PremDay #2 - Understanding the Modern Open-Source Firmware Ecosystem

Transcript

1. None

2. Opening Every Layer Understanding the Modern Open-Source Firmware Ecosystem

3. Opening Every Layer Understanding the Modern Open-Source Firmware Ecosystem

4. PremDay’24 Edition 0

5. PremDay’24 Edition 0

6. Prem Day’24 Firmware is an issue!

7. Prem Day’25 Day 1 Firmware is still an issue!

8. What is Firmware?

9. Firmware

10. Firmware

11. Firmware • BMC Firmware • Host Firmware • Root of

    Trust Firmware • … but there are many more. The most crucial stacks

12. BMC Firmware • The first Interaction point between the customer

    and the hardware ◦ Maintenance ◦ Metrics ◦ Access to “internal” infrastructure ▪ Security / Updates are really critical ◦ UI/UX ▪ Not only GUI, but also APIs The “Interface” to the user

13. Host Firmware • Enable the actual operation / workload •

    (Ideally) configurable through the BMC • Boot times • Hardware Support • Debugability → Should be very simple - it’s actually not. The Powerhouse of your Infrastructure

14. Root of Trust • Essential for security • Gatekeeper of

    ownership ◦ Taking over ownership is crucial to enable BMC and Host Firmware solutions ◦ (De)-commissioning processes The Gatekeeper

15. Status Quo

16. BMC Firmware • Industry is leaning towards OpenBMC ◦ Nearly

    every OEM now enables OpenBMC ◦ But… trend towards fragmentation → Customers want upstream OpenBMC support (and refuse proprietary solutions) The “Interface” to the user

17. Upstream “in the opposite direction from that in which a

    stream or river flows; nearer to the source.”

18. Host Firmware • Every Major SoC vendor supports open-source firmware

    solutions (at least PoC) • Next Generation every SoC vendor will support it in production quality. • OEM barely adopting to this model ◦ We need to change the Platform Enabling Model The Backbone of every Server

19. Platform Enabling Traditional Model • Controlled by SoC vendors ◦

    Reference code and documentation only available to IBVs ◦ Work closely with IBVs to enable platforms • IBVs enable ODMs/OEMs ◦ Support ODMs/OEMs SoC Vendor Traditional IBVs Platform Enabling

20. Platform Enabling Open Development Model • More scalable approach ◦

    Community enables platform and features together • SoC needs to provide the same amount of support SoC Vendor Platform Enabling SOC OEM ODM IBV ISV Enablement Partners comm unity

21. Host Firmware

22. Open-Source Firmware Close-Source Blobs Closed Source Around ~55% of SPI

    Flash layout is occupied by the closed source blobs (silicon ref code aka init module, pre-reset blobs etc.) Open Source Remaining ~45% is open source boot firmware aka coreboot. None of the silicon reference code has open source visibility. SPI Flash Layout*
23. None

24. Host Firmware • Decoding UEFI Firmware ◦ “a 300-day embargo

    period seems reasonable for the UEFI supply chain as opposed to the arbitrary 90-day embargo period” Security

25. Root of Trust • Still very early, no good data

    yet • Open solution that get integrated e.g. Caliptra • Some vendors provide open-source reference implementations → Potential Vendor Lock-In through RoT solutions The Gatekeeper

26. Projects Overview BMC Host RoT LibreBMC Cerberus

27. Overview “Open-Sourceness” BMC Firmware Strong openBMC, u-bmc Host Firmware Partial

    coreboot, EDKII Root of Trust FW Early Stage Caliptra, Zephyr, MSFT Cerberus

28. Summary • Host Firmware ◦ Platform Enabling Model ◦ Open

    does not mean open ▪ Silicon Init Code, ME/SPS/TF-A, … • Root of Trust ◦ Still to early - potential danger of vendor lock-in • BMC Firmware ◦ Leaning towards OpenBMC, but…

29. Being Trapped.

30. The Trap • Pseudo Open-Source Firmware Solutions ◦ “Value added”

    - OpenBMC solutions ◦ “Closed-Source FW based on OpenBMC” • Takes away all the advantages of Open-Source ◦ Debugging, Ability to fix your own bugs (on your own timeline), Upstreaming, Benefits from Upstream, … Pseudo Open-Source Solutions

31. Moving Forward

32. Moving Forward • Tell us what you need ◦ The

    community needs to understand what features you need ◦ FW is mainly driven by Hyperscalers or Consumer devices e.g. ChromeBooks - we need to shift. • Take calculated risks ◦ Someone has to be the first one • Get involved ◦ Engineers and Money Good Times ahead?

33. The Foundation

34. Foundation Goals Drive Specifications OSF Value Proposition Umbrella for OSF

    projects OSF Adoption OSFC & Hackathon Community Guidance

35. Foundation Supporters

36. Foundation

37. Vendors

38. Thank you.

39. Summary • Listen and learn ◦ Especially this conference is

    the ideal sales playbook • Upstream first ◦ No proprietary, pseudo open-source solutions • Engage What can we do?

40. Firmware is evolving and changing - stay ahead of the

    curve!