Thoughts dereferenced from the scratchpad noise.

Latest posts

Boot Guard - pre-execution firmware verification on Protectli FW6

Published at February 21, 2020 · Michał Żygowski ·  9 min read

This post will not describe how to guard your shoes. However, will definitely introduce you to Boot Guard feature present on Intel processors which allows firmware verification before the first instruction executes. One may call it pre-execution firmware verification. The post will also show you how Boot Guard can work well with coreboot based firmware on an example of Protectli FW6....

Categories: firmware security

GRUB2 and 3mdeb minisummit 2019

Published at February 19, 2020 · Piotr Król ·  7 min read

In December 2019 we had pleasure to meet Daniel Kiper #GRUB2 maintanaer in 3mdeb office in Gdańsk. We dicussed various #GRUB2, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post in form of presentations and videos....

Categories: firmware os-dev security

VMX exit reasons and handlers

Published at January 23, 2020 · Krystian Hebel ·  14 min read

After long break, this is the third post in the hypervisor series. We will see how VMX helps with virtualization of restricted instructions and how Bareflank allows for implementation of handlers for them. At the end we will show how to write and add our own handler....

Categories: firmware

How L4 Genode hypervisor stands against proprietary RTOS solution

Published at January 10, 2020 · Krystian Hebel ·  5 min read

A microkernel is a minimal computer operating system kernel which provides no operating system services at all, only the mechanisms needed to implement such services. A concept is tolerated inside the μ-kernel only if moving it outside the kernel would prevent the implementation of the system’s required functionality. In this article we will show our considerations on using L4 microkernels on VM....

Categories: os-dev