Published at November 27, 2025 · Sergii Dmytruk · 20 min read
Dasharo on MeteorLake NovaCustom laptops has reached HSI-3. This took extending support for Intel BootGuard in coreboot and combining TPM event logs of coreboot and EDK II....
Dasharo Tools Suite: the story about scalability and stability, roadmap
Published at November 24, 2025 · Daniil Klimuk · 33 min read
Check out latest DTS upatest and roadmap. I will start from intro to DTS and the feature that are coming to it: hardware attestation, Chain of Trust and Root of Trust provisioning and verification, new hardware support. Then the brand new DTS E2E testing methodology, that help us maintain and further develop DTS, will be introduced and explained in details....
Categories: app-dev firmware miscellaneous os-dev
Gigabyte MZ33-AR1 Porting Update: ACPI and bugfixes
Published at November 5, 2025 · Michał Żygowski · 29 min read
In this blog post we will explain the effort of porting platform-specific ACPI code and show the extent of bugfixes required to run operating systems without issues on AMD Turin server platform, the Gigabyte MZ33-AR1....
Categories: firmware
Qubes OS Summit 2025 in Berlin: From R4.3 Features to Qubes Air Architecture
Published at October 20, 2025 · Piotr Król · 22 min read
Qubes OS Summit 2025 took place September 26-28 in Berlin, bringing together the community for talks on R4.3 updates, GUI improvements, infrastructure advances, and Qubes Air architecture. The event featured contributions from the Dasharo ecosystem including server firmware foundations, NovaCustom updates, UEFI Secure Boot progress, and TrenchBoot compatibility work. Day three hackathon focused on practical implementation including the Dasharo Patchqueue Initiative with XenServer expertise....
Gigabyte MZ33-AR1 Porting Update: PCIe Init, BMC KVM Validation, and HCL Improvements
Published at October 10, 2025 · Michał Żygowski · Mateusz Kusiak · 22 min read
Another post about the Gigabyte MZ33-AR1 porting effort progress. This time, we add definitions for PCI Express initialization, and validate BMC KVM VGA and keyboard. Also, improvements to HCL reporting and data dumping on AMD systems have been made....
Categories: firmware
AMD PSP blob analysis on Gigabyte MZ33-AR1 Turin system
Published at September 12, 2025 · Michał Żygowski · 14 min read
The blog post describes the analysis of PSP blobs on Gigabyte. MZ33-AR1. The analysis covers various aspects of stitching AMD firmware BIOS images and how a support for stitching Turin blobs was developed in coreboot....
Categories: firmware
Mapping and initializing USB and SATA ports on Gigabyte MZ33-AR1
Published at September 12, 2025 · Michał Żygowski · 26 min read
As the Gigabyte MZ33-AR1 porting effort progresses, coreboot has to add definitions for I/O bus initialization, such as SATA, USB and PCI Express. If you are curious how it is done on an AMD Turin-based system, read till the end....
Categories: firmware
Published at August 27, 2025 · Kamil Aronowski · 12 min read
The `init_on_free` Linux option ensures rigorous security by instantly zeroing out memory upon deallocation. In this follow-up, we build on our prior ram-wipe experiments to rigorously evaluate if `init_on_free` can serve as a robust safeguard, perhaps supplanting existing, less comprehensive memory wiping solutions....
Porting Gigabyte MZ33-AR1 server board with AMD Turin CPU to coreboot
Published at August 7, 2025 · Michał Żygowski · 20 min read
The blog post describes effort made to port a modern AMD server board to coreboot. The target is Gigabyte MZ33-AR1 supporting newest AMD EPYC server processor family Turin and OpenSIL....
Categories: firmware
ZarhusBMC: The second encounter - Porting OpenBMC to X11SSH part II
Published at July 31, 2025 · Mateusz Kusiak · 14 min read
In this blog post we share current progress of ZarhusBMC and porting OpenBMC to the x11ssh platform. We also give some insides on the caveats that come with preparing configuration for proprietary platform....
Categories: firmware miscellaneous os-dev
Published at July 17, 2025 · Michał Kopeć · 8 min read
EDK II is quickly becoming a big player in the ARM firmware space. In this blog post I will be exploring the process of porting EDK II to a new platform and the current state of this UEFI implementation on ARM based platforms....
Categories: firmware
TrenchBoot AEM gains support for UEFI installations
Published at June 10, 2025 · Krystian Hebel · 13 min read
A feature craved by many is finally here. AEM can now be used with Qubes OS installed under UEFI. Oh, and some automated testing. But mostly UEFI....
Categories: bootloader firmware hypervisor os-dev security
Automating Firmware Security: CI for DBX and Microcode Updates in Dasharo
Published at May 29, 2025 · Michał Kopeć · 10 min read
Microcode and DBX are critical components in establishing the security of your platform. This blog post will discuss how Dasharo automates their updates, making our firmware more transparent and your platform more secure....
ZarhusBMC: The Beginning - Porting OpenBMC to the X11SSH Platform
Published at April 28, 2025 · Mateusz Kusiak · 12 min read
Reclaim your server! Can you trust a machine that runs unauditable code on a BMC? OpenBMC can solve this. This blog post is a summary of what it takes to build OpenBMC for an unsupported platform...
Enabling Secure Boot on ODROID M1 (RK3568B)
Published at April 22, 2025 · Michał Iwanicki · 14 min read
This blog post describes how to enable Secure Boot on ODROID-M1(RK3568B). Read how to write hash of public key to OTP memory, how to sign loader and how to build signed U-Boot with enabled signature verification....
CROSSCON, its Hypervisor, and Zarhus
Published at April 10, 2025 · Wiktor Grzywacz · 19 min read
Learn about CROSSCON, how it's hypervisor works, and why running Zarhus on top of it streamlines development and testing on the RPi4....
Categories: firmware security virtualization
Conclusions from RAM data remanence tests
Published at February 20, 2025 · Maciej Pijanowski · Krystian Hebel · 3 min read
A practical summary from the two previous blog posts presenting results of RAM data remanence tests....
Categories: firmware miscellaneous
UEFI Update Capsules for Open Source firmware
Published at December 10, 2024 · Sergii Dmytruk · 12 min read
MSI Z690-A and Z790-P are the first Dasharo firmware releases to support UEFI capsule updates. The additional way to update your firmware aims at making the process more reliable and convenient....
Categories: firmware
Improving measured boot and TPM support in Dasharo
Published at November 28, 2024 · Michał Żygowski · 11 min read
An overview of recent improvements to TPM and measured boot support in open-source firmware, coreboot and Dasharo....
UEFI Secure Booting FreeBSD with Dasharo firmware
Published at November 14, 2024 · Filip Lewiński · 8 min read
This blogpost is a very brief introduction to the UEFI Secure Boot. It focuses on enabling Secure Boot on FreeBSD, on the example of a device running Dasharo firmware....
New Dasharo v0.9.0 Meteor Lake releases
Published at August 7, 2024 · Filip Gołaś · 8 min read
Dasharo v0.9.0 for 14th gen Intel Meteor Lake has just been released bringing numerous new features and improvements. Check out what's new!...
Getting started with Hardkernel ODROID H4+
Published at August 1, 2024 · Michał Żygowski · 15 min read
First steps with new hardware and preparations for coreboot firmware porting. A quick cookbook where to start and what to do when you get your hands on a new platform and not get your hands or board burnt....
Categories: firmware
TrenchBoot Anti Evil Maid - Phase 4
Published at May 17, 2024 · Krystian Hebel · 7 min read
This blog post marks the completion of the next phase of TrenchBoot Anti Evil Maid project for Qubes OS. This time the project focused on AMD platforms, which is something that wasn't possible with the original solution based on tboot....
Categories: bootloader firmware hypervisor os-dev security
Implementing UEFI Secure Boot on MPL PIP4x
Published at April 18, 2024 · Paweł Langowski · 13 min read
This post explains how we tackled the problem of implementing UEFI Secure Boot on MPL's PIP platforms. The process included testing the platform's compatibility with Secure Boot and integrating automatic image signing into an existing Yocto layer....
Dasharo Compatible with MSI PRO Z690-A Release v1.1.3
Published at February 13, 2024 · Michał Żygowski · 11 min read
Discover the latest Dasharo v1.1.3 release bringing new features, many bug fixes, and compatibility with 14th generation Intel Core processors. Dive in to find out more....
Diving deep into Linux DRM bridge chaining
Published at February 12, 2024 · Daniil Klimuk · 14 min read
The post describes the story of implementing bridge-chaining using the DRM/KMS Linux Kernel system on an embedded device with i.mx8mmini SoC...
Categories: firmware miscellaneous
Published at January 31, 2024 · Krystian Hebel · 7 min read
This post shows how we tested simple commands on TwPM, which is our attempt at making TPM more open....
TrenchBoot Anti Evil Maid - Phase 3
Published at January 12, 2024 · Krystian Hebel · 8 min read
This blog post marks completion of next phase of TrenchBoot Anti Evil Maid project for Qubes OS. Even though user experience didn't change too much, the implementation went through a major overhaul....
Categories: bootloader firmware hypervisor os-dev security
Upgrading your gears with liquid cooling
Published at December 18, 2023 · Michał Żygowski · 6 min read
The post describes the story of upgrading a MSI PRO Z690-A DDR4 Full PC build with Dasharo firmware from 3mdeb to a 14th Gen Intel CPU and a liquid cooling....
Categories: firmware miscellaneous
Optimizing Firmware Updates: Dasharo Firmware Update Mode for NovaCustom Laptops
Published at November 7, 2023 · Michał Kopeć · 5 min read
Updating your firmware is an important part of keeping your device secure and reliable. Making this process as easy and reliable as possible is, therefore, a big focus for Dasharo. In this article, we'll dive into the latest feature that makes the update process on NovaCustom laptops a bit easier, more user-friendly, and talk about where we want to go from here....
Categories: firmware
TrenchBoot Anti Evil Maid - Phase 2
Published at October 20, 2023 · Michał Żygowski · 10 min read
TrenchBoot Anti Evil Maid project for Qubes OS is progressing. With the addition of TPM 2.0 support, Anti Evil Maid gains much higher adoption and possibilities than ever before....
Categories: bootloader firmware hypervisor os-dev security
Dasharo Compatible with MSI PRO Z690-A Release v1.1.2
Published at September 8, 2023 · Piotr Król · 10 min read
Discover the latest Dasharo v1.1.2 release, designed with you in mind. Enjoy the freedom to personalize with the new logo customization feature, and flash open-source firmware safely with Flash BIOS recovery support. Its about making firmware both fun and secure. Dive in to find out more....
Optimizing SPI communication on STM32 MCUs: a comprehensive guide to high-frequency communication
Published at July 28, 2023 · Artur Kowalski · 22 min read
In this blog post, we delve into the fascinating world of Serial Peripheral Interface (SPI) on STM32 microcontrollers (MCUs). Specifically, we explore how SPI is utilized in TPM chips for communication with PC motherboards. We encounter the challenges of achieving high-frequency SPI communication, especially when operating as a slave, and the specific limitations of STM32L476 MCUs. The article further uncovers the limitations of existing approaches in platforms like Zephyr and STM32 HAL. We then embark on a journey to fix SPI issues, improve DMA performance, and optimize the firmware for high-speed SPI communication. Throughout the blog post, we provide in-depth technical insights and share valuable test results. Join us as we push the boundaries of SPI communication and unlock new possibilities in the world of microcontrollers....
Categories: firmware miscellaneous security
Our contribution to coreboot 4.20 release
Published at May 18, 2023 · Piotr Król · 4 min read
🎉 Celebrating coreboot 4.20 release! 🚀 Kudos to our contributors who have pushed the envelope in firmware security & optimization. Key updates: improved SoC support, TPM security, VT-d DMA protection & more. Check out the blog for all the details....
Categories: firmware
3mdeb Insights: A Look into 3mdeb's Open-Source Contributions
Published at April 27, 2023 · Norbert Kamiński · Piotr Król · 13 min read
We're thrilled to share our team's summary of open-source contributions from 2021 to the first half of 2023 with you. We've actively worked on enhancing various projects, including coreboot and fwupd. Our involvement has not only boosted the functionality and security of these projects but also equipped us with valuable expertise for our clients. Stay tuned for an insightful blog post diving into our open-source contributions!...
Categories: firmware manufacturing
Dasharo compatible with MSI PRO Z690-A release v1.1.1
Published at March 2, 2023 · Michał Żygowski · 10 min read
A short overview of changes introduced in v1.1.1 release of Dasharo compatible with MSI PRO Z690-A with a short demo of Qubes OS R4.1.2-rc1....
Categories: firmware
TrenchBoot Anti Evil Maid for Qubes OS
Published at January 31, 2023 · Michał Żygowski · 14 min read
Qubes OS Anti Evil Maid (AEM) software heavily depends on the availability of the DRTM technologies to prevent the Evil Maid attacks. However, the project has not evolved much since the beginning of 2018 and froze on the support of TPM 1.2 with Intel TXT in legacy boot mode (BIOS). In the post we show how existing solution can be replaced with TrenchBoot and how one can install it on the Qubes OS. Also the post will also briefly explain how TrenchBoot opens the door for future TPM 2.0 and UEFI support for AEM....
Categories: bootloader firmware hypervisor os-dev security
Published at January 30, 2023 · Norbert Kamiński · 5 min read
This blog post will provide an in-depth look at upcoming plans and events for the near future.n the next quarter, we have several exciting events planned for the 3mdeb community. Our events aim to provide a platform for members to connect, share knowledge, and stay informed about the latest developments in the open-source ecosystem....
Categories: firmware miscellaneous
Infrastructure for Xen development and debugging
Published at July 4, 2022 · Piotr Król · Norbert Kamiński · 5 min read
Back in 2018 at OSFC, we've presented AMD IOMMU enabling for PC Engines apuX (GX-412TC) platforms. Our hypervisor of choice was Xen and we used it to verify the PCI pass-through feature. Unfortunately, the booting process was not exactly stable. In this article, you can check how to prepare infrastructure for Xen development and debugging...
Introduction of Yocto meta layer for Nezha D1
Published at May 12, 2022 · Cezary Sobczak · 5 min read
Presentation of current progress status with the support of the Nezha board in Yocto Project...
Talos II - second CPU support and test automation
Published at April 15, 2022 · Krystian Hebel · 5 min read
Another post about our adventures with porting coreboot for Talos II. This phase focused on enabling second CPU and its internal devices. We also expanded our test suite....
Categories: firmware
Open Source Firmware on TigerLake platforms - part 1
Published at April 14, 2022 · Michał Żygowski · 9 min read
This post describes efforts of building open source firmware for Tiger Lake UP3 RVP platform and the problems faced in the process. Tiger Lake is one of the newest Intel processors for which the FSP and EDK2 MinPlatform has been recently released....
Categories: firmware
Fobnail Token - platform attestation
Published at April 6, 2022 · Artur Kowalski · Krystian Hebel · 6 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on attestation....
ASUS KGPE-D16 Dasharo testing update
Published at March 23, 2022 · Michał Żygowski · 4 min read
This blog post describes the updates in the validation process of Dasharo for ASUS KGPE-D16. You will read about new tests and newly detected issues....
Categories: firmware
Fobnail Token - platform provisioning
Published at March 21, 2022 · Krystian Hebel · 7 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on platform provisioning....
A new source of trust for your platform - Dasharo with Intel TXT support
Published at March 17, 2022 · Michał Żygowski · 9 min read
Do you trust the firmware on your system? No? Then this post is a must-read for you. Get to know what Intel Trusted Execution Technology (TXT) is and how it may help you securely measure and attest your operating system and software running on your machine. You will also hear about open-source implementation of Intel TXT for Ivy Bridge/Sandy Bridge platforms including Dell OptiPlex 7010 / 9010....
Current status of coreboot and Heads ports for Talos II
Published at February 16, 2022 · Krystian Hebel · 8 min read
This post summarizes our current progress on making first coreboot port for POWER platform, including Heads as a payload. It will also show how You can test it without having to flash firmware to PNOR....
Categories: firmware
KGPE-D16 open-source firmware status
Published at February 3, 2022 · Michał Żygowski · 6 min read
This post covers the struggles and efforts behind the revival of KGPE-D16. Something that community was waiting for a long time. With Dasharo firmware the platform obtained a new life and sees a new daylight with more security features and improvements....
Porting EDK II to an old Allwinner A13 tablet
Published at January 18, 2022 · Artur Kowalski · 7 min read
Most ARM SoC's run U-Boot or some custom bootloader. That was the case with Allwinner SoC's, until I started porting EDK II to my A13 tablet. In this post, I will tell you about the current UEFI support status on Allwinner SoC's, my future plans, and how to test UEFI on a compatible device...
Categories: firmware manufacturing
Fobnail Token - developing communication method that meets the CHARRA requirements
Published at December 15, 2021 · Tomasz Żyjewski · 4 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. During the last phase, we managed to implement the communication method that will be used between verifier and attester....
Enabling Secure Boot on RockChip SoCs
Published at December 3, 2021 · Artur Kowalski · 9 min read
RockChip Secure Boot is an essential security feature that helps tablet, PC, streaming media TV box, and IoT solution vendors secure their devices against malware infecting the firmware. In the following post, we will tell a story about enabling Secure Boot on the RK32xx family, but the lesson learned can be used on other models...
Dasharo for Dell OptiPlex 7010 / 9010
Published at November 26, 2021 · Michał Żygowski · 8 min read
Open source firmware may be hundreds of times better than the proprietary one. On the example of Dell OptiPlex 7010 / 9010 we will show you the advantages of Dasharo firmware on this machine....
Categories: firmware
First impression on Nezha RISC-V SBC
Published at November 19, 2021 · Cezary Sobczak · 9 min read
Nezha is a AIoT development board customized by AWOL based on Allwinner's D1 chip. It is the world's first mass-produced development board that supports 64bit RISC-V instruction set and Linux system....
Fobnail vs other boot security projects
Published at October 28, 2021 · Michał Żygowski · 11 min read
Have you ever thought about securing the boot process of your computer? No? This post will compare the available open source boot process hardening projects and explain the importance of signing and protection the software/operating system you launch. You will also get to know how the boot process may be secured even further and with the incoming Fobnail security token....
Published at October 8, 2021 · Michał Kopeć · 5 min read
An introduction to TPMs. Let's explore the differences between common implementations of TPMs and how they might matter to you....
Open Source Firmware on AMD Milan server processors
Published at September 9, 2021 · Michał Żygowski · 6 min read
There were times where AMD was actively supporting open source firmware ecosystem by providing silicon initialization code. With a few years break AMD is now trying to support open source firmware again with the mobile platform like Chromebooks. However, the recent achievements have made everybody think that open source firmware is also possible on servers....
Categories: firmware
OSF vPub (vBeer) - what a fun event!
Published at July 1, 2021 · Mike Banon · 2 min read
Our 2nd OSF vPub gathering was really fun and interesting - together with Richard Stallman as our honored guest!...
Categories: firmware miscellaneous
fwupd on FreeBSD - Status Update
Published at June 14, 2021 · Michał Kopeć · 5 min read
As the fwupd port for FreeBSD nears completion, let's take a look at the biggest challenges we faced and how we managed to overcome them....
Categories: firmware
Open Compute Open System Firmware (OCP OSF) and its' importance
Published at June 10, 2021 · Piotr Król · 6 min read
Let's figure out what is OCP Open System Firmware, see how it relates to the Open Source Firmware (OSF) - and why it is important for your company to have one running on your product....
Categories: firmware miscellaneous
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 2)
Published at June 1, 2021 · Michał Żygowski · 10 min read
This post is a second part of the series which tells a story about porting Dell OptiPlex 9010 workstation to open-source firmware - coreboot. What was simple is long past us in the first part of the series. This time we are taking a deeper dive into the technical aspects of Environmental Controller reverse engineering and locating the problem with machine not booting after AC loss....
Categories: firmware
First impressions on the beta BeagleV - affordable RISC-V SBC
Published at May 6, 2021 · Maciej Pijanowski · 11 min read
BeagleV is the first affordable RISC-V SBC designed to run Linux. It is fully open-source with open-source software, open hardware design and RISC-V open architecture. This blog post presents the basic functionality of the first batch of the available beta samples released to the community....
Right to Repair - and why is it important?
Published at April 30, 2021 · Mike Banon · 4 min read
Let's observe the struggles of today's repairman, why a right to repair is important and how 3mdeb can help....
Categories: firmware hardware miscellaneous
Yocto Project and its components as the Reference OS for Dasharo
Published at April 22, 2021 · Maciej Pijanowski · 4 min read
Let's dive into the most frequently asked questions regarding Dasharo products based on Yocto Project - this blog post will answer what is Yocto and what are the reasons for choosing such a solution...
Thoughts on OSFC 2020 – day 2 and 3
Published at April 14, 2021 · Kamila Banecka · 8 min read
Lets share some thoughts that evolved during the OSFC 2020 talks and send kudos to many people who made this conference happen....
Categories: firmware
The backdoor to your firmware 2
Published at March 25, 2021 · Anastazja Lapanova · 6 min read
Firmware vulnerabilities in the light of recent attacks as a backdoor of the firmware - part 2...
Creating ports for BSD distributions
Published at March 15, 2021 · Norbert Kamiński · Piotr Konkol · 8 min read
In this blog post, we will present how to build packages for FreeBSD, DragonFlyBSD, NetBSD, and OpenBSD. Also, we will show you how to create CI for FreeBSD distribution with the use of GitHub action....
Categories: firmware
Published at March 12, 2021 · Anastazja Lapanova · 5 min read
Firmware vulnerabilities in the light of recent attacks as a backdoor of the firmware...
OSF vPub (vBeer) - what a fun event!
Published at February 23, 2021 · Mike Banon · 2 min read
We've just had our first OSF vPub gathering, with lots of fun & really interesting talk about the open-source firmware/hardware with 50 masters from all over the world!...
Categories: firmware miscellaneous
Published at February 18, 2021 · Piotr Konkol · Kamila Banecka · 5 min read
Pros and cons of automated testing and the process of performing transparent validation....
Porting fwupd to the BSD distributions - How to compile fwupd on FreeBSD
Published at February 16, 2021 · Norbert Kamiński · 14 min read
The security of the whole system is not determined only by the software it runs, but also the firmware. We want to provide easy firmware update method to BSD distributions....
Categories: firmware
FOSDEM 2021 – Open Source Firmware BMC and Bootloader devroom
Published at February 2, 2021 · Kamila Banecka · 4 min read
Thoughts around FOSDEM 2021 and 2020...
What is IOMMU and how it can be used?
Published at January 13, 2021 · Marek Kasiewicz · 6 min read
Welcome to a new blogpost series dedicated to IOMMU. In this article, you can read what IOMMU is and find out if its use may be beneficial for you....
coreboot port for OpenPOWER - why bother?
Published at December 31, 2020 · Krystian Hebel · 9 min read
You may have heard by now that we are working on coreboot port for Talos II. OpenPOWER already has, nomen omen, open source firmware, so one may ask why bother? We will try to answer that question....
Categories: firmware
Thoughts around OSFC 2020 – day 1
Published at December 21, 2020 · Kamila Banecka · Piotr Król · 6 min read
Lets share some thoughts that evolved during the OSFC 2020 talks and send kudos to many people who made this conference happen....
Containerization of the test environment for embedded systems
Published at December 17, 2020 · Mateusz Grzelak · 9 min read
Using Docker makes life much easier for developers. It allows us to build lightweight and portable software containers that simplify application development. In this article, we present the advantages of using Docker for embedded testing...
Categories: firmware
Proof of concept implementation of RATS attestation for the TrenchBoot
Published at December 14, 2020 · Norbert Kamiński · 9 min read
This blog post will describe the concept of the IETF Remote Attestation Procedures (RATS) and implementation of CHAllenge-Response based Remote Attestation (CHARRA) with TPM 2.0 for TrenchBoot....
Building coreboot for RISC-V and running it in Qemu
Published at November 18, 2020 · Wojciech Niewiadomski · 4 min read
In this article, I will briefly explain what is RISC-V and why it is so exciting, then I`ll show you step by step how to build coreboot for this architecture and run it in QEMU emulator...
Categories: firmware miscellaneous
Published at November 2, 2020 · Kamila Banecka · 5 min read
GRUB mini–summit 2020. This year we cannot miss this opportunity to meet again and face the new challenges of GRUB/GRUB2. So,dear reader, feel invited to look at GRUB with a magnifying glass....
Trenchboot: Xen hypervisor support for the TrenchBoot
Published at October 15, 2020 · Norbert Kamiński · Marek Kasiewicz · 4 min read
In this blog post, we will describe the development of the Xen hypervisor support for TrenchBoot....
Published at October 8, 2020 · Marek Kasiewicz · 7 min read
Introductory blog post to PCIe features. In this article you can read what PCIe capability is and see examples of such capabilities....
Categories: firmware
Latency - The most crucial aspect of real-time systems.
Published at September 30, 2020 · Jakub Łęcki · 4 min read
What in reality is RT system? This post will explain what to expect from Real-Time systems and how can we test performance in this kind of builds....
Raspberry Pi and Docker for your home's entertainment and work.
Published at September 23, 2020 · Dawid Zębacki · 9 min read
Have you ever been trying to automate something at home or at work? Here it comes for the rescue Raspberry Pi working with Docker! With these tools, you can create a lot of projects with small effort....
Categories: app-dev firmware iot miscellaneous
Reasonably secure way to update your system firmware
Published at September 18, 2020 · Norbert Kamiński · 3 min read
As you may know from the previous blog post, the qubes-fwupd is the wrapper that allows you to update the firmware of your devices in the Qubes OS. This time I will briefly describe the new features, whereby you will securely update your system firmware....
TrenchBoot: Open Source DRTM. Multiboot2 support.
Published at September 7, 2020 · Krystian Hebel · 11 min read
This month we will show that not only Linux kernel can be started by TrenchBoot. We also did some drastic changes to the bootloader data format, so if you try to redo some older posts in the future and they do not seem to work, this is probably the place to look for hints....
Booting coreboot on Intel Comet Lake S RVP8
Published at August 31, 2020 · Michał Żygowski · 10 min read
This blog post shows the procedure of building coreboot for a Comet Lake S platform. Also it describes problems occurred when building and booting the image. As a bonus, few tips and tricks will be shown how to fix/workaround these kind of problems....
TrenchBoot: Open Source DRTM. TPM event log all the way.
Published at August 13, 2020 · Krystian Hebel · 12 min read
We extended the TPM event log support to the Linux kernel. It is now possible to print all of the PCR extend operations performed and compare the hashes with files to see if anything is wrong....
coreboot Fundamentals Training
Published at August 9, 2020 · Kamila Banecka · 4 min read
coreboot Fundamentals Training is the first step of 3mdeb Firmware Training path. It provides solid grounds for further development towards proficiency in coreboot firmware platform enginering. With this blogpost we are starting coreboot fundamentals mini-course....
Categories: firmware miscellaneous
Project status of the fwupd/LVFS support for Qubes OS
Published at July 14, 2020 · Norbert Kamiński · 5 min read
During the QubesOS minisummit, I have presented the initial status of the fwupd/LVFS support for the Qubes OS. Now it is time to share some more information about the progress....
DEV and IOMMU: a story of two DMA protection mechanisms
Published at July 3, 2020 · Krystian Hebel · 12 min read
Both DEV and IOMMU can help with protection against malicious DMA. This post roughly describes the difference between those two, as well as the impact they have on each other in the context of TrenchBoot...
TrenchBoot: Open Source DRTM. GRUB's new features and TPM event log.
Published at July 3, 2020 · Piotr Kleinschmidt · 16 min read
This blog post will show you what features we have added to GRUB and why they are useful from user's point of view. Also, there will be shown how to utilize TPM event logs and hence debug DRTM....
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 1)
Published at June 24, 2020 · Michał Żygowski · 7 min read
This post begins a new series telling a story of a stubborn firmware engineer who overcame never-ending amount of obstacles to create a Dell OptiPlex 9010 workstation as open as possible. In this series, you will not only read about the adventures which accompanied the work on the hardware but also you will have a chance to learn the way of BIOS developer....
Categories: firmware
Qubes OS & 3mdeb 'minisummit' 2020 summation
Published at June 17, 2020 · Kamila Banecka · 8 min read
The second Qubes OS & 3mdeb minisummit is ahead of us. We had gone through four evenings of topics devoted to Qubes OS, so it is time for broad summation of the event....
Categories: firmware miscellaneous security
Starting TrenchBoot's Landing Zone from iPXE
Published at June 1, 2020 · Krystian Hebel · 10 min read
In this article we present support for starting Landing Zone from another bootloader: iPXE. It may not be as featureful as GRUB2, but it has enough juice to start DRTM using images obtained from a remote server...
Qubes OS and 3mdeb 'minisummit' 2020
Published at May 15, 2020 · Kamila Banecka · 5 min read
Once again, we will meet on QubesOs & 3mdeb minisummit 2020 discussing #QubesOS, #firmware, #coreboot, #security and #TPM related topics. All the event details are presented in the following blog post....
Categories: firmware miscellaneous security
Installing TrenchBoot in UEFI environments
Published at May 6, 2020 · Michał Żygowski · 17 min read
This blog post will show you how to install NixOS on UEFI platforms and how to install TrenchBoot on them....
User friendly tutorial for enabling HTTPS support in iPXE
Published at May 6, 2020 · Michał Żygowski · 5 min read
This article will show you how to replace old HTTP with much safer HTTPS when booting platforms/computers over network. You will read how to quickly incorporate open-source network booting solution based on coreboot and iPXE projects to your daily life....
TrenchBoot: Open Source DRTM. CI/CD system.
Published at May 5, 2020 · Piotr Kleinschmidt · 6 min read
How to improve development and validation process in our project? Automation? Of course! Let us introduce our CI/CD system. Find out how it actually works and what advantages it has....
TrenchBoot: Open Source DRTM. DRTM update and meta-trenchboot implementation
Published at April 30, 2020 · Piotr Kleinschmidt · 11 min read
Another release brings new updates in our Open Source DRTM project. Except for code changes, we have prepared our custom Linux image with DRTM. Also we set up CI/CD system for automation build and test. Read this article if you want to find out more details....
TrenchBoot: Open Source DRTM. Landing Zone validation.
Published at April 3, 2020 · Piotr Kleinschmidt · 25 min read
When you already know what is TrenchBoot, what is DRTM and how we enable it on AMD processors, we can move on to practice. I will show you how to configure all components and verify first of project's requirements....
TrenchBoot - Open Source DRTM for AMD processors. Project's basics.
Published at March 31, 2020 · Piotr Kleinschmidt · 11 min read
This is the first blog post of TrenchBoot series. It will introduce you to the project, its structure and environment. Additionally the reader will find out more about each component, how to setup the environment and configure the build....
Open Source DRTM with TrenchBoot for AMD processors. Introduction.
Published at March 28, 2020 · Piotr Kleinschmidt · 4 min read
This article starts an entire series of articles related to title project. By reading this blog post, you will find out why we have started such project and who is supporting us. Also, we bring you closer to main concept and goals....
Trying to fix ESXi 6.7.0 boot issue, part one
Published at March 4, 2020 · Krystian Hebel · 14 min read
First mentions that updated versions of VMware's ESXi 6.7.0 installer doesn't start on PC Engines platforms come from the beginning of 2019. Older versions of ESXi worked fine. 'Shutting down firmware services...' is the last line printed before hang or reboot....
Boot Guard - pre-execution firmware verification on Protectli FW6
Published at February 21, 2020 · Michał Żygowski · 9 min read
This post will not describe how to guard your shoes. However, will definitely introduce you to Boot Guard feature present on Intel processors which allows firmware verification before the first instruction executes. One may call it pre-execution firmware verification. The post will also show you how Boot Guard can work well with coreboot based firmware on an example of Protectli FW6....
GRUB2 and 3mdeb minisummit 2019
Published at February 19, 2020 · Piotr Król · 7 min read
In December 2019 we had pleasure to meet Daniel Kiper #GRUB2 maintanaer in 3mdeb office in Gdańsk. We discussed various #GRUB2, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post in form of presentations and videos....
Published at January 23, 2020 · Krystian Hebel · 14 min read
After long break, this is the third post in the hypervisor series. We will see how VMX helps with virtualization of restricted instructions and how Bareflank allows for implementation of handlers for them. At the end we will show how to write and add our own handler....
Categories: firmware
pfSense firewall boot process optimization under Xen hypervisor. Part 2
Published at December 13, 2019 · Piotr Kleinschmidt · 10 min read
In previous article we introduce our implementation of pfSense under Xen. Now, we want to show how you can improve boot process and reduce virtualized pfSense boot time to minimum....
pfSense firewall boot process optimization under Xen hypervisor. Part 1
Published at November 6, 2019 · Piotr Kleinschmidt · 5 min read
Running applications in Virtual Machines is not a trivial task. We made such pfSense firewall implementation. That article is an introduction about what we made and what actual goals we set to improve its performance....
Qubes OS and 3mdeb 'minisummit' 2019
Published at August 7, 2019 · Piotr Król · 8 min read
In May we had pleasure to meet Marek Marczykowski-Górecki #QubesOS Project Lead in 3mdeb office in Gdańsk. We discussed various #QubesOS, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post....
ESP8266 - quick guide for embedded C developers
Published at July 24, 2019 · Łukasz Łaguna · 6 min read
Would you like to start the Internet of Things adventure, but you don't know exactly how? There's no better chip to play with IoT than ESP8266. If you would like to learn how to program it in C then this article is for you....
How to safely update your firmware - fwupd and LVFS to the rescue!
Published at July 11, 2019 · Artur Raglis · 7 min read
Many people come out of the mistaken belief that changing the firmware is a very complicated task and fears that they can "brick" their platform or personal computer. Others do not know where to find matching updates. There is a simple answer - meet fwupd with LVFS....
Hummingboard Pulse - first impression
Published at June 12, 2019 · Tomasz Żyjewski · 5 min read
In this post, we will take a look at one of the SolidRun product - the HummingBoard Pulse. After power up the board we will try to boot operating system on it....
Categories: firmware
Meltdown and Spectre on PC Engines apu2
Published at May 29, 2019 · Michał Żygowski · 9 min read
As a continuation the Meltdown and Spectre blog post, this post present the vulnerability status and mitigation with microcode update on PC Engines apu2. Read the post and get to know the open source tools for vulnerability and mitigation checks, as well as exploiting proof of concepts....
Published at May 22, 2019 · Krystian Hebel · 3 min read
Recently we made sure that every build of PC Engines' firmware is built in a reproducible manner. This short post shows what exactly does it mean and why this should be important to firmware developers....
Categories: firmware
Building and running Bareflank
Published at May 15, 2019 · Krystian Hebel · 13 min read
In this second post of a series, we will build and start our first hypervisor. It won't do much just yet, but it is good to get known with its build system....
Categories: firmware
Published at May 8, 2019 · Łukasz Wcisło · 4 min read
RTE used to control tested devices could be used as a programmer. But RTE doesn't have SWD interface, which is crucial. We tried to walk around this using Bit Banging method....
Categories: firmware manufacturing miscellaneous
5 terms every hypervisor developer should know
Published at April 30, 2019 · Krystian Hebel · 11 min read
This is the first post of a series about developing bare-metal hypervisors. It introduces to Intel's VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor....
Categories: firmware
How to mitigate ROCA TPM vulnerability?
Published at April 17, 2019 · Krystian Hebel · 10 min read
ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. UPDATE 2021-10-20: provided new link for TPM firmware updates (old one was no longer working), added info about patch for openssl-1....
Flashing eMMC on Hummingboard Edge using fastboot? part 2
Published at March 8, 2019 · Maciej Pijanowski · 11 min read
Second part of the HummingBoard Edge flashing guide with the help of fastboot tool. In this post we will get acquainted with U-Boot configuration and fastboot client and try to boot our platform from DRAM, SD card and finally EMMC....
How to enable Core Performance Boost on AMD platforms?
Published at February 14, 2019 · Michał Żygowski · 13 min read
Pushing hardware to its limits In the epoch of efficient and fast processors, performance becomes one of the most crucial aspects when choosing and working with hardware. We want our computers to execute their tasks with possibly highest speeds. But what really influences the performance of our platforms? It’s the processor’s manufacturer design one may say. In this post, I will show You how firmware may boost Your silicon to higher performance level....
Categories: firmware
Enabling ECC on PC Engines platforms
Published at October 16, 2018 · Krystian Hebel · 14 min read
In this post I want to share some findings about ECC on PC Engines apu platforms. I’ll try to shortly describe what ECC is, why is it so desired, what problems with enabling this feature were encountered and how to test whether ECC works or not using MemTest86. Introduction Sometimes a bit in RAM changes its value spontaneously due to electrical or magnetic interference. It can be caused by background radiation, cosmic rays or recently attacks using row hammering....
Categories: firmware
RTE for automated kernel deployment and everyday use
Published at October 3, 2018 · Piotr Król · 9 min read
We continue our effort to enable IOMMU and as side effect I have to play with various technologies to exercise reliable development environment which base on RTE. In this blog post I would like to present semi-automated technique to debug firmware, Xen and Linux kernel. The goal is to have set of tools that help in enabling various features in Debian-based dom0. We would like: update Linux kernel which is exposed over HTTP server update rootfs provided through NFS I will use following components:...
Optimize performance in Docker containers used by Embedded Systems Consulting business
Published at September 27, 2018 · Piotr Król · 11 min read
In 3mdeb we use Docker heavily. Main tasks that we perform using it are: firmware and embedded software building - each software in Embedded System requires little bit different building environment, configuring those development environments on your host may quickly make a mess in your system for daily use, because of that we created various containers which I enumerate below trainings/workshops - when we perform trainings we don’t want to waste time for users to reconfigure the environment....
Categories: firmware miscellaneous
PC Engines APU2 platform validation with RTE
Published at September 13, 2018 · Artur Raglis · 6 min read
Introduction Remote work is trending nowadays. The best example is the IT industry - purely software tasks with handheld devices allow you to work practically from anywhere. This approach saves a big amount of time and makes a job easier. Unfortunately, as an embedded / firmware developer, there are often situations when interaction with hardware such as a power cycle is required. This leads to a barrier for successful remote work....
Categories: firmware
Xen HVM guests on PC Engines apu2
Published at August 16, 2018 · Piotr Król · 15 min read
Continuing blog post series around Xen and IOMMU enabling in coreboot we are reaching a point in which some features seem to work correctly on top of recent patch series in firmware. What we can do at this point is PCI passthrough to guest VMs. Previously trying that on Xen caused problems: random hangs firmware cause Linux kernel booting issues (hang during boot) IOMMU disabled - unable to use PCI passthrough Now we can see something like that in dom0:...
How to boot Xen over PXE and NFS on PC Engines apu2
Published at July 18, 2018 · Piotr Król · 9 min read
From time to time we face requests to correctly enable support for various Xen features on PC Engines apu2 platform. Doing that requires firmware modification, which 3mdeb is responsible for. Xen have very interesting requirements from firmware development perspective. Modern x86 have a bunch of features that support virtualization in hardware. Those features were described in Xen FAQ. It happens that most requesting were IOMMU and SR-IOV. First, give the ability to dedicate PCI device to given VM and second enables so-called Virtual Functions, what means on a physical device (e....
Building EDK2 based firmware for MinnowBoard
Published at April 3, 2018 · Bartek Lew · 2 min read
Building EDK2 based firmware for MinnowBoard There are some options to build firmware for MinnowBoard, a Bay Trail based SBC (Single Board Computer) from Intel. We prefer usually coreboot as simplest and fastest, open source solution, but sometimes we want to have UEFI interface. UEFI itself doesn’t cover whole boot procedure, so its open source reference implementation, EDK2 is not enough to build firmware for hardware plafrorm, we need to provide PI (Platform Initialization) phase implementation....
Categories: firmware
Building UEFI based firmware on MinnowBoard
Published at March 28, 2018 · Bartek Pastudzki · 8 min read
Building coreboot on well supported platform such as Bay Trail is quite straightforward task, however we need to remember about some things in order to have coreboot working. First of all we need to provide up-to-date microcode and FSP (Firmware Support Package), which are not included in coreboot source tree and coreboot build system won’t complain about it. Second thing is that Bay Trail has TXE firmware on the same ROM as boot firmware so we have to make sure that we won’t corrupt it because it would brick the platform....
Categories: firmware
Minnowboard Turbot remote firmware flashing with RTE (Remote Testing Environment)
Published at March 23, 2018 · Arkadiusz Cichocki · 7 min read
Minnowboard Turbot remote firmware flashing with RTE (Remote Testing Environment) Introduction Work related to a hardware carries some restrictions which don’t occur when working only with a software. One of them is a limited number of devices. This one may cause a problem with a accessibility to the platform. The limited number of users could slow development and testing. What is more work with a hardware requires a minimal knowledge of the theory of circuits and signals to eliminate platform damage by a user....
Categories: firmware
Flashing eMMC on Hummingboard Edge using fastboot? part 1
Published at March 20, 2018 · Maciej Pijanowski · 9 min read
Introduction Flashing an eMMC of produced board is one of the crucial manufacturing procedures. This post series presents how one can take advantage of i.MX6 features and open source tools to prepare themselves with quite robust and easy to use process. Target reference platform is Hummingboard Edge. General concept The general concept is inspired by this great bootlin (former FreeElectrons) post: I’ve run into some issues while trying to do something similar on Hummingbard Edge, so decided to share my experience....
Flashing MinnowBoard Turbot with Raspberry Pi Zero W
Published at November 20, 2017 · Piotr Król · 10 min read
Recently we started preparation of coreboot training for one of our customers. Our platform of choice for that training is MinnowBoard Turbot. There are couple reasons for that: During training we can show recent firmware trends - despite we don’t like blobs (FSP, AGESA, PSP, ME etc.) and bloated designs (UEFI) we cannot escape reality and have to show customers how to deal with those components. MinnowBoard Turbot use couple of them, but also supports coreboot....
Categories: firmware
UEFI/EDK II CorebootPayloadPkg on PC Engines apu2
Published at November 3, 2017 · Piotr Król · 9 min read
Recently we were reached by person interested in running CoreOS on apu2. CoreOS is a very interesting system from security point of view. It was created to support containers and scalability out of the box. Unfortunately it requires firmware supporting GPT. At that point I was not sure if I can utilize GRUB GPT support on apu2, but this led to other questions: Is it possible to boot UEFI-aware OS on PC Engines apux boards?...
Categories: firmware
PC Engines apu2 python Robot Framework validation automation
Published at November 2, 2017 · Piotr Król · 8 min read
Recently we attended ECC2017 conference. One of topics that we considered was a system for development and validation automation. Unfortunately this talk was not accepted, but we present some research below and plan to provide more soon. As maintainers of PC Engines platforms in coreboot we debug and fix quite a lot of bugs, but to take full responsibility for our code everything should be validated each time we do release....
Categories: firmware
How to handle a DHT22 sensor using ARM mbed OS?
Published at August 1, 2017 · Michał Żygowski · 8 min read
Recently I have encountered with temperature and humidity measurements using DHT22 sensor. I was developing a driver source code in ARM mbed OS SDK on particular STM32 NUCLEO L432KC platform. Thorough analysis of DHT22 documentation led me to the following questions: Is it possible to accurately measure voltage-level durations during read process? What duration time values should be considered as timeout or/and error? Should I weaken the time restrictions in order to avoid random delays in voltage level transitions be considered as failure?...
Installing OpenWRT on APU3 platform
Published at May 12, 2017 · Kamil Wcisło · 13 min read
This guide should be considered as a simple walk-through for using APU3 platform in some generic use-cases. I’m trying to explain how to work with the device and use it in a generic manner. There is a part about the coreboot firmware, which could be used as a reference of how to start customizing it for own purposes. Configuring the hardware At first, let’s figure out some basic requirements for our new device:...
OpenOCD and development environment for Zephyr on NXP FRDM-K64F
Published at March 18, 2017 · Piotr Król · 12 min read
In this post I would like to describe process of setting up NXP FRDM-K64F development environment under Linux and start Zephyr development using it. Why NXP FRDM-K64F ? I choose this platform mostly because of ready to use guide about using 802.15.4 communication by attaching TI CC2520, which was presented here. Typical wireless stack starts with 802.15.4, then 6LoWPAN adaptation and then IPv6, which carries application protocols. 6LoWPAN compress IPv6 so it can fit BLE and 802....
Nerves project triage on BeagleBone Black Black
Published at March 10, 2017 · Piotr Król · 6 min read
Recently one of my customers brought to my attention Nerves. It aims to simplify use of Elixir (functional language leveraging Erlang VM) in embedded systems. This system has couple interesting features that are worth of research and blog post. First is booting directly to application which is running in BEAM (Erlang VM). Nerves project replace systemd process with programming language virtual machine running application code. Concept is very interesting and I wonder if someone tried to use that with other VMs ie....
nRF51822 programming with OpenOCD under Linux
Published at January 22, 2017 · Kamil Wcisło · 8 min read
Some time ago we bought BLE400 from Waveshare as probably one of the cheapest option to enter nRF51822 market. As our readers know, we prefer to use the Linux environment for embedded systems development. Because of that, we’re following the guide for using Waveshare nRF51822 Eval Kit: icarus-sensors. Kudos due to great post that helped us enter nRF51822 and mbed OS land under Linux. BLE400 is pretty cheap, because it hasn’t got integrated debugger/programmer....
Zephyr initial triage on Nucleo-64 STM32F411RE
Published at January 14, 2017 · Piotr Król · 7 min read
As I mention in previous post Zephyr RTOS is an interesting initiative started by Intel, NXP and couple other strong organizations. With so well founded background future for this RTOS should look bright and I think it will quickly became important player on IoT arena. Because of that it is worth to dig little bit deeper in this RTOS and see what problems we faced when trying to develop for some well known development board....
Failure of ECC508A crypto coprocessor initial triage with SAM G55 Xplained Pro Evaluation Kit
Published at November 24, 2016 · Piotr Król · 7 min read
Some time ago (around August 2016) embedded community media were hit with hype around simplified flow for AWS IoT provisioning (1, 2, 3). I’m personally very interested in all categories related to those news: IoT - is 3mdeb business core and despite this term was largely abused these days, we just love to build connected embedded devices. Building this kind of devices is inherently related with firmware deployment, provisioning and update problems....
Starting with Nucleo-F411RE and mbed OS for command line enthusiasts
Published at November 23, 2016 · Piotr Król · 9 min read
When I first time read about mbed OS I was really sceptical, especially idea of having web browser as my IDE and compiler in the cloud seems to be very scary to me. ARM engineers proved to provide high quality products, but this was not enough to me. Then I heard very good words about mbed OS IDE from Jack Ganssle, this was still not enough. Finally customers started to ask about this RTOS and I had to look deeper....
SAMG55 + OLED1 Xplained Pro Hello World!
Published at October 20, 2016 · Piotr Król · 4 min read
AMG55 - recognition in the field If you are considering working on SAMG55 Xplained Pro board here you will find some basic know-how to quickly get you started. What you will need? In this example I will be using SAMG55 Xplained Pro with OLED1 extension board, and Atmel Studio 7.0 with Data Visualizer addon, which requires Windows to work. This however should be similar for other board with EDBG debugger....
FWTS on ARMv8 platform (HiKey LeMaker version) from scratch
Published at July 25, 2016 · Piotr Król · 8 min read
This is second post from series about LeMaker version of HiKey board from 96boards Customer Edition family. Previous post focused on describing hardware part. In this post I would like to show how to setup firmware development and testing environment. This post highly rely on 96boards documentation, so kudos to 96boards and LeMaker for providing lot of information for developers. Obtain pre-compiled binaries 1 2 3 4 5 6 7 wget https://builds....
Categories: firmware
Powering on LeMaker HiKey (ARMv8)
Published at May 19, 2016 · Piotr Król · 4 min read
Embedded Systems Consultants have chance to live in interesting times. ARM expansion touch server market and UEFI coming to non-x86 platforms. Firmware gaining its importance and because handling real development is harder and harder lot of things starting to happen in open source. Big players trying to address security and virtualization issues, what leads to really interesting features in recent SoCs. Couple weeks ago I decided to recover my knowledge about UEFI and take a look how it is implemented for architecture that have its momentum - namely ARM in its 8 version (ARMv8)....
Categories: firmware
Using PlatformIO with TI MSP430 LunchPads
Published at December 8, 2015 · Piotr Król · 6 min read
PlatformIO is very interesting project that aim to solve very important problem of configuring deployment environment for embedded systems. IMHO good approach is to focus on modularity (various IDE can be used, even Vim) and simplicity (in best case 2 command should be enough to deploy first code). Recent years we have explosion of bootstrapping applications (ie.vagrant, puppet). Most of them seems to follow git-like command line interface and getting a lot of attention from programmers community....
UEFI Application development in OVMF
Published at November 21, 2015 · Piotr Król · 3 min read
OVMF (Open Virtual Machine Firmware) is a project that aim is to enable UEFI support in various virtual machines. According to whitepaper various projects have interest in supporting OVFM ie. VirtualBox, Xen, BHyVe and of course QEMU. Why someone may be interested in OVMF ? IMHO the most important reason is that OVMF give ability to develop UEFI applications without using real hardware. This speeds up development cycle by giving ability to start before hardware prototype arrive....
Categories: firmware
ESP-12 update to SDK v0.9.5 and AT v0.21.0.0? noobs tutorial
Published at January 25, 2015 · Piotr Król · 5 min read
January 23th Espressif published new ESP IOT SDK on their forum v0.9.5. My ESP-12 came with with pretty old version so I decide to update it to latest one: 1 2 3 4 5 6 7 8 9 10 AT+RST OK y_RSöfJ[úndor:www.ai-thinker.com Version:0.9.2.4] ready AT+GMR 0018000902-AI03 OK ESP-12 firmware update pin configuration As picture presents in addition to normal operation we have to pull down GPIO0 and pull up GPIO2....
Published at January 24, 2015 · Piotr Król · 3 min read
ESP8266 is a SoC made by Espressif. For last couple of months this chip is a rockstar of HackADay and makers community around the Internet. Mostly because of WiFi modules built based on it (ESP-XX family). Rich interface (GPIO, SPI, SDIO, I2C) give those boards potential to be standalone MCU with WiFi capability for wide range of applications. In quantity you can get ESP-01 for $2.7 (for 1kpcs). Of course there is no free lunch....
Published at August 18, 2014 · Piotr Król · 10 min read
Trying to google ‘USB over IP’ doesn’t give much except some business web pages that give you it as a service. This brings some information about potential on the market IMHO. Main idea is well presented on open source project page for usbip. I really recommend to read USB/IP - a Peripheral Bus Extension for Device Sharing over IP Network technical paper it describe briefly technical details and capability. In short USB over IP is a sharing system aim to expose USB devices from server to client encapsulating USB I/O messages in TCP/IP payload....
Categories: firmware
Coreboot for QEMU armv7 (vexpress-a9) emulated mainboard
Published at August 7, 2014 · Piotr Król · 8 min read
Recently I came back to look into coreboot. Mainly because low level is fun and skills related to firmware (even coreboot) starting get attention on freelance portals (first odesk job (link removed), second odesk job). I was surprised that under the wings of Google coreboot team start to support ARM (BTW ARM programming is IMHO next great skill to learn). So I cloned latest, code compiled QEMU armv7 mainboard model and tried to kick it in latest qemu-system-arm....
Categories: firmware
0x3: Embedded board bootloader
Published at June 7, 2013 · Piotr Król · 3 min read
What is bootloader ? It is a program written to bring up more complex code (eg. kernel). On very simple system it can even not exist. Bootloader should prepare all required hardware that kernel or different operating software will need at its start point. It is hard to create cross platform bootloader because of variety of system requirements. Why we need bootloader ? The true is that we don’t :) because we can simply pass kernel and initramfs as parameters to QEMU, but it is not common practice for real development environment....
Categories: firmware
0x0: Intro to Virtual Development Board building
Published at June 7, 2013 · Piotr Król · 2 min read
Preface There are many reasons why ambitious programmers should care about huge rush in embedded market. IMO there is great potential in it. I don’t want to go deep into this but take a look at all tablets, phones, smart TVs and other cool stuff like wireless in you washing machine or refrigerator (ok this two are right now only a gadgets :) ). This is all embedded. Another thing is that wages of experienced embedded developers are really high....
Categories: firmware
Debugging coreboot in qemu environment - part 2
Published at April 18, 2012 · Piotr Król · 2 min read
In previous post coreboot was configured and installed. Here we try to establish good debugging environment for it. To create a good emulated environment to debug, research and learn coreboot few tricks are required. First of all we need to know how to run our emulated environment (qemu). What I mean by that?...
Categories: firmware
Debugging coreboot in qemu environment - part 1
Published at March 12, 2012 · Piotr Król · 2 min read
First of all I use testing version of Debian - wheezy. Clone coreboot repository: 1 2 git clone http://review.coreboot.org/p/coreboot cd coreboot; make menuconfig Configure FILO as apayload and use its latest version: 1 Payload -> Add a payload -> FILO Payload -> FILO version -> HEAD Add verbose debugging messages: 1 2 3 Debugging -> Check PIRQ table consistency Debugging -> Output verbose malloc debug messages Debugging -> Output verbose ACPI debug messages Debugging -> Enable debug messages for option ROM execution Debugging -> Built-in low-level shell Debugging -> Trace function calls Try to build:...
Categories: firmware
Published at January 6, 2012 · Piotr Król · 2 min read
During Christmas break I found an old unused motherboard in my home, right away I thought that it maybe useful as learning environment for coreboot. First you need to do with this kind of board is to check if it is possible to flash its BIOS with user space tool called flashrom List of supported hardware can be found here. All you need to do is go through this HOWTO. Be aware that these operations can cause you will not be able to run your motherboard if something goes wrong....
Categories: firmware
Published at January 6, 2012 · Piotr Król · 1 min read
About a month ago I started my adventure with coreboot. As coreboot home page says “coreboot is a Free Software project aimed at replacing the proprietary BIOS (firmware) found in most computers”. Although I read the majority of materials from mentioned page I still suffered from a lack of basic information that would help me to arrange everything in my head. Therefore, I decided to write a series of posts described my actions associated with this interesting project....
Categories: firmware
.png){kind=small}
