0.11 open-source-firmware-conference-2023 2023-10-10 2023-10-12 3 00:05 https://talks.osfc.io https://talks.osfc.io/media/open-source-firmware-conference-2023/img/oscar_standing_100x100_R5ufUHu_2Io4QXO_jwGrs6y.png US/Pacific Main Track Event Info 2023-10-10T09:30:00-07:00 09:30 00:15 The Opening Event for the Open Source Firmware Conference 2023 open-source-firmware-conference-2023-36444-opening-event en false https://talks.osfc.io/open-source-firmware-conference-2023/talk/7PZDDR/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/7PZDDR/feedback/ Main Track Talk 2023-10-10T09:45:00-07:00 09:45 00:30 Open-source firmware is revolutionizing the world of technology, offering endless possibilities for creative exploration. This talk will delve into the exciting intersection of open-source firmware and art projects, revealing the power of combining technology and creativity to foster a unique learning experience. Participants will discover how to leverage open-source firmware to create interactive art installations, kinetic sculptures, and more, simultaneously unleashing their creativity and technical prowess. open-source-firmware-conference-2023-35903-the-art-of-firmware Ritvi Mishra en In today's rapidly evolving technological landscape, open-source firmware stands as a beacon of innovation, allowing developers and enthusiasts to modify and enhance the functionality of various electronic devices. However, the potential of open-source firmware extends beyond its conventional applications. By bridging the gap between technology and art, we can unlock a world of boundless imagination and expression. This conference talk proposes to inspire attendees by showcasing the wonders of learning open-source firmware through art projects. During the session, we will explore how art can be a powerful catalyst for learning and experimentation, encouraging participants to embrace a multidisciplinary approach to their technical pursuits. Key Points to be Covered: - Introduction to Open Source Firmware: - Definition and significance of open-source firmware. - Overview of popular open-source firmware platforms. - The Marriage of Technology and Creativity: - Discussing the inherent connection between art and technology. - Highlighting successful art installations using open-source firmware. - Empowering Learning through Hands-On Projects: - Step-by-step guide to creating interactive art installations. - Using open-source firmware to animate kinetic sculptures. - Breaking Down Barriers to Entry: - Addressing common misconceptions about firmware development. - Promoting inclusivity in the open-source firmware community. - Inspiring Innovation and Collaboration: - Encouraging participants to share their art projects and ideas. - Discussing the potential for collaborative art-tech initiatives. - Leveraging Art as a Teaching Tool:(Optional and based on audience preference) - Examining the benefits of art-based learning in technical domains. - Discussing educational experiences that combine open-source firmware and art. By the end of the talk, attendees will have gained a fresh perspective on open-source firmware and its potential applications beyond traditional technology domains. Moreover, they will be motivated to embrace their creative instincts and explore the world of art projects as a means to enhance their learning experience and inspire innovative solutions. Join me in this exhilarating exploration of open-source firmware and art, and let's unleash our collective creativity to revolutionize the way we learn and interact with technology. Together, we can bridge the gap between art and tech, creating a harmonious synergy that pushes the boundaries of innovation. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/XAZ7TP/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/XAZ7TP/feedback/ Main Track Talk 2023-10-10T10:30:00-07:00 10:30 00:30 How the forthcoming "US Cyber Trust Mark" certification may impact firmware development and the devices it is installed on, as well as some of the unique challenges Open Source projects will face in trying to address the certification requirements and process. open-source-firmware-conference-2023-35991-us-cyber-trust-mark-is-your-firmware-ready Allan Jude en The US FCC has announced a voluntary certification program for “smart devices”, using testing standards developed by NIST, aiming to establish a baseline for security of home appliances and IoT devices, with plans to include WiFi devices, routers, smart meters, and power inverters. These certification will ensure strong default passwords, personal data protections, and guaranteed software and security updates for the design lifetime of the device. More than just another certification logo, devices will have a QR code to allow consumers to verify that the device has retained its certified status in the evolving cybersecurity landscape. We examine what it will mean to get firmware and operating system images ready for the certification process, how to lessen the cost of maintaining older platforms, and the unique technical and organization challenges faced by open source projects when undertaking industry certification. How can open source firmware projects prepare to lead the way in getting more secure appliances and IoT devices to market faster? false https://talks.osfc.io/open-source-firmware-conference-2023/talk/KL8MEH/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/KL8MEH/feedback/ Main Track Talk 2023-10-10T11:15:00-07:00 11:15 00:30 Meta has historically used their own BMC code stack, confusingly also called "OpenBMC", but having nearly nothing in common with the Linux Foundation project of the same name. A transition to the Linux Foundation code base is underway and our first production system using that code is a chassis controller named "Bletchley". This talk will discuss the approach we took, collaborating with our JDM, to develop OpenBMC in an "upstream-first" manner. open-source-firmware-conference-2023-36107-meta-s-openbmc-process-a-case-study-from-the-bletchley-system Patrick Williams en In 2015, two different projects started with the same name: OpenBMC. One project was lead by developers at Facebook (now Meta) and others by developers at IBM. While the IBM effort later picked up more industry momentum and became a project managed under the Linux Foundation, the Meta software stacks has been used on many OCP designs and has extensive deployment in Meta's data centers. The OCP designs are typically developed using an JDM model where Meta engineers and a manufacturing vendor partner to design and build a server. In 2022, we began a project code-named "Bletchley" which would be our first custom design utilizing the Linux Foundation OpenBMC code-stack. This talk is a case-study of the approaches we took in the JDM process to develop the BMC software for a new system design, collaborating both between companies and with the upstream community, leveraging our long experience in the JDM process and BMC software lifecycle to successfully put the Bletchley chassis controller into production in 2023. false Presentation https://talks.osfc.io/open-source-firmware-conference-2023/talk/7TP7HD/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/7TP7HD/feedback/ Main Track Talk 2023-10-10T13:15:00-07:00 13:15 00:30 Arm and 9elements share their progress towards developing a coreboot firmware stack for Arm servers. Showcasing proof of concepts, and discuss the challenges faced when developing a new firmware stack to fit existing software expectations. open-source-firmware-conference-2023-34732-enabling-coreboot-for-open-system-firmware-on-arm-servers Jeffrey Booher-KaedingMilo-DUnnamed speaker en The Arm Base Boot Requirements (BBR) Specification defines standard firmware requirements for Arm systems. It outlines the firmware interfaces needed for system software interoperability. Arm servers commonly rely on the SBBR recipe, which is typically built using TianoCore EDK2 open source firmware or derived commercial UEFI solutions. Recently, there is increased interest in Coreboot + LinuxBoot firmware from cloud operators as an alternative open-source firmware. Arm created the LBBR recipe to outline the interfaces needed for LinuxBoot on Arm systems. In this session, Arm and 9elements will share our progress towards developing a coreboot firmware stack for Arm servers. We will showcase proof of concepts, and discuss the challenges faced when developing a new firmware stack to fit existing software expectations. Finally, we will share how this work influenced the evolution of the LBBR specification, and the work ahead to give partners more open firmware options for deploying Arm servers. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/ZVGTTP/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/ZVGTTP/feedback/ Main Track Talk 2023-10-10T14:00:00-07:00 14:00 00:30 Tamago and TinyGo are Go compilers for bare metal; both firmware and small kernels have been written using them. In this talk, I will describe what I have learned by working with these two compilers; discuss the benefits of having the Go runtime available in firmware; provide a demo of each in action; and close by describing how they have turned my preconceptions about firmware languages on their head. open-source-firmware-conference-2023-32793-tamago-and-tinygo-working-with-firmware-and-kernel-written-in-go ronald g. minnich en It has been commonly believed that Go is not usable on bare metal, and that we must use languages such as Rust or C. As I have learned in the last three years, such is not the case. In this talk, I will describe two bare metal Go toolchains, Tamago and TinyGo. Both allow users to compile standard Go programs to run on bare metal, i.e. with no underlying kernel: the Go programs become both firmware and kernel. Tamago (https://github.com/usbarmory/tamago), a Go toolchain created by WithSecure, is based on the standard Google Go toolchain, with a few hundred lines of changes. Withsecure.com has released an open source USB device, the USB Armory, which can boot Linux or a small kernel written Go. This device has recently flown in space. TinyGo (https://tinygo.org/) is combination of a Go front end and an LLVM backend. TinyGo is thus a completely new Go toolchain, able to benefit from LLVM's optimizations: tinygo binaries are about 20% or less the size of standard Go binaries. TinyGo has grown quickly: in just a few years, contributors have got about 100 boards working. This rate of adoption is faster than coreboot, and far faster than oreboot; there are lessons to be learned from their work. The u-root project (u-root.org) now includes Tamago and TinyGo builds as part of continuous integration. In this talk, I will describe my experiences with both these toolchains, give a demo with hardware, and speculate on where Go is the best bare metal language. There have been a lot of surprises for me in using these systems, and I have had to discard my preconceptions about what languages are best. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/PUMRQ9/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/PUMRQ9/feedback/ Main Track Talk 2023-10-10T15:00:00-07:00 15:00 00:30 Looking at multiple RISC-V firmware projects and processors, this talk compares how their approaches to providing a RISC-V platform align, such that operating systems and applications can be easily ported across them. open-source-firmware-conference-2023-36113-aligned-on-risc-v Daniel Maslowski en We start with a summary of recent progress on RISC-V in the coreboot project and its fork oreboot. During the development of oreboot, we noticed that while RISC-V is already an extensible ISA with many ratifications in place and the first application SoCs produced, they do not yet fully define platforms. Details such as memory access and clear protocols of what an OS may or may not be able to control and handle are still open issues, so that the same application may behave different from one piece of hardware to another. With this talk, we dive deep into a socio-technical design discussion on strategies around unaligned memory access, how hardware may or may not support it, how it can be handled with traps in M-mode, S-mode or simply by what compilers emit, how hypervisors change perspectives, and what a full stack could look like that takes hardware, firmware, OS, compilers and application software design into account. false slides (external) slides (copy) https://talks.osfc.io/open-source-firmware-conference-2023/talk/UPU3PX/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/UPU3PX/feedback/ Main Track Talk 2023-10-10T15:45:00-07:00 15:45 00:30 When building an embedded system, there comes a time when you must unplug your debugger and seal the device in a box. Unfortunately, things can still go wrong after this point! The Hubris embedded OS has put a strong emphasis on debuggability, even to the point of writing Humility, an in-house debugger. However, Humility has historically assumed a physical connection to a running microcontroller. As we begin sealing up boxes, we’ve had to develop a range of tricks for mostly-seamless debugging of a network-connected system. Strategies range from forging inter-task IPC messages and calling arbitrary functions over the network, to (safely) reading and decoding memory from the running system, and even using a secondary microcontroller to take a full memory image of the main system for post-mortem debugging! open-source-firmware-conference-2023-35910-unplugging-the-debugger-live-and-post-mortem-debugging-in-a-remote-system Matt Keeter en This talk is a whirlwind tour of adapting a system from physically-connected to networked debuggability, without breaking existing user workflows and tools. It focuses on the Hubris embedded OS and Humility debugger, and is specifically motivated by their use in the Service Processor for the Oxide Computer Company server rack. Like a baseboard management controller, the SP is responsible for low-level system control, e.g. thermal management. It also provides visibility into other hardware on the board – for example, if the host CPU isn't responding, the service processor can connect to its serial console for debugging. Debugging the SP – and everything that it’s connected to – requires both specialized and general-purpose tooling. Some use cases are known in advance; for example, Humility includes a purpose-built command to show a live graph of temperature readings. Other use cases have to be improvised on the fly, e.g. restarting the system thousands of times and reading back register values to track down a rare bug. With the right abstractions, everything from dashboards and hardware interfaces to ad-hoc experiments can work seamlessly in both attached and networked configurations. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/9TTFZF/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/9TTFZF/feedback/ Main Track Talk 2023-10-11T09:30:00-07:00 09:30 00:30 We will introduce concept to automatically provision OpenSource Firmware (starting from the BMC side) at scale within datacenter. That is a co-presentation between HPE and Scaleway a french cloud service provider open-source-firmware-conference-2023-34799-provision-open-source-firmware-system-at-scale Jean-Marie VerdunElyes Zekri en OpenBMC is a fast-rising Open Source project aiming to replace proprietary BMC firmware by a linux embedded software image, with the intent to be multi-platform vendors compatible. It is based on proven technologies, including D-BUS as inter process communication mechanism and library, and systemd to handle service management. The project is compliant with industry standard communication API like IPMI and Redfish. These technologies are focused on management tasks and lack critical features during system provisioning as to safely authenticate, and provision unknown new systems in a datacenter. We will introduce during this talk options which have been tested at Scaleway and could be integrated within OpenBMC running on HPE ProLiant machines or any other vendors. The process is broken in 3 major steps which will include system discovery, stepping logging and testing before entering production. Based on feedbacks we will specify the process for community review before submitting patches. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/DMHDAE/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/DMHDAE/feedback/ Main Track Talk 2023-10-11T10:15:00-07:00 10:15 00:30 Overview of how to use U-Boot as a coreboot payload and the benefits of doing so open-source-firmware-conference-2023-35607-u-boot-as-a-coreboot-payload Simon Glass en [since this is mostly an x86/coreboot conference the talk will centre around that] Coreboot provides platform initialisation, replacing much of the closed-source BIOS / UEFI on x86 machines. However coreboot does not include a means to boot an OS by itself. It is designed to jump into a payload to handle that, such as Tianocore. U-Boot is one payload supported by coreboot. It provides many of the same features as Tianocore but with a number of advantages: small and fast, GPLv2 code base, Linux compatibility and a very active community. This talk covers some of the ways that U-Boot can be used on x86, including booting common distros out of the box using its UEFI layer. The talk covers the command line, with features including advanced boot control, filesystems, networking / wget, configuration editor and a range of commands and features for use specifically with coreboot. The talk provides a comparison of U-Boot and Tianocore with coreboot and some discussion of what is missing on the U-Boot side. It concludes with a demo. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/DER7ZC/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/DER7ZC/feedback/ Main Track Talk 2023-10-11T11:30:00-07:00 11:30 00:30 We will present our ongoing work on the System Transparency Authentication Mechanism (STAM), ST's evolving design philosophy and the benefits of transparent systems to service providers. open-source-firmware-conference-2023-36115-towards-authentication-of-transparent-systems Fredrik Stromberg en STAM is an authentication mechanism for transparent systems - mainly System Transparency - which we are still actively designing. We would greatly appreciate your feedback. System Transparency (ST) is a security architecture for service providers who want to operate transparent systems. We define a running computer system as transparent if its advertised state space is apparent to a relying party. ST is used in production at Mullvad VPN, but it still has a long way to go until all of its design goals are realized. STAM is designed to assure a local system of a remote system’s platform provenance, identity, state, authenticity, source code traceability, and freshness, as well as certificate transparency. It builds on entity authentication mechanisms, secure communication, reproducible builds, remote attestation, transparency logging and witness cosigning. The aforementioned technologies also constitute the backbone of System Transparency. Our 20-minute talk will be followed by a 20-minute Q&A discussion and feedback session. false Slides https://talks.osfc.io/open-source-firmware-conference-2023/talk/U999DX/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/U999DX/feedback/ Main Track Talk 2023-10-11T12:15:00-07:00 12:15 00:30 bit-for-bit identical binaries at the lowest levels Reproducible Builds enables bit-for-bit identical comparison, providing a strong link that the binaries used are the result of building the source code. open-source-firmware-conference-2023-36161-reproducible-builds-all-the-way-down Vagrant Cascadian en Reproducible Builds enables bit-for-bit identical comparison, providing a strong link that the binaries used are the result of building the source code, enabling simple verification with cryptographically strong checksums. Having a reproducible build provides additional security properties as well as benefits to software development processes. This talk will explore some of the historic and recurring issues of reproducible builds in various Open Source Firmware projects, as well as tooling used to seek out, diagnose and troubleshoot reproducibility issues. While much of the Reproducible Builds work to date has been on Free and Open Source Software distributions, there has also been Reproducible Builds work on several firmware projects including u-boot, trustedfirmware, opensbi and others! Because firmware projects tend to be limited in scope, Open Source Firmware projects make a great showcase for the viability of 100% reproducibility! We can do so much better than inscrutable black boxes! https://reproducible-builds.org false Slides Source Slides https://talks.osfc.io/open-source-firmware-conference-2023/talk/HYSNUF/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/HYSNUF/feedback/ Main Track Talk 2023-10-11T13:45:00-07:00 13:45 00:30 Rust has gotten a lot of attention in the embedded space lately, but there's an under-appreciated language feature that can be uniquely enabling for writing drivers and resource-constrained code: async. The async transform takes code written in the usual way -- with loops, function calls, and the like -- and inverts it into an explicit state machine that can be stepped in response to events. This gives developers the benefits of both simple "straight-line" code, such as readability and structured control flow, combined with the benefits of writing explicit state machines by hand, such as lower resource usage compared to threads or nested interrupts for concurrency. But more importantly, it provides something that's hard to achieve in explicit state machines: automatic _composition_ of state machines, with type and lifetime checking. This talk will propose an embedded-specific way of viewing Rust's async feature, look at how to apply it to solve certain common firmware problems, and touch on the elephant in the room: debugger support. Examples will use the author's open-source async embedded OS, lilos, and a proof-of-concept debugger for embedded async Rust. open-source-firmware-conference-2023-35580-turn-your-code-inside-out-programming-and-debugging-bare-metal-with-async-rust Cliff L. Biffle en Rust has gotten a lot of attention in the embedded space lately, but there's an under-appreciated language feature that can be uniquely enabling for writing drivers and resource-constrained code: async. The async transform takes code written in the usual way -- with loops, function calls, and the like -- and inverts it into an explicit state machine that can be stepped in response to events. This gives developers the benefits of both simple "straight-line" code, such as readability and structured control flow, combined with the benefits of writing explicit state machines by hand, such as lower resource usage compared to threads or nested interrupts for concurrency. But more importantly, it provides something that's hard to achieve in explicit state machines: automatic _composition_ of state machines, with type and lifetime checking. This talk will propose an embedded-specific way of viewing Rust's async feature, look at how to apply it to solve certain common firmware problems, and touch on the elephant in the room: debugger support. Examples will use the author's open-source async embedded OS, lilos, and a proof-of-concept debugger for embedded async Rust. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/CPWTDH/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/CPWTDH/feedback/ Main Track Talk 2023-10-11T14:30:00-07:00 14:30 00:30 sdbusplus generates ergonomic and compile-time type-checked dbus bindings built atop sd-bus. This library is heavily used within the OpenBMC project to provide all IPC between its many userspace processes. This talk will give an overview of how OpenBMC leverages dbus, how sdbusplus facilitates its usage, as well as an introduction on our approach for asynchronous programming with C++ co-routines. open-source-firmware-conference-2023-36106-asynchronous-dbus-with-c-co-routines Patrick Williams en sdbusplus generates ergonomic and compile-time type-checked dbus bindings built atop the systemd dbus implementation: sd-bus. This library is heavily used within the OpenBMC project where it is used to facilitate all IPC between its many userspace processes. Recently the sdbusplus library and binding generators have been enhanced to support asynchronous programming using C++ co-routines and based on the upcoming C++26 'standard executors' model and implementation. This implementation yields a much clearer coding approach than traditional callback-style asynchronous libraries such as Boost::ASIO for async-heavy dbus clients. The talk will give an introduction to C++ co-routines, the stdexec model, and the sdbusplus implementation. Additionally, the talk will give an overview on how OpenBMC leverages dbus to facilitate IPC. The OpenBMC code stack is a collection of domain specific microservices that communicate over dbus. The interfaces are documented in a YAML format, which is consumed by the sdbusplus binding generator, and yield compile-time compliance checking of both dbus server and client implementations for the OpenBMC stack. This process is akin to microservice protocol binding generators, such as gRPC or Thrift, but appropriate for inter-process communication on Linux using the existing dbus-broker implementation. false Presentation https://talks.osfc.io/open-source-firmware-conference-2023/talk/8L8MAR/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/8L8MAR/feedback/ Main Track Talk 2023-10-11T15:45:00-07:00 15:45 00:30 Bytedance's practice about automactic coredump analysis, including * ipks collection in CI; * Coredump collections; * debug_dump tool introduction; * Integration of alarms and analysis. open-source-firmware-conference-2023-34768-field-practice-on-bmc-coredump-analysis Lei YuJian Zhang en Coredumps occurs in BMC and the best tool to debug such coredump is gdb. There are existing `ipkdbg` and `bbdebg` tools that make it easy to debug a coredump. In this talk, we (Bytedance) will introduce the practice of how to debug a coredump that occurred in online production servers (mostly) automatically. This talk involves the detailed steps of: * The CI job configuration to collect the necessary files to debug coredump; * The changes in BMC to send coredumps to remote server; * The remote server configuration to handle coredump files and events; * The integration of alarms for coredump events; * The automatic analysis based on the debug_dump tool; * The introduction of the new debug_dump tool to preapre the gdb environment with one-line command; * The one-click WebUI to make the above steps automatically. Significantly, the debug_dump is a Python tool based on the existing `ipkdbg` tool to analyze the coredump, and it will be submitted to the OpenBMC community. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/R7YBYN/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/R7YBYN/feedback/ Main Track Talk 2023-10-11T16:30:00-07:00 16:30 00:30 This talk is going to tell the tale of a critical security vulnerability that was found a year after launch on the RK3288 ("veyron") family of Chromebooks and allowed bypassing the entire secure boot stack. It will explain the technical details of this vulnerability, why it was overlooked in the first place, the tricky process to mitigate it, and finally give a real answer to this guy's stack overflow question: https://superuser.com/questions/1399681/what-is-the-gpt-header-signature-for open-source-firmware-conference-2023-35577-when-boot-security-goes-wrong-the-story-of-the-ignoreme-gpt Julius Werner en This talk is going to tell the tale of a critical security vulnerability that was found a year after launch on the RK3288 ("veyron") family of Chromebooks and allowed bypassing the entire secure boot stack. It will explain the technical details of this vulnerability, why it was overlooked in the first place, the tricky process to mitigate it, and finally give a real answer to this guy's stack overflow question: https://superuser.com/questions/1399681/what-is-the-gpt-header-signature-for This is not really supposed to be an educational talk that teaches new concepts or presents new work. It's more of a "story time" talk that provides a cautionary tale about how even the slightest misunderstandings about hardware behavior and insufficient testing for new changes late in the product development cycle can have catastrophic effects on security guarantees. I hope attendees just might find it interesting to hear examples of how even at companies like Google we can make really bad mistakes from time to time and then have to scramble to deal with them with millions of users on the line. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/R3T8ZC/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/R3T8ZC/feedback/ Main Track Talk 2023-10-11T17:15:00-07:00 17:15 00:30 Writing correct firmware requires understanding hardware at the lowest possible level. More frequently than the average programmer, firmware authors may discover fundamental problems with the hardware which must be reported to the manufacturer. Getting resolution of these types of issues can be tedious and frustrating for all parties involved at the best of times. In the worst cases communication may break down between reporter and manufacturer resulting in denial of a problem, obfuscation and poor or no resolution of a problem. The difficulties in reporting hardware issues stem from many of the cultural issues with traditional proprietary firmware. As with open firmware, there needs to be a better path forward for the industry for hardware issues. open-source-firmware-conference-2023-36064-so-you-think-you-found-a-hardware-issue-from-misunderstandings-to-cves Laura Abbott en This talk will focus on some of the experiences at Oxide Computer finding and reporting hardware issues to manufacturers during the course of building our products. We've found several at this point and show no signs of stopping. Special attention will be given to security issues and why reporting to hardware companies may be different than reporting to software companies. This may seem like a topic outside of the themes of open firmware. Many of the pain points in reporting issues to hardware manufacturers stem from poorly understood hardware and assumptions that the reference code is "good enough". Open firmware relies on having freely available accurate documentation from hardware vendors to write independent implementations. Bug reporting is fundamental to show vendors the value of open documentation and reporting instead of hiding issues behind proprietary blobs. There will be some discussion about public disclosure process. Oxide's experience has been that hardware vendors will tend towards keeping things private and asking for more time to get fixes to big customers first. The talk will go over some of the trade offs involved in acquiescing to a hardware vendor's request. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/QADUFW/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/QADUFW/feedback/ Main Track Lightning Talk 2023-10-12T10:45:00-07:00 10:45 00:15 webui-vue, OpenBMC's web-based user interface, allows for customization and styling to meet brand requirements. Custom navigation, adding and removing pages and features, different fonts, and unique colors are all available. open-source-firmware-conference-2023-36120-theming-the-openbmc-gui-to-meet-company-requirements Gunnar Mills en I am Gunnar Mills from IBM. I am a maintainer of four OpenBMC repositories, including webui-vue and bmcweb, OpenBMC's web-based user interface and web server, respectively. webui-vue is the replacement for an earlier user interface named phoshor-webui. A core feature of webui-vue, that its predecessor did not have, is the ability to customize and theme the interface to meet different companies' requirements. A .env file can be added to webui-vue, allowing for custom navigation, adding and removing pages and features, different fonts, and colors. .env files can be called from meta-layer, e.g. meta-arm or meta-ibm. webui-vue, when themed, can look vastly different, and that shows in the default community version webui-vue vs IBM or Intel's themed GUIs. I am going to demo IBM's themed GUI as well as a silly one I created. Documentation on how to do this is available at https://openbmc.github.io/webui-vue/guide/. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/MPTDXW/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/MPTDXW/feedback/ Main Track Lightning Talk 2023-10-12T11:00:00-07:00 11:00 00:15 Last year at OSFC in Gothenburg, we revealed ourselves and our radically open source security key - TKey - to the world. A lot has happened since and we are back with an an update. open-source-firmware-conference-2023-36199-tkey-project-update Sasko Simonovski en Last year at OSFC, in Gothenburg, we revealed Tillitis and our radically Open Source USB Security Key - TKey - to the world. One year ago, we presented a concept, idea and a prototype. The concept TKey is based upon is measured boot and this is what makes TKey flexible. A cryptographic function the user wants to perform is loaded onto the TKey (a small program, we call it app), measured and executed on the same. The app gets access to a secret that is partly derived from the hash of the app itself. Only RAM memory is used and nothing is stored in persistent memory. To run another app on TKey, it will need to be power cycled. All-in-all this means that apps cannot access each other's secrets and a TKey never stores secret information. TKey is basically a safe/secure environment for executing cryptographic functions. We have released the fully Open Source Firmware and Hardware TKey to the market. In this talk we will give you a short update on what has happened this last year. Outline: - The team - The product - The plan forward false https://talks.osfc.io/open-source-firmware-conference-2023/talk/ARZF8L/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/ARZF8L/feedback/ Main Track Lightning Talk 2023-10-12T11:45:00-07:00 11:45 00:15 The Framework 16 laptop has the most flexible input module system of any laptop on the market. The unique design allows endless customization that is powered by open source firmware. open-source-firmware-conference-2023-36136-building-an-open-source-ecosystem-for-the-framework-16 Daniel Schaefer en 1. The Hardware Design Overview of the hardware and constraints of building firmware for an input system on a laptop. The upcoming Framework 16 gaming laptop has a hot-pluggable and configurable input deck. A keyboard, numpad, touchpad or even an LED matrix can be installed in many different configurations. 2. Firmware Development Overview of our Keyboard firmware including our QMK port, and Rust firmware development for our LED display module and other input modules. All top row input devices are regular USB 2.0 devices with their own microcontrollers. This makes them a very easy target to get started with hacking on software to interact with them or to hack on their firmware. The GPL/MIT licensed QMK/Rust based firmware for the modules allows easy user customization. The Raspberry RP2040 MCU which all our modules use has a built-in ROM bootloader that always allows reflashing the firmware - so there's no need to be afraid of bricking the firmware. It can always be recovered. With these modules we enable anyone complete freedom to customize their laptop. To customize keyboard layout, where they place it and what firmware they run. Since the modules are so simple, writing your own firmware is as easy as any Arduino project. 3. Developer Program - Call to action An overview of how much closed firmware is running on a modern laptop, and opportunities to open more firmware in Framework products. We want to encourage the community to modify the firmware, write their own and even create their own modules. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/ZUENEX/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/ZUENEX/feedback/ Main Track Lightning Talk 2023-10-12T12:00:00-07:00 12:00 00:15 DAPLink is an Open Source firmware from Arm based on CMSIS-DAP. The main goal of CMSIS-DAP is turning microcontrollers into debug probes (SWD, JTAG, SWO). DAPLink adds many features on top (Drag and drop flashing, serial adapter, bootloader updates, WebUSB, etc.) which is why it has been included in many development boards or on discrete entry-level probes. Projects like the BBC micro:bit have shown how the features of DAPLink can be used and extended to go beyond an on PCB debug probe and become an integral part of a project. open-source-firmware-conference-2023-36108-daplink-the-side-kick-to-your-next-project Mathias Brossard en DAPLink is an Open Source firmware from Arm based on CMSIS-DAP. The main goal of CMSIS-DAP is turning microcontrollers into debug probes (SWD, JTAG, SWO). DAPLink adds many features on top (Drag and drop flashing, serial adapter, bootloader updates, WebUSB, etc.) which is why it has been included in many development boards or on discrete entry-level probes. Projects like the BBC micro:bit have shown how the features of DAPLink can be used and extended to go beyond an on PCB debug probe and become an integral part of a project. This talk will present: - What CMSIS-DAP is and its different iterations. - The history, architecture and features of DAPLink. - The new features of the latest DAPLink releases (e.g. support for the GNU Arm Embedded Toolchain, new interface microcontrollers supported, etc.). - How DAPLink's customizability and extensibility is being leveraged by projects like the BBC micro:bit. - Ideas for the future roadmap of DAPLink. false Slides https://talks.osfc.io/open-source-firmware-conference-2023/talk/HB8RGL/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/HB8RGL/feedback/ Main Track Lightning Talk 2023-10-12T12:45:00-07:00 12:45 00:15 Deep dive into the currently supported flash layouts, filesystems, and firmware update options in OpenBMC, how to choose which one to use, and how to enable each. open-source-firmware-conference-2023-35650-openbmc-flash-layouts-and-firmware-updates Adriana Kobylak en Choosing a system flash layout is an important commitment as it establishes how the flash space is allocated, and in most of the cases the chosen layout will remain the same throughout the life of the product (repartitioning may not be supported without loss of data). The decision process to choose the best option for your system would include considerations for specific requirements, such as secure boot enablement, support for dual firmware versions, or filesystem type. It would also be constrained by limitations such as the type of flash chip or flash size. In this talk, we will dive deep into the currently supported flash layouts, filesystems, and boot options in OpenBMC, and how the code update application writes and boots a new firmware image. This talk will also walk through the advantages and limitations of each flash layout option, what are some of the considerations for choosing each, and prerequisites and instructions on how to enable and build each configuration in the OpenBMC repository, using existing systems as examples. false https://talks.osfc.io/open-source-firmware-conference-2023/talk/3LGYWA/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/3LGYWA/feedback/ Main Track Lightning Talk 2023-10-12T13:00:00-07:00 13:00 00:15 This is a status update on current status of AMD openSIL project, openSIL code base has been upstream on public GitHub, coreboot port for 4th Generation AMD EPYC Processor should be open for review before end of July. open-source-firmware-conference-2023-35600-status-update-for-amd-opensil-and-coreboot-integration Varshit PandyaMartin L Roth en AMD openSIL description AMD openSIL is re-architecture of x86 AGESA FW stack. AMD openSIL adheres to simple goals of an agnostic set of library functions written in an industry-standard language that can be statically linked to the host firmware without having to adhere to any host firmware protocols. AMD openSIL is designed to be scalable and simple to integrate, light weight, low chirp and transparent, potentially allowing for an improved security posture. [Link](https://github.com/openSIL/openSIL) to AMD openSIL source code New support added in coreboot upstream port - Multiple root hub support added - Resource allocator v4 (match HW setup with code and ACPI) - amdfwtool updates - IVRS generation for multiple root bridges - unified handling of IOAPIC Coreboot port upstreaming in prrogress [topic:amd_genoa_opensil](https://review.coreboot.org/q/topic:%22amd_genoa_opensil%22) Detailed information on openSIL [Blog](https://community.amd.com/t5/business/empowering-the-industry-with-open-system-firmware-amd-opensil/ba-p/599644) Future plans for openSIL + coreboot false https://talks.osfc.io/open-source-firmware-conference-2023/talk/BDAC7F/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/BDAC7F/feedback/ Main Track Talk 2023-10-12T14:30:00-07:00 14:30 00:30 I work on Ti50, firmware for the Google Security Chip written in extremely space-constrained Rust. In this talk, I share some simple tips and tricks that I used to reduce the code size of our codebase, as well as some general guidance to understand how to get started on embedded Rust. open-source-firmware-conference-2023-38080-open-mic-embedded-rust-5-tips-and-tricks en false https://talks.osfc.io/open-source-firmware-conference-2023/talk/BEPVW7/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/BEPVW7/feedback/ Main Track Talk 2023-10-12T15:00:00-07:00 15:00 00:30 The status of running Windows with coreboot and edk2 payload on x86-64 chromebooks. For those interested, will also go over what to look for when getting a chromebook, and why to get a chromebook to run Windows. Will also give a preview of the technical challenges with bringing Windows to chromebooks, since I plan on doing a full talk next year to do a deeper dive on the process of fixing Windows up to run with coreboot and some of chromebooks' specialized hardware. open-source-firmware-conference-2023-38081-open-mic-chrultrabook-a-preview-of-porting-windows-to-x86-64-chromebooks en false https://talks.osfc.io/open-source-firmware-conference-2023/talk/Y97YS3/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/Y97YS3/feedback/ Workshop I Workshop 2023-10-12T10:00:00-07:00 10:00 01:00 Real-time operating systems (RTOS) can seem complex for beginners. This session aims to simplify this complexity by providing a comprehensive introduction to Zephyr, a user-friendly open source RTOS. We'll explain the foundational RTOS concepts and highlight the specific benefits of Zephyr. We'll then guide attendees through the setup of a Zephyr development environment and the creation of a simple application. Additionally, the session will introduce the vibrant Zephyr community and provide guidance on how to contribute and interact within it. Whether you're a developer, hobbyist, or student, this talk will serve as a valuable launchpad into the world of Zephyr and open source RTOS. open-source-firmware-conference-2023-36131-embarking-on-the-zephyr-journey-a-beginner-s-guide-to-the-open-source-rtos Ritvi Mishra en The world of real-time operating systems (RTOS) can seem complex and insurmountable to beginners. Zephyr, a powerful yet user-friendly open source RTOS, can be an ideal starting point. In this session, titled "Embarking on the Zephyr Journey: A Beginner's Guide to the Open Source RTOS", we aim to equip newcomers with the fundamental knowledge and practical skills to dive into the development of Zephyr-based applications. This talk will first lay out the foundational concepts of RTOS and the specific advantages of Zephyr, such as its small footprint, modularity, and scalability. We will delve into the versatile capabilities of Zephyr, covering its support for multiple hardware architectures and its extensive feature set, including connectivity protocols, device drivers, and security features. In the practical part of the session, we'll guide attendees through the initial setup and configuration of the Zephyr development environment. Participants will get a hands-on introduction to creating and building a simple Zephyr application. We'll also cover the essential debugging techniques, giving beginners the confidence to navigate and rectify common issues encountered during Zephyr application development. Lastly, the talk will introduce the rich ecosystem and vibrant community around Zephyr, providing insights into how to utilize the available resources, contribute to the project, and interact with other developers. Whether you're a developer looking to transition into real-time systems, a hobbyist curious about RTOS, or a student seeking a solid start in firmware development, this talk will provide the launchpad for your journey with Zephyr. Come, embark on the Zephyr journey, and unlock new possibilities in the realm of open source firmware. false Zephyr getting started guide Zephyr Simulator Repo PlatformIo Wokwi https://talks.osfc.io/open-source-firmware-conference-2023/talk/XLE9JA/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/XLE9JA/feedback/ Workshop I Workshop 2023-10-12T12:00:00-07:00 12:00 01:00 In this workshop, you will learn about the current state of the System Transparency project. System Transparency is a security architecture for bare-metal servers. It's bootloader stboot protects and makes your boot chain auditable. It uses LinuxBoot, TPM, and signature verification. Furthermore, it is reproducible, with plans to incorporate Binary Transparency. Correctly integrated, it can make a system transparent to you and even your end users. With System Transparency, all OS-related artifacts including the user space are bundled together in a signed OS Package. The core idea is that stboot verifies this OS package before booting. Since the project is still at version zero state and there are quite some bits and peaces which have to be brought together. So this workshop is just the right place for you if you would like to become an early adopter, learn and discuss the concepts of System Transparency or just want to start playing around with the project. There are also some work-in-progress features like remote attestation integration we are currently developing but are already ready to try out. open-source-firmware-conference-2023-36105-getting-started-with-system-transparency Jens Topp en false https://talks.osfc.io/open-source-firmware-conference-2023/talk/RNRGRP/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/RNRGRP/feedback/ Workshop I Workshop 2023-10-12T14:30:00-07:00 14:30 01:00 Workshop on getting started with developing apps for TKey. The end-goal is for all participants to be able to build and run TKey applications. We will have a short presentation about the architecture and building blocks, introducing the toolchain and emulator for TKey, while spending the majority of the time on a code walkthrough - which you should be able to follow on your computer. If you want to come fully prepared to the workshop you can; - install podman and download our tkey-builder:2 container image (instructions: https://dev.tillitis.se/tools/#toolchain-container-tkey-builder) - Clone our repositories: github.com/tillitis/tkey-sign-cli github.com/tillitis/tkey-device-signer github.com/tillitis/tkey-libs open-source-firmware-conference-2023-36200-develop-for-tkey Michael 'MC' Cardell WiderkrantzDaniel Hansson en false https://talks.osfc.io/open-source-firmware-conference-2023/talk/3ZH38E/ https://talks.osfc.io/open-source-firmware-conference-2023/talk/3ZH38E/feedback/