embedded Linux Build Systems - Texas Linux Fest 2018
Mender.io
 
PDF
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
melbats
 
PDF
IoT Prototyping using BBB and Debian
Mender.io
 
Open Source Firmware - FrOSCon 2019
Daniel Maslowski
 
LAS16-200: Firmware summit - Tianocore Progress and Status
Linaro
 
Getting Started with Buildroot
Trevor Woerner
 
SystemReady IR and MediaTek Genio-1200-EVK - Tech part - COSCUP 20240804
Macpaul Lin
 
Strategies for developing and deploying your embedded applications and images
Mender.io
 
Elc Europe 2020 : u-boot- porting and maintaining a bootloader for a multimed...
Neil Armstrong
 
kocialkowski-overview-linux-userspace-graphics-stack.pdf
VishalKumarJha10
 
Why the yocto project for my io t project elc_edinburgh_2018
Mender.io
 
101 1.1 hardware settings v2
Acácio Oliveira
 
1.1 hardware settings v2
Acácio Oliveira
 
Beagle board101 esc-boston-2009b
Michael Hallak-Stamler
 
ELC_NA-2015-AFT_for_CI-Igor.Stoppa
Igor Stoppa
 
ChromePad - Chromium OS for ThinkPad
AndrewWright224
 
ChromePad - Chromium OS ThinkPad X220
AndrewWright224
 
The Deck by Phil Polstra GrrCON2012
Philip Polstra
 
Embedded Linux primer
Drew Fustini
 
BITS: Introduction to linux, distributions and installation
BITS
 
Embedded Linux Build Systems - Texas Linux Fest 2018
Mender.io
 
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
melbats
 
IoT Prototyping using BBB and Debian
Mender.io
 
Ad

Recently uploaded (20)

PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PDF
Enhancing Cyber Defense Against Zero-Day Attacks using Ensemble Neural Networks
IJCNCJournal
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PPTX
Safety Seminar civil to be ensured for safe working.
DILJEETKUMAR8
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
PPT
Project quality management in manufacturing
BarMusaTetik
 
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PDF
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PPTX
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
PDF
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
PPTX
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
PDF
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
Sustainable Sites - Green Building Construction
mhdumerali
 
Enhancing Cyber Defense Against Zero-Day Attacks using Ensemble Neural Networks
IJCNCJournal
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
Safety Seminar civil to be ensured for safe working.
DILJEETKUMAR8
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
Project quality management in manufacturing
BarMusaTetik
 
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 

Open Source Firmware - oSC19