Session
Schedule FOSDEM 2020
Open Source Firmware, BMC and Bootloader

Introducing AUTOREV

An automatic reverse-engineering framework for firmware BLOBs
K.4.601
Patrick Rudolph
Modern Open Source boot firmware ships with an increasing amount of BLOBs. While it's often claimed that it eases the integration, it makes life of Open Source developers harder, as it's not documented what is done inside BLOBs and what should be done outside of the same. We will show how to trace the MMIO access of BLOBs in firmware by using Open Source tools. As analysing the traces for possible branches and loops is hard and stressful work, we created our own framework for automatic reverse engineering. Our framework allows to capture and analyse MMIO traces, fuzz the BLOB under test and finally generates readable code in a high level language, like C, for easy analysing. During this talk, we will discuss the legal side, the motivation behind reverse engineering, and the benefit for the Open Source community. We will explain the problems we faced, and explain the basic concept used, with examples from the real world.

Additional information

Type devroom

More sessions

2/1/20
Open Source Firmware, BMC and Bootloader
Leif Lindholm
K.4.601
Historically, the UEFI forum has been a bit rubbish at interacting with open source development, but this is improving. This talk gives a background on why (both the rubbish and the improvement) and what is being done. Also, a brief update on news for the TianoCore/EDK2 project.
2/1/20
Open Source Firmware, BMC and Bootloader
Heinrich Schuchardt
K.4.601
The Unified Extensible Firmware Interface (UEFI) is the default for booting most Linux and BSD distributions. But the complexity of the UEFI standard does not offer an easy entry point for new developers. The U-Boot firmware provides a lightweight UEFI implementation. Using booting from iSCSI with U-Boot and iPXE as an example let's delve into the UEFI API. The UEFI sub-system in U-Boot has developed from barely starting GRUB to supporting complex UEFI applications like iPXE and the EFI shell ...
2/1/20
Open Source Firmware, BMC and Bootloader
Thierry Laurion
K.4.601
Insurgo had engaged itself in the adventure of facilitating security accessibility and received NlNet funding to do exactly that. Now it wants to get developers involved and expand funding. The goal of this is to bridge the gap between reasonably secure OS (QubesOS) and slightly more secure hardware (Heads) to help privacy-focused users and those that are vulnerable. But we need to prepare for the future now! Insurgo has challenged the status quo that has been prevalent since 2015 and has made ...
2/1/20
Open Source Firmware, BMC and Bootloader
K.4.601
For the last several years, hypervisors have played a key role in platform security by reducing the possible attack surface. At the same time, the hype surrounding computing and Internet of Things Gateways has led to an increase in network appliance devices. Our target was to create a less-insecure virtual network appliance using TrenchBoot, Trusted Platform Module 2.0 and AMD SKINIT Dynamic Root of Trust for Measurement to establish a Xen hypervisor with a meta-virtualized pfSense firewall. We ...
2/1/20
Open Source Firmware, BMC and Bootloader
Daniel Maslowski (CyReVolt)
K.4.601
With Intel's Firmware Support Package (FSP) and the recent release of a redistributable firmware binary for the Management Engine, it has become possible to share full firmware images for modern x86 platforms and potentially audit the binaries. Yet, reverse engineering, decompilation and disassembly are still not permitted. However, thanks to previous research, we can have a closer look at the binary data and come to a few conclusions. This talk briefly summarizes the fundamentals of developing ...
2/1/20
Open Source Firmware, BMC and Bootloader
Brian Richardson
K.4.601
As the rich capabilities of platforms increase, so does their complexity. As hypervisors and operating systems harden their attack surfaces, malware has been moving deeper into the platform. For example, a modern laptop may have over 15 updatable firmware elements, each with low-level access to a specific hardware domain. From the early days of proprietary BIOS in the 1980’s and 1990’s, to the world of standards in the 2000’s, to the post-PC world of the last few years, the nature of ...
2/1/20
Open Source Firmware, BMC and Bootloader
K.4.601
Have you ever heard of Board Management Controller? It has been black box firmware to manage servers since last century … now it’s open. OpenBMC is a Linux Foundation project with a goal to produce an open source implementation of BMC firmware stack. It is a vendor independent Linux distribution created using Yocto project that provides complete set of manageability features. Backbone technologies in OpenBMC include D-Bus and systemd. With embedded web server it provides user friendly WebUI ...