Hardware, Firmware and Operating Systems

Platform System Interface

Design and Evaluation of Computing as a Whole

Could we ever, and can we still, understand computers and how they really work? Based on many years of research, education, curiosity and experience, this talk presents and discusses the many aspects of what makes computing what it is: Hardware, software, operating systems, apps, services, human and machine interfaces, and the many ideas all around them.
Looking from a high level perspective, we walk through the host of interwoven facets that make up electronics from gadgets to mobile devices and large computers, eventually tying everything back to where it came from: The people who made it, the ones who work and play with it, how they are all but different, and what drives them. This is a primer to starting the overarching Platform System Interface project, which seeks to document hardware and software co-design as a whole in prose with psi-spec, and offer guides, tools, and a framework.

oreboot 2022 status report

on to RISC-V

This year we pivoted the oreboot project, a downstream fork of coreboot written entirely in Rust, to focus on RISC-V platforms, including the first version of Beagle-V. We have focused our energies on platforms we can control from power-on reset, with no binary blobs.
Over the last year, the Allwinner D1 SoC, which offers a Linux-capable 64bit XuanTie C906 RISC-V core and is found on many boards, has been fully ported, including DRAM init. In addition, we picked up the work on the JH7100 SoC again that was found on the BeagleV Starlight SBC, because it is also on the StarFive VisionFive board, which has been provided to us by RISC-V International for the developer support program.
In this talk, we present challenges we faced during the development, including writing DRAM code from C code, not chipset documentation; how we are taking advantage of the rapid growth of "bare metal" support in the Rust ecosystem and how it has impacted our code, in ways large and small; and how the project is growing as new members join.
Finally, we summarize the current status of the oreboot project.

SBoM Annotations and Audits

When firmware is only available in binary form, i.e., the end user or corporate entity has no access to its source code, quality and security assessment is limited by legal constraints, and fixing bugs and flaws harder to achieve. While possible escape hatches have been developed, such as replacing large parts of the stock firmware with auditable environments like LinuxBoot, some uncertainty still remains regarding drivers and other components that cannot be removed. However, there are still options to help oneself where the OEM or other vendor does not offer the flexibility or assurance one needs: We can build up a knowledge database of drivers, and offer guidance towards patching or replacing them, and offer the tooling to automate the process. With Fiedka the firmware editor, components can be annotated and those annotations exported for reuse. In this short talk, we will evaluate the necessary workflows and discuss user experience design considerations around the process.

Speedy Distro Porting via the cpu Command

Last year, I ported oreboot to the Allwinner D1 SoC that is found on the Nezha SBC and many other boards now. For a boot loader environment, I chose to embed LinuxBoot, and then partitioned an SD card with two root filesystems for testing: OpenWrt, which is small and just ran right away, and openSUSE, which required some extra effort. I was happy to see a new D1 board advertised with openSUSE support, though the process of getting there was tedious enough that I wanted to find an improvement to the workflow.
In this talk, I recap how I modified the openSUSE RISC-V root filesystem, moving an SD card back and forth, and showcase a faster approach instead by leveraging the cpu command that lets us do that iteration over the network. Eventually, we will see how that can be leveraged to continuously test Tumbleweed on real hardware through OpenQA and a corresponding setup, which can also be applied to other hardware, such as ARM.

Drivers From Outer Space

Fast, Simple Driver Development

During the last two years, I have collected ARM and RISC-V gadgets and development boards. What I realized is that many of them run systems far off mainline Linux, and quite often do the vendors not publish the sources. However, when able to get serial output, I can fix that. And that is where many engineers start with regular development, so we are in the same boat.

Now how do the original drivers work? Applications in existing products often have userspace or hybrid drivers, which opens up a door. We can emulate the app, e.g., in QEMU, and monitor I/O accesses. Then we can write our own driver. But that is a tedious and time consuming process, the most inconvenient step being testing. Given storage media, we need to physically move things. Over network, we could `scp` and `ssh` over to the target machine, then run our code. What if that could be done in one single step?
The solution is cpu, a concept originating from the Plan 9 research operating system that came out of Bell Labs: Transparently run a program on another machine in the network as if it was local. In this talk, I show `cpu` in practice and what I have done myself with it.

Fiedka the Firmware Editor

Advancing from CLIs to GUIs

This talk presents the birth of Fiedka out of utk-web, a proof of concept firmware exploration tool that runs on web platforms using WebAsseambly.
Leveraging Fiano's utk, Fiedka supports firmware developers and analysts through quick navigation and ideas from the web development world, organizing the many different views on the same image in a concise manner. For example, when looking at a typical AMD platform OEM image, there are UEFI and PSP parts. Walking through the challenges of building a suitable graphical interface with a great experience and dealing with specifics, the talk concludes with where Fiedka is at right now and what the next milestone will be, what users can do and try out already, and how to contribute on the various layers of back-end and front-end work as well conceptual ideas and feature requests.


The LinuxBoot way of multi distro ISO booting

With the growing demand and support for LinuxBoot in firmware, new approaches to booting operating systems have become possible, based on the Linux kexec mechanism. This talk walks through the process of creating an environment for booting a large set of different ISOs from various distributions, covering different methods tried and ideas that came up, concluding with how webboot eventually offers a decent and easy to use interface that can be deployed on a USB stick, tried out in a VM, or even run straight from a mainboard's firmware.

Repurposing Gadgets

In this talk, I will show you how you can approach gadgets running Linux based embedded systems, such as IP cameras, network video recorders (NVRs), wireless USB storages, and more. We will look at what typical boot flows are, ways to repurpose the devices, and go beyond what the vendors got you stuck with.

Look at ME!

Intel ME Investigation

With Intel's Firmware Support Package (FSP) and the recent release of a redistributable firmware binary for the Management Engine, it has become possible to share full firmware images for modern x86 platforms and potentially audit the binaries. Yet, reverse engineering, decompilation and disassembly are still not permitted. However, thanks to previous research, we can have a closer look at the binary data and come to a few conclusions.
This talk briefly summarizes the fundamentals of developing custom and open source firmware, followed by a quick guide through the process of analyzing the binaries without actually violating the terms to understand a few bits, and finally poses a statement on the political issues that researchers, repair technicians and software developers are facing.


Let Linux do it

Instead of proprietary UEFI firmware or other projects maintained outside a user's control, we can apply the Linux kernel to develop modern firmware based on well-tested drivers. That is the idea behind LinuxBoot.
This talk explains what this means and demonstrates application examples.

Open-Source Firmware

Firmware is found in all computing devices, including PCs, laptops, networking equipment, printers, embedded devices such as IoT and industrial controllers, mobile phones, tablets, and more. The community around open source firmware has grown over the last years, allowing for more exchange in the development and granting freedom to end users. Prominent projects like U-Boot, Tianocore, coreboot and others teach how firmware works and welcome contributions.
This talk provides an overview of the current state, an end user report, and a summary of the first Open Source Firmware Conference.

Software Engineering

A JavaScript GraphQL Stack Built With Apollo

This talk provides a quick introduction to the GraphQL language itself, the pub-sub and request-response RPC architectures behind it, as well as schema exploration and visual documentation through GraphQL Playground.
While enumerating some use cases, the slides suggest a possible integration with existing services and showcase a set of tooling all based on JavaScript, featuring static analysis through linting, both unit and integration tests, as well as a proposal for logging and performance monitoring.

Build, Package, Distribute

Damit Services skalieren können, wird heutzutage Infrastruktur automatisiert. Doch das ist nur die halbe Miete. Wie sieht es mit der Verteilung der Software aus? Für UNIX-artige Systeme stehen seit vielen Jahren Paketmanager und Paketquellen (Repositories) bereit. Damit kann Software auf Zielsystemen schnell und einfach installiert werden, beispielsweise auf dem eigenen Rechner, aber auch beim Deployment von Services. Für manche Software sind jedoch keine Pakete vorhanden oder Anpassungen nötig, insbesondere bei eigenen Anwendungen. Deshalb stellen viele Systeme die nötigen Werkzeuge bereit, um Pakete anzupassen oder neu zu generieren.

Fail fast and succeed!

Test-Driven JavaScript Application Development

Over time, besides many libraries, lots of development tools were created for JavaScript.
This talk provides a detailed overview of the different kinds of tests, lists the applicable tools for each of them, and points out a selection for test-driven development (TDD) to allow a structured onboarding.