Intrinsic-ID increase MIPS security

Steve Bush has an article in Eletronics Weekly about Imagination Technology — the company that owns MIPS chips — teaming with “Eindhoven chip security firm Intrinsic-ID to add a ‘physically un-cloneable function’ (PUF) to MIPS cores – initially the M5150 CPU – for authentication and anti-cloning.”

http://www.electronicsweekly.com/news/design/eda-and-ip/imagination-increases-security-on-mips-processors-2016-06/

Imagination donates MIPS hardware to Debian

It looks like a few companies, including Imagination Technologies, the current company behind MIPS processors, has donated some hardware to the Debian project!

 […] Imagination Technologies recently donated several high-performance SDNA-7130 appliances to the Debian Project for the development and maintenance of the MIPS ports. The SDNA-7130 (Software Defined Network Appliance) platforms are developed by Rhino Labs, a leading provider of high-performance data security, networking, and data infrastructure solutions. With these new devices, the Debian project will have access to a wide range of 32- and 64-bit MIPS-based platforms. […] The Debian project would like to thank Imagination, Rhino Labs and aql for this coordinated donation. […]

https://bits.debian.org/2016/05/imagination-64-bit-mips-cpus.html

PS: I mostly pay attention to Intel and ARM hardware, it’s been a while since I’ve worked on a MIPS box. Just catching up to MIPS after years, there’s a lot of firmware exploit research out there:
https://www.google.com/?gws_rd=ssl#q=MIPS+firmware+reverse+engineering
https://www.linux-mips.org/wiki/Firmware

coreboot and Chrome OS upstreaming

I mainly work with UEFI technology, and don’t know much about coreboot, nor Chrome OS. I’m new to these tech, and learning them… 🙂

For a while, I thought coreboot was pretty inactive, but I now realize much of the coreboot activity has been taking place in Chrome OS. It appears that some of this work is now being upstreamed to the main coreboot.

From the coreboot blog:

“In the last months there was lots of activity in the coreboot repository due to upstreaming the work that was done in Chrome OS’ branch. We’re happy to announce that both code bases are again relatively close to each other. In the last 7 months, about 1500 commits that landed in coreboot originated in Chrome OS’ repository (of about 2600 total). Those came from 20 domains, which represent pretty much every part of the coreboot community: well known private and commercial coreboot contributors, but also BIOS and silicon developers as well as device manufacturers. Significant contributions that went into the tree recently were written with active support by Broadcom, Imagination Technologies, Intel, Marvell, Nvidia, Qualcomm, and RockChip.”

“In the future, Chrome OS will move over to a new branch point from upstream, and work on strategies to avoid diverging for two long years again. Instead, we’re looking for ways to keep the trees closer while also avoiding flooding the coreboot.org developer base with hundreds of patches. More on that as it is implemented.”

Some features that’ve been recently added include:
* new MIPS support
* improved ARM support, for SoCs by Broadcom, Marvell, Qualcomm, and RockChip
* an improved, safer method to declare the memory map on devices
* effort to get Chrome OS’ verified boot support
* update the flash image format to allow for safer incremental updates

This looks like great news for coreboot! I’ll have more blog entries about coreboot and Chrome OS in the near future.

More Information:
http://blogs.coreboot.org/blog/2015/05/26/report-on-chrome-os-upstreaming/
http://coreboot.org/
http://www.chromium.org/chromium-os/2014-firmware-summit
https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot