OSdev.org ACPI articles

October 3, 2017 ~ hucktech ~ Leave a comment

I just noticed that osdev.org has some wiki pages on ACPI, and the FADT entry has been recently been updated. It is nice to have another source of ACPI information. 🙂

http://wiki.osdev.org/FADT

Ekoparty presentation by Eclypsium available

October 3, 2017 ~ hucktech ~ Leave a comment

Blue Pill for your Phone
SLIDES by @ABazhaniuk and @c7zero #MobileSecurity #AndroidSecurity https://t.co/CBtg22W8HX pic.twitter.com/jxnJMWix9M

— Mobile Security (@mobilesecurity_) October 3, 2017

#eko13 #ekoparty slides from our talk (in case of someone missed): https://t.co/R1v3xtM6SS (orig. from bh presentation)

— Alex Bazhaniuk (@ABazhaniuk) October 2, 2017

Click to access us-17-Bazhaniuk-Bulygin-BluePill-for-Your-Phone.pdf

AMI announces full Redfish 1.0 support

October 3, 2017 ~ hucktech ~ Leave a comment

PR Announcement: AMI adds full Support for Redfish 1.0 specification in #AptioV https://t.co/qEdrudxOhI

— AMI (@AMI_PR) October 3, 2017

American Megatrends Announces Full Support for Redfish™ 1.0 Specification in Aptio® V UEFI BIOS and MegaRAC® BMC Remote Management Firmware
Monday: October 2, 2017

AMI has announced its full support for the Redfish™ 1.0 specification from the Distributed Management Task Force (DMTF), in both its Aptio® V UEFI BIOS Firmware as well as several products within the MegaRAC® Manageability Framework – the most widely used solution in the market today. […] In addition to its industry-leading Aptio® V UEFI BIOS Firmware, known and trusted by Tier One OEMs and ODMs around the globe, products from AMI featuring support for Redfish 1.0 include the fully-integrated MegaRAC Pooled System Management Engine (PSME) firmware solutions, which enable efficient resource management for Network, Storage and Compute hardware throughout the data center, as well as MegaRAC Composer™ Pod Management Software.[…]

https://ami.com/en/products/remote-management/rack-scale-design-solutions/.

https://ami.com/en/news/press-releases/american-megatrends-announces-full-support-for-redfish-10-specification-in-aptio-v-uefi-bios-and-megarac-bmc-remote-management-firmware/

http://redfish.dmtf.org/

Baidu updates Rust SGX SDK

October 2, 2017October 3, 2017 ~ hucktech ~ 1 Comment

Re: https://firmwaresecurity.com/2017/07/23/baidu-releases-sgx-sdk-for-rust/

Baidu has updated their Rust SDK for Intel SGX:

Baidu’s Rust SGX SDK v0.9.0 released, now with support for std (among many other new features) 🎉 https://t.co/odUfi75i2T

— Tony "Abolish ICE" Arcieri 🦀🌹 (@bascule) October 2, 2017

https://github.com/baidu/rust-sgx-sdk/releases/tag/v0.9.0

Agenda for ECC’17

October 2, 2017 ~ hucktech ~ Leave a comment

The schedule and speakers can be looked up for the European coreboot conference. https://t.co/phl7uT84ol #ECC’17 #coreboot

— Paul Menzel (@pmenzel_molgen) October 2, 2017

The schedule for the European Coreboot Conference 2017 (ECC’17) is out:

* Keynote, Stefan Reinauer
* Run upstream coreboot on an ARM Chromebook. Paul Menzel
* DDR3 memory initialization basics on Intel Sandybrige platforms. Patrick Rudolph
* Booting UEFI-aware OS on coreboot enabled platform – “In God’s Name, Why?”. Piotr Król, Kamil Wcisło
* Reverse engineering MT8173 PCM firmwares and ISA for a fully free bootchain. Paul Kocialkowski
* Let’s move SMM out of firmware and into the kernel. Ron Minnich
* A Tale of six motherboards, two BSDs and coreboot. Piotr Kubaj
* Buying trustworthy hardware for federal agencies: How open source firmware saves the day. Carl-Daniel Hailfinger
* SINUMERIK 840D sl – step ahead with coreboot. Werner Zeh
* Enabling TPM 2.0 on coreboot based devices Piotr Król, Kamil Wcisło
* Reverse Engineering x86 Processor Microcode. Philipp Koppe, Benjamin Kollenda
* Porting coreboot to the HP ProLiant MicroServer Gen8. Alexander Couzens, Felix Held
* Implementing coreboot in a ground breaking secure system: ORWL. Wim Vervoorn , Gerard Duynisveld

https://ecc2017.coreboot.org/

VisualUEFI udpated

October 2, 2017 ~ hucktech ~ Leave a comment

Happy to report that VisualUEFI (https://t.co/uPKFeocOH5) has now been fully updated, including OpenSSL 1.1.0e and full SecureBoot support! pic.twitter.com/r6Q9VA3KF9

— Alex Ionescu (@aionescu) October 2, 2017

The latest EDK-II sources are used, no longer with any custom OpenSSL changes — we pull directly from both repositories.

— Alex Ionescu (@aionescu) October 2, 2017

With the latest SDL 2.0 compiled QEMU binaries, the UI slowdowns (unbearable before at high resolutions) are totally gone. It's *FAST*.

— Alex Ionescu (@aionescu) October 2, 2017

https://github.com/ionescu007/VisualUefi

Windows UEFI & ACPI Development

more on Google NERF

October 2, 2017 ~ hucktech ~ Leave a comment

Google NERF looks interesting, they keep UEFI’s PI but replace the UEFI layers with Linux kernel, and the code is written in Go. Looks like they’re focusing on removing dynamic code in UEFI and SMM. Unclear about their position towards dynamic code in ACPI, as well as PCIe (eg, PCIleech-style attacks).

The slides from the recent North American OSS presentation are online, but I can’t find the video online:

Click to access Linuxcon%202017%20NERF.pdf

There’s an upcoming European OSS event upcoming:

Replace Your Exploit-Ridden Firmware with Linux
Ronald Minnich, Google

With the WikiLeaks release of the vault7 material, the security of the UEFI (Unified Extensible Firmware Interface) firmware used in most PCs and laptops is once again a concern. UEFI is a proprietary and closed-source operating system, with a codebase almost as large as the Linux kernel, that runs when the system is powered on and continues to run after it boots the OS (hence its designation as a “Ring -2 hypervisor”). It is a great place to hide exploits since it never stops running, and these exploits are undetectable by kernels and programs. Our answer to this is NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google to replace almost all of UEFI firmware with a tiny Linux kernel and initramfs. The initramfs file system contains an init and command line utilities from the u-root project (http://u-root.tk/), which are written in the Go language.

https://osseu17.sched.com/event/ByYt/replace-your-exploit-ridden-firmware-with-linux-ronald-minnich-google
https://ossna2017.sched.com/event/BCsr/replace-your-exploit-ridden-firmware-with-linux-ronald-minnich-google
https://osseu17.sched.com/event/ByYt/replace-your-exploit-ridden-firmware-with-linux-ronald-minnich-google

http://u-root.tk/
https://github.com/u-root/u-root

Google NERF: Non-Extensible Reduced Firmware