TrenchBoot: Open Source DRTM. Landing Zone validation.
Published at April 3, 2020 · Piotr Kleinschmidt · 25 min read
When you already know what is TrenchBoot, what is DRTM and how we enable it on AMD processors, we can move on to practice. I will show you how to configure all components and verify first of project's requirements....
TrenchBoot - Open Source DRTM for AMD processors. Project's basics.
Published at March 31, 2020 · Piotr Kleinschmidt · 11 min read
This is the first blog post of TrenchBoot series. It will introduce you to the project, its structure and environment. Additionally the reader will find out more about each component, how to setup the environment and configure the build....
Open Source DRTM with TrenchBoot for AMD processors. Introduction.
Published at March 28, 2020 · Piotr Kleinschmidt · 4 min read
This article starts an entire series of articles related to title project. By reading this blog post, you will find out why we have started such project and who is supporting us. Also, we bring you closer to main concept and goals....
Trying to fix ESXi 6.7.0 boot issue, part one
Published at March 4, 2020 · Krystian Hebel · 14 min read
First mentions that updated versions of VMware's ESXi 6.7.0 installer doesn't start on PC Engines platforms come from the beginning of 2019. Older versions of ESXi worked fine. 'Shutting down firmware services...' is the last line printed before hang or reboot....
Boot Guard - pre-execution firmware verification on Protectli FW6
Published at February 21, 2020 · Michał Żygowski · 9 min read
This post will not describe how to guard your shoes. However, will definitely introduce you to Boot Guard feature present on Intel processors which allows firmware verification before the first instruction executes. One may call it pre-execution firmware verification. The post will also show you how Boot Guard can work well with coreboot based firmware on an example of Protectli FW6....
GRUB2 and 3mdeb minisummit 2019
Published at February 19, 2020 · Piotr Król · 7 min read
In December 2019 we had pleasure to meet Daniel Kiper #GRUB2 maintanaer in 3mdeb office in Gdańsk. We discussed various #GRUB2, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post in form of presentations and videos....
Easy way to stay secure - XEN on the PC Engines apu2
Published at February 5, 2020 · Norbert Kamiński · 3 min read
Xen Project creates a software system that allows the execution of multiple virtual guest operating systems simultaneously on a single physical machine. In this case, it is a PC Engines apu2 platform....
Categories: manufacturing os-dev security
Published at January 23, 2020 · Krystian Hebel · 14 min read
After long break, this is the third post in the hypervisor series. We will see how VMX helps with virtualization of restricted instructions and how Bareflank allows for implementation of handlers for them. At the end we will show how to write and add our own handler....
Categories: firmware
How L4 Genode hypervisor stands against proprietary RTOS solution
Published at January 10, 2020 · Krystian Hebel · 5 min read
A microkernel is a minimal computer operating system kernel which provides no operating system services at all, only the mechanisms needed to implement such services. A concept is tolerated inside the μ-kernel only if moving it outside the kernel would prevent the implementation of the system’s required functionality. In this article we will show our considerations on using L4 microkernels on VM....
Categories: os-dev
pfSense firewall boot process optimization under Xen hypervisor. Part 2
Published at December 13, 2019 · Piotr Kleinschmidt · 10 min read
In previous article we introduce our implementation of pfSense under Xen. Now, we want to show how you can improve boot process and reduce virtualized pfSense boot time to minimum....
.png){kind=small}
