Infrastructure for Xen development and debugging
Published at July 4, 2022 · Piotr Król · Norbert Kamiński · 5 min read
Back in 2018 at OSFC, we've presented AMD IOMMU enabling for PC Engines apuX (GX-412TC) platforms. Our hypervisor of choice was Xen and we used it to verify the PCI pass-through feature. Unfortunately, the booting process was not exactly stable. In this article, you can check how to prepare infrastructure for Xen development and debugging...
Introduction of Yocto meta layer for Nezha D1
Published at May 12, 2022 · Cezary Sobczak · 5 min read
Presentation of current progress status with the support of the Nezha board in Yocto Project...
Talos II - second CPU support and test automation
Published at April 15, 2022 · Krystian Hebel · 5 min read
Another post about our adventures with porting coreboot for Talos II. This phase focused on enabling second CPU and its internal devices. We also expanded our test suite....
Categories: firmware
Open Source Firmware on TigerLake platforms - part 1
Published at April 14, 2022 · Michał Żygowski · 9 min read
This post describes efforts of building open source firmware for Tiger Lake UP3 RVP platform and the problems faced in the process. Tiger Lake is one of the newest Intel processors for which the FSP and EDK2 MinPlatform has been recently released....
Categories: firmware
Fobnail Token - platform attestation
Published at April 6, 2022 · Artur Kowalski · Krystian Hebel · 6 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on attestation....
ASUS KGPE-D16 Dasharo testing update
Published at March 23, 2022 · Michał Żygowski · 3 min read
This blog post describes the updates in the validation process of Dasharo for ASUS KGPE-D16. You will read about new tests and newly detected issues....
Categories: firmware
Fobnail Token - platform provisioning
Published at March 21, 2022 · Krystian Hebel · 7 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on platform provisioning....
A new source of trust for your platform - Dasharo with Intel TXT support
Published at March 17, 2022 · Michał Żygowski · 9 min read
Do you trust the firmware on your system? No? Then this post is a must-read for you. Get to know what Intel Trusted Execution Technology (TXT) is and how it may help you securely measure and attest your operating system and software running on your machine. You will also hear about open-source implementation of Intel TXT for Ivy Bridge/Sandy Bridge platforms including Dell OptiPlex 7010 / 9010....
Current status of coreboot and Heads ports for Talos II
Published at February 16, 2022 · Krystian Hebel · 8 min read
This post summarizes our current progress on making first coreboot port for POWER platform, including Heads as a payload. It will also show how You can test it without having to flash firmware to PNOR....
Categories: firmware
KGPE-D16 open-source firmware status
Published at February 3, 2022 · Michał Żygowski · 6 min read
This post covers the struggles and efforts behind the revival of KGPE-D16. Something that community was waiting for a long time. With Dasharo firmware the platform obtained a new life and sees a new daylight with more security features and improvements....
Porting EDK II to an old Allwinner A13 tablet
Published at January 18, 2022 · Artur Kowalski · 7 min read
Most ARM SoC's run U-Boot or some custom bootloader. That was the case with Allwinner SoC's, until I started porting EDK II to my A13 tablet. In this post, I will tell you about the current UEFI support status on Allwinner SoC's, my future plans, and how to test UEFI on a compatible device...
Categories: firmware manufacturing
Fobnail Token - developing communication method that meets the CHARRA requirements
Published at December 15, 2021 · Tomasz Żyjewski · 4 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. During the last phase, we managed to implement the communication method that will be used between verifier and attester....
Enabling Secure Boot on RockChip SoCs
Published at December 3, 2021 · Artur Kowalski · 9 min read
RockChip Secure Boot is an essential security feature that helps tablet, PC, streaming media TV box, and IoT solution vendors secure their devices against malware infecting the firmware. In the following post, we will tell a story about enabling Secure Boot on the RK32xx family, but the lesson learned can be used on other models...
Dasharo for Dell OptiPlex 7010 / 9010
Published at November 26, 2021 · Michał Żygowski · 8 min read
Open source firmware may be hundreds of times better than the proprietary one. On the example of Dell OptiPlex 7010 / 9010 we will show you the advantages of Dasharo firmware on this machine....
Categories: firmware
First impression on Nezha RISC-V SBC
Published at November 19, 2021 · Cezary Sobczak · 9 min read
Nezha is a AIoT development board customized by AWOL based on Allwinner's D1 chip. It is the world's first mass-produced development board that supports 64bit RISC-V instruction set and Linux system....
Fobnail vs other boot security projects
Published at October 28, 2021 · Michał Żygowski · 11 min read
Have you ever thought about securing the boot process of your computer? No? This post will compare the available open source boot process hardening projects and explain the importance of signing and protection the software/operating system you launch. You will also get to know how the boot process may be secured even further and with the incoming Fobnail security token....
Open Source Firmware on AMD Milan server processors
Published at September 9, 2021 · Michał Żygowski · 6 min read
There were times where AMD was actively supporting open source firmware ecosystem by providing silicon initialization code. With a few years break AMD is now trying to support open source firmware again with the mobile platform like Chromebooks. However, the recent achievements have made everybody think that open source firmware is also possible on servers....
Categories: firmware
OSF vPub (vBeer) - what a fun event!
Published at July 1, 2021 · Mike Banon · 2 min read
Our 2nd OSF vPub gathering was really fun and interesting - together with Richard Stallman as our honored guest!...
Categories: firmware miscellaneous
fwupd on FreeBSD - Status Update
Published at June 14, 2021 · Michał Kopeć · 5 min read
As the fwupd port for FreeBSD nears completion, let's take a look at the biggest challenges we faced and how we managed to overcome them....
Categories: firmware
Open Compute Open System Firmware (OCP OSF) and its' importance
Published at June 10, 2021 · Piotr Król · 6 min read
Let's figure out what is OCP Open System Firmware, see how it relates to the Open Source Firmware (OSF) - and why it is important for your company to have one running on your product....
Categories: firmware miscellaneous
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 2)
Published at June 1, 2021 · Michał Żygowski · 10 min read
This post is a second part of the series which tells a story about porting Dell OptiPlex 9010 workstation to open-source firmware - coreboot. What was simple is long past us in the first part of the series. This time we are taking a deeper dive into the technical aspects of Environmental Controller reverse engineering and locating the problem with machine not booting after AC loss....
Categories: firmware
First impressions on the beta BeagleV - affordable RISC-V SBC
Published at May 6, 2021 · Maciej Pijanowski · 11 min read
BeagleV is the first affordable RISC-V SBC deisgned to run Linux. It is fully open-source with open-source software, open hardware design and RISC-V open architecture. This blog post presents the basic functionality of the first batch of the available beta samples released to the community....
Yocto Project and its components as the Reference OS for Dasharo
Published at April 22, 2021 · Maciej Pijanowski · 4 min read
Let's dive into the most frequently asked questions regarding Dasharo products based on Yocto Project - this blog post will answer what is Yocto and what are the reasons for choosing such a solution...
Thoughts on OSFC 2020 – day 2 and 3
Published at April 14, 2021 · Kamila Banecka · 8 min read
Lets share some thoughts that evolved during the OSFC 2020 talks and send kudos to many people who made this conference happen....
Categories: app-dev firmware iot manufacturing miscellaneous os-dev security
The backdoor to your firmware 2
Published at March 25, 2021 · Anastazja Lapanova · 6 min read
Firmware vulnerabilities in the light of recent attacks as a backdoor of the firmware - part 2...
Categories: firmware
Creating ports for BSD distributions
Published at March 15, 2021 · Norbert Kamiński · Piotr Konkol · 8 min read
In this blog post, we will present how to build packages for FreeBSD, DragonFlyBSD, NetBSD, and OpenBSD. Also, we will show you how to create CI for FreeBSD distribution with the use of GitHub action....
Categories: firmware
Published at March 12, 2021 · Anastazja Lapanova · 5 min read
Firmware vulnerabilities in the light of recent attacks as a backdoor of the firmware...
Categories: firmware
OSF vPub (vBeer) - what a fun event!
Published at February 23, 2021 · Mike Banon · 2 min read
We've just had our first OSF vPub gathering, with lots of fun & really interesting talk about the open-source firmware/hardware with 50 masters from all over the world!...
Categories: firmware miscellaneous
Published at February 18, 2021 · Piotr Konkol · Kamila Banecka · 5 min read
Pros and cons of automated testing and the process of performing transparent validation....
Porting fwupd to the BSD distributions - How to compile fwupd on FreeBSD
Published at February 16, 2021 · Norbert Kamiński · 14 min read
The security of the whole system is not determined only by the software it runs, but also the firmware. We want to provide easy firmware update method to BSD distributions....
Categories: firmware
FOSDEM 2021 – Open Source Firmware BMC and Bootloader devroom
Published at February 2, 2021 · Kamila Banecka · 4 min read
Thoughts around FOSDEM 2021 and 2020...
What is IOMMU and how it can be used?
Published at January 13, 2021 · Marek Kasiewicz · 6 min read
Welcome to a new blogpost series dedicated to IOMMU. In this article, you can read what IOMMU is and find out if its use may be beneficial for you....
coreboot port for OpenPOWER - why bother?
Published at December 31, 2020 · Krystian Hebel · 9 min read
You may have heard by now that we are working on coreboot port for Talos II. OpenPOWER already has, nomen omen, open source firmware, so one may ask why bother? We will try to answer that question....
Categories: firmware
Thoughts around OSFC 2020 – day 1
Published at December 21, 2020 · Kamila Banecka · Piotr Król · 6 min read
Lets share some thoughts that evolved during the OSFC 2020 talks and send kudos to many people who made this conference happen....
Containerization of the test environment for embedded systems
Published at December 17, 2020 · Mateusz Grzelak · 9 min read
Using Docker makes life much easier for developers. It allows us to build lightweight and portable software containers that simplify application development. In this article, we present the advantages of using Docker for embedded testing...
Categories: firmware
Proof of concept implementation of RATS attestation for the TrenchBoot
Published at December 14, 2020 · Norbert Kamiński · 9 min read
This blog post will describe the concept of the IETF Remote Attestation Procedures (RATS) and implementation of CHAllenge-Response based Remote Attestation (CHARRA) with TPM 2.0 for TrenchBoot....
Building coreboot for RISC-V and running it in Qemu
Published at November 18, 2020 · Wojciech Niewiadomski · 4 min read
In this article, I will briefly explain what is RISC-V and why it is so exciting, then I`ll show you step by step how to build coreboot for this architecture and run it in QEMU emulator...
Categories: firmware miscellaneous
Published at November 2, 2020 · Kamila Banecka · 5 min read
GRUB mini–summit 2020. This year we cannot miss this opportunity to meet again and face the new challenges of GRUB/GRUB2. So,dear reader, feel invited to look at GRUB with a magnifying glass....
Trenchboot: Xen hypervisor support for the TrenchBoot
Published at October 15, 2020 · Norbert Kamiński · Marek Kasiewicz · 4 min read
In this blog post, we will describe the development of the Xen hypervisor support for TrenchBoot....
Published at October 8, 2020 · Marek Kasiewicz · 7 min read
Introductory blog post to PCIe features. In this article you can read what PCIe capability is and see examples of such capabilities....
Categories: firmware
Latency - The most crucial aspect of real-time systems.
Published at September 30, 2020 · Jakub Łęcki · 4 min read
What in reality is RT system? This post will explain what to expect from Real-Time systems and how can we test performance in this kind of builds....
Raspberry Pi and Docker for your home's entertainment and work.
Published at September 23, 2020 · Dawid Zębacki · 9 min read
Have you ever been trying to automate something at home or at work? Here it comes for the rescue Raspberry Pi working with Docker! With these tools, you can create a lot of projects with small effort....
Categories: app-dev firmware iot miscellaneous
Reasonably secure way to update your system firmware
Published at September 18, 2020 · Norbert Kamiński · 3 min read
As you may know from the previous blog post, the qubes-fwupd is the wrapper that allows you to update the firmware of your devices in the Qubes OS. This time I will briefly describe the new features, whereby you will securely update your system firmware....
TrenchBoot: Open Source DRTM. Multiboot2 support.
Published at September 7, 2020 · Krystian Hebel · 11 min read
This month we will show that not only Linux kernel can be started by TrenchBoot. We also did some drastic changes to the bootloader data format, so if you try to redo some older posts in the future and they do not seem to work, this is probably the place to look for hints....
Booting coreboot on Intel Comet Lake S RVP8
Published at August 31, 2020 · Michał Żygowski · 10 min read
This blog post shows the procedure of building coreboot for a Comet Lake S platform. Also it describes problems occurred when building and booting the image. As a bonus, few tips and tricks will be shown how to fix/workaround these kind of problems....
Case study - debugging race condition in golang
Published at August 19, 2020 · Igor Bagnucki · 5 min read
In this article, we analyze different approaches to debugging race conditions based on the case study. The most intuitive approach can work, but in reality, there may be better ways to find and fix the problem....
Categories: app-dev firmware iot manufacturing miscellaneous os-dev security
TrenchBoot: Open Source DRTM. TPM event log all the way.
Published at August 13, 2020 · Krystian Hebel · 12 min read
We extended the TPM event log support to the Linux kernel. It is now possible to print all of the PCR extend operations performed and compare the hashes with files to see if anything is wrong....
coreboot Fundamentals Training
Published at August 9, 2020 · Kamila Banecka · 4 min read
coreboot Fundamentals Training is the first step of 3mdeb Firmware Training path. It provides solid grounds for further development towards proficiency in coreboot firmware platform enginering. With this blogpost we are starting coreboot fundamentals mini-course....
Categories: firmware miscellaneous
Project status of the fwupd/LVFS support for Qubes OS
Published at July 14, 2020 · Norbert Kamiński · 5 min read
During the QubesOS minisummit, I have presented the initial status of the fwupd/LVFS support for the Qubes OS. Now it is time to share some more information about the progress....
DEV and IOMMU: a story of two DMA protection mechanisms
Published at July 3, 2020 · Krystian Hebel · 12 min read
Both DEV and IOMMU can help with protection against malicious DMA. This post roughly describes the difference between those two, as well as the impact they have on each other in the context of TrenchBoot...
TrenchBoot: Open Source DRTM. GRUB's new features and TPM event log.
Published at July 3, 2020 · Piotr Kleinschmidt · 17 min read
This blog post will show you what features we have added to GRUB and why they are useful from user's point of view. Also, there will be shown how to utilize TPM event logs and hence debug DRTM....
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 1)
Published at June 24, 2020 · Michał Żygowski · 6 min read
This post begins a new series telling a story of a stubborn firmware engineer who overcame never-ending amount of obstacles to create a Dell OptiPlex 9010 workstation as open as possible. In this series, you will not only read about the adventures which accompanied the work on the hardware but also you will have a chance to learn the way of BIOS developer....
Categories: firmware
Qubes OS & 3mdeb 'minisummit' 2020 summation
Published at June 17, 2020 · Kamila Banecka · 8 min read
The second Qubes OS & 3mdeb minisummit is ahead of us. We had gone through four evenings of topics devoted to Qubes OS, so it is time for broad summation of the event....
Categories: firmware miscellaneous security
Starting TrenchBoot's Landing Zone from iPXE
Published at June 1, 2020 · Krystian Hebel · 10 min read
In this article we present support for starting Landing Zone from another bootloader: iPXE. It may not be as featureful as GRUB2, but it has enough juice to start DRTM using images obtained from a remote server...
Qubes OS and 3mdeb 'minisummit' 2020
Published at May 15, 2020 · Kamila Banecka · 5 min read
Once again, we will meet on QubesOs & 3mdeb minisummit 2020 discussing #QubesOS, #firmware, #coreboot, #security and #TPM related topics. All the event details are presented in the following blog post....
Categories: firmware miscellaneous security
Installing TrenchBoot in UEFI environments
Published at May 6, 2020 · Michał Żygowski · 17 min read
This blog post will show you how to install NixOS on UEFI platforms and how to install TrenchBoot on them....
User friendly tutorial for enabling HTTPS support in iPXE
Published at May 6, 2020 · Michał Żygowski · 5 min read
This article will show you how to replace old HTTP with much safer HTTPS when booting platforms/computers over network. You will read how to quickly incorporate open-source network booting solution based on coreboot and iPXE projects to your daily life....
TrenchBoot: Open Source DRTM. CI/CD system.
Published at May 5, 2020 · Piotr Kleinschmidt · 6 min read
How to improve development and validation process in our project? Automation? Of course! Let us introduce our CI/CD system. Find out how it actually works and what advantages it has....
TrenchBoot: Open Source DRTM. DRTM update and meta-trenchboot implementation
Published at April 30, 2020 · Piotr Kleinschmidt · 11 min read
Another release brings new updates in our Open Source DRTM project. Except for code changes, we have prepared our custom Linux image with DRTM. Also we set up CI/CD system for automation build and test. Read this article if you want to find out more details....
TrenchBoot: Open Source DRTM. Landing Zone validation.
Published at April 3, 2020 · Piotr Kleinschmidt · 25 min read
When you already know what is TrenchBoot, what is DRTM and how we enable it on AMD processors, we can move on to practice. I will show you how to configure all components and verify first of project's requirements....
TrenchBoot - Open Source DRTM for AMD processors. Project's basics.
Published at March 31, 2020 · Piotr Kleinschmidt · 11 min read
This is the first blog post of TrenchBoot series. It will introduce you to the project, its structure and environment. Additionally the reader will find out more about each component, how to setup the environment and configure the build....
Open Source DRTM with TrenchBoot for AMD processors. Introduction.
Published at March 28, 2020 · Piotr Kleinschmidt · 4 min read
This article starts an entire series of articles related to title project. By reading this blog post, you will find out why we have started such project and who is supporting us. Also, we bring you closer to main concept and goals....
Trying to fix ESXi 6.7.0 boot issue, part one
Published at March 4, 2020 · Krystian Hebel · 14 min read
First mentions that updated versions of VMware's ESXi 6.7.0 installer doesn't start on PC Engines platforms come from the beginning of 2019. Older versions of ESXi worked fine. 'Shutting down firmware services...' is the last line printed before hang or reboot....
Boot Guard - pre-execution firmware verification on Protectli FW6
Published at February 21, 2020 · Michał Żygowski · 9 min read
This post will not describe how to guard your shoes. However, will definitely introduce you to Boot Guard feature present on Intel processors which allows firmware verification before the first instruction executes. One may call it pre-execution firmware verification. The post will also show you how Boot Guard can work well with coreboot based firmware on an example of Protectli FW6....
GRUB2 and 3mdeb minisummit 2019
Published at February 19, 2020 · Piotr Król · 7 min read
In December 2019 we had pleasure to meet Daniel Kiper #GRUB2 maintanaer in 3mdeb office in Gdańsk. We dicussed various #GRUB2, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post in form of presentations and videos....
Published at January 23, 2020 · Krystian Hebel · 14 min read
After long break, this is the third post in the hypervisor series. We will see how VMX helps with virtualization of restricted instructions and how Bareflank allows for implementation of handlers for them. At the end we will show how to write and add our own handler....
Categories: firmware
pfSense firewall boot process optimization under Xen hypervisor. Part 2
Published at December 13, 2019 · Piotr Kleinschmidt · 10 min read
In previous article we introduce our implementation of pfSense under Xen. Now, we want to show how you can improve boot process and reduce virutalized pfSense boot time to minimum....
pfSense firewall boot process optimization under Xen hypervisor. Part 1
Published at November 6, 2019 · Piotr Kleinschmidt · 5 min read
Running applications in Virtual Machines is not a trivial task. We made such pfSense firewall implementation. That article is an introduction about what we made and what actual goals we set to improve its performance....
Qubes OS and 3mdeb 'minisummit' 2019
Published at August 7, 2019 · Piotr Król · 8 min read
In May we had pleasure to meet Marek Marczykowski-Górecki #QubesOS Project Lead in 3mdeb office in Gdańsk. We dicussed various #QubesOS, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post....
ESP8266 - quick guide for embedded C developers
Published at July 24, 2019 · Łukasz Łaguna · 6 min read
Would you like to start the Internet of Things adventure, but you don't know exactly how? There's no better chip to play with IoT than ESP8266. If you would like to learn how to program it in C then this article is for you....
How to safely update your firmware - fwupd and LVFS to the rescue!
Published at July 11, 2019 · Artur Raglis · 7 min read
Many people come out of the mistaken belief that changing the firmware is a very complicated task and fears that they can "brick" their platform or personal computer. Others do not know where to find matching updates. There is a simple answer - meet fwupd with LVFS....
Hummingboard Pulse - first impression
Published at June 12, 2019 · Tomasz Żyjewski · 5 min read
In this post, we will take a look at one of the SolidRun product - the HummingBoard Pulse. After power up the board we will try to boot operating system on it....
Categories: firmware
Meltdown and Spectre on PC Engines apu2
Published at May 29, 2019 · Michał Żygowski · 9 min read
As a continuation the Meltdown and Spectre blog post, this post present the vulnerability status and mitigation with microcode update on PC Engines apu2. Read the post and get to know the open source tools for vulnerability and mitigation checks, as well as exploiting proof of concepts....
Published at May 22, 2019 · Krystian Hebel · 3 min read
Recently we made sure that every build of PC Engines' firmware is built in a reproducible manner. This short post shows what exactly does it mean and why this should be important to firmware developers....
Categories: firmware
Building and running Bareflank
Published at May 15, 2019 · Krystian Hebel · 13 min read
In this second post of a series, we will build and start our first hypervisor. It won't do much just yet, but it is good to get known with its build system....
Categories: firmware
Published at May 8, 2019 · Łukasz Wcisło · 4 min read
RTE used to control tested devices could be used as a programmer. But RTE doesn't have SWD interface, which is crucial. We tried to walk around this using Bit Banging method....
Categories: firmware manufacturing miscellaneous
5 terms every hypervisor developer should know
Published at April 30, 2019 · Krystian Hebel · 11 min read
This is the first post of a series about developing bare-metal hypervisors. It introduces to Intel's VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor....
Categories: firmware
How to mitigate ROCA TPM vulnerability?
Published at April 17, 2019 · Krystian Hebel · 10 min read
ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. UPDATE 2021-10-20: provided new link for TPM firmware updates (old one was no longer working), added info about patch for openssl-1....
Flashing eMMC on Hummingboard Edge using fastboot? part 2
Published at March 8, 2019 · Maciej Pijanowski · 11 min read
Second part of the HummingBoard Edge flashing guide with the help of fastboot tool. In this post we will get acquainted with U-Boot configuration and fastboot client and try to boot our platform from DRAM, SD card and finally EMMC....
How to enable Core Performance Boost on AMD platforms?
Published at February 14, 2019 · Michał Żygowski · 13 min read
Pushing hardware to its limits In the epoch of efficient and fast processors, performance becomes one of the most crucial aspects when choosing and working with hardware. We want our computers to execute their tasks with possibly highest speeds. But what really influences the performance of our platforms? It’s the processor’s manufacturer design one may say. In this post, I will show You how firmware may boost Your silicon to higher performance level....
Categories: firmware
Enabling ECC on PC Engines platforms
Published at October 16, 2018 · Krystian Hebel · 14 min read
In this post I want to share some findings about ECC on PC Engines apu platforms. I’ll try to shortly describe what ECC is, why is it so desired, what problems with enabling this feature were encountered and how to test whether ECC works or not using MemTest86. Introduction Sometimes a bit in RAM changes its value spontaneously due to electrical or magnetic interference. It can be caused by background radiation, cosmic rays or recently attacks using row hammering....
Categories: firmware
RTE for automated kernel deployment and everyday use
Published at October 3, 2018 · Piotr Król · 9 min read
We continue our effort to enable IOMMU and as side effect I have to play with various technologies to exercise reliable development environment which base on RTE. In this blog post I would like to present semi-automated technique to debug firmware, Xen and Linux kernel. The goal is to have set of tools that help in enabling various features in Debian-based dom0. We would like: update Linux kernel which is exposed over HTTP server update rootfs provided through NFS I will use following components:...
Optimize performance in Docker containers used by Embedded Systems Consulting business
Published at September 27, 2018 · Piotr Król · 11 min read
In 3mdeb we use Docker heavily. Main tasks that we perform using it are: firmware and embedded software building - each software in Embedded System requires little bit different building environment, configuring those development environments on your host may quickly make a mess in your system for daily use, because of that we created various containers which I enumerate below trainings/workshops - when we perform trainings we don’t want to waste time for users to reconfigure the environment....
Categories: firmware miscellaneous
PC Engines APU2 platform validation with RTE
Published at September 13, 2018 · Artur Raglis · 6 min read
Introduction Remote work is trending nowadays. The best example is the IT industry - purely software tasks with handheld devices allow you to work practically from anywhere. This approach saves a big amount of time and makes a job easier. Unfortunately, as an embedded / firmware developer, there are often situations when interaction with hardware such as a power cycle is required. This leads to a barrier for successful remote work....
Categories: firmware
Xen HVM guests on PC Engines apu2
Published at August 16, 2018 · Piotr Król · 15 min read
Continuing blog post series around Xen and IOMMU enabling in coreboot we are reaching a point in which some features seem to work correctly on top of recent patch series in firmware. What we can do at this point is PCI passthrough to guest VMs. Previously trying that on Xen caused problems: random hangs firmware cause Linux kernel booting issues (hang during boot) IOMMU disabled - unable to use PCI passthrough Now we can see something like that in dom0:...
How to boot Xen over PXE and NFS on PC Engines apu2
Published at July 18, 2018 · Piotr Król · 9 min read
From time to time we face requests to correctly enable support for various Xen features on PC Engines apu2 platform. Doing that requires firmware modification, which 3mdeb is responsible for. Xen have very interesting requirements from firmware development perspective. Modern x86 have a bunch of features that support virtualization in hardware. Those features were described in Xen FAQ. It happens that most requesting were IOMMU and SR-IOV. First, give the ability to dedicate PCI device to given VM and second enables so-called Virtual Functions, what means on a physical device (e....
Building EDK2 based firmware for MinnowBoard
Published at April 3, 2018 · Bartek Lew · 2 min read
Building EDK2 based firmware for MinnowBoard There are some options to build firmware for MinnowBoard, a Bay Trail based SBC (Single Board Computer) from Intel. We prefer usually coreboot as simplest and fastest, open source solution, but sometimes we want to have UEFI interface. UEFI itself doesn’t cover whole boot procedure, so its open source reference implementation, EDK2 is not enough to build firmware for hardware plafrorm, we need to provide PI (Platform Initialization) phase implementation....
Categories: firmware
Building UEFI based firmware on MinnowBoard
Published at March 28, 2018 · Bartek Pastudzki · 8 min read
Building coreboot on well supported platform such as Bay Trail is quite straightforward task, however we need to remember about some things in order to have coreboot working. First of all we need to provide up-to-date microcode and FSP (Firmware Support Package), which are not included in coreboot source tree and coreboot build system won’t complain about it. Second thing is that Bay Trail has TXE firmware on the same ROM as boot firmware so we have to make sure that we won’t corrupt it because it would brick the platform....
Categories: firmware
Flashing eMMC on Hummingboard Edge using fastboot? part 1
Published at March 20, 2018 · Maciej Pijanowski · 9 min read
Introduction Flashing an eMMC of produced board is one of the crucial manufacturing procedures. This post series presents how one can take advantage of i.MX6 features and open source tools to prepare themselves with quite robust and easy to use process. Target reference platform is Hummingboard Edge. General concept The general concept is inspired by this great bootlin (former FreeElectrons) post: I’ve run into some issues while trying to do something similar on Hummingbard Edge, so decided to share my experience....
Flashing MinnowBoard Turbot with Raspberry Pi Zero W
Published at November 20, 2017 · Piotr Król · 9 min read
Recently we started preparation of coreboot training for one of our customers. Our platform of choice for that training is MinnowBoard Turbot. There are couple reasons for that: During training we can show recent firmware trends - despite we don’t like blobs (FSP, AGESA, PSP, ME etc.) and bloated designs (UEFI) we cannot escape reality and have to show customers how to deal with those components. MinnowBoard Turbot use couple of them, but also supports coreboot....
Categories: firmware
UEFI/EDK II CorebootPayloadPkg on PC Engines apu2
Published at November 3, 2017 · Piotr Król · 8 min read
Recently we were reached by person interested in running CoreOS on apu2. CoreOS is a very interesting system from security point of view. It was created to support containers and scalability out of the box. Unfortunately it requires firmware supporting GPT. At that point I was not sure if I can utilize GRUB GPT support on apu2, but this led to other questions: Is it possible to boot UEFI-aware OS on PC Engines apux boards?...
Categories: firmware
PC Engines apu2 python Robot Framework validation automation
Published at November 2, 2017 · Piotr Król · 7 min read
Recently we attended ECC2017 conference. One of topics that we considered was a system for development and validation automation. Unfortunately this talk was not accepted, but we present some research below and plan to provide more soon. As maintainers of PC Engines platforms in coreboot we debug and fix quite a lot of bugs, but to take full responsibility for our code everything should be validated each time we do release....
Categories: firmware
How to handle a DHT22 sensor using ARM mbed OS?
Published at August 1, 2017 · Michał Żygowski · 8 min read
Recently I have encountered with temperature and humidity measurements using DHT22 sensor. I was developing a driver source code in ARM mbed OS SDK on particular STM32 NUCLEO L432KC platform. Thorough analysis of DHT22 documentation led me to the following questions: Is it possible to accurately measure voltage-level durations during read process? What duration time values should be considered as timeout or/and error? Should I weaken the time restrictions in order to avoid random delays in voltage level transitions be considered as failure?...
Installing OpenWRT on APU3 platform
Published at May 12, 2017 · Kamil Wcisło · 13 min read
This guide should be considered as a simple walk-through for using APU3 platform in some generic use-cases. I’m trying to explain how to work with the device and use it in a generic manner. There is a part about the coreboot firmware, which could be used as a reference of how to start customizing it for own purposes. Configuring the hardware At first, let’s figure out some basic requirements for our new device:...
OpenOCD and development environment for Zephyr on NXP FRDM-K64F
Published at March 18, 2017 · Piotr Król · 12 min read
In this post I would like to describe process of setting up NXP FRDM-K64F development environment under Linux and start Zephyr development using it. Why NXP FRDM-K64F ? I choose this platform mostly because of ready to use guide about using 802.15.4 communication by attaching TI CC2520, which was presented here. Typical wireless stack starts with 802.15.4, then 6LoWPAN adaptation and then IPv6, which carries application protocols. 6LoWPAN compress IPv6 so it can fit BLE and 802....
Nerves project triage on BeagleBone Black
Published at March 10, 2017 · Piotr Król · 6 min read
Recently one of my customers brought to my attention Nerves. It aims to simplify use of Elixir (functional language leveraging Erlang VM) in embedded systems. This system has couple interesting features that are worth of research and blog post. First is booting directly to application which is running in BEAM (Erlang VM). Nerves project replace systemd process with programming language virtual machine running application code. Concept is very interesting and I wonder if someone tried to use that with other VMs ie....
nRF51822 programming with OpenOCD under Linux
Published at January 22, 2017 · Kamil Wcisło · 8 min read
Some time ago we bought BLE400 from Waveshare as probably one of the cheapest option to enter nRF51822 market. As our readers know, we prefer to use the Linux environment for embedded systems development. Because of that, we’re following the guide for using Waveshare nRF51822 Eval Kit: icarus-sensors. Kudos due to great post that helped us enter nRF51822 and mbed OS land under Linux. BLE400 is pretty cheap, because it hasn’t got integrated debugger/programmer....
Zephyr initial triage on Nucleo-64 STM32F411RE
Published at January 14, 2017 · Piotr Król · 7 min read
As I mention in previous post Zephyr RTOS is an interesting initiative started by Intel, NXP and couple other strong organizations. With so well founded background future for this RTOS should look bright and I think it will quickly became important player on IoT arena. Because of that it is worth to dig little bit deeper in this RTOS and see what problems we faced when trying to develop for some well known development board....
Failure of ECC508A crypto coprocessor initial triage with SAM G55 Xplained Pro Evaluation Kit
Published at November 24, 2016 · Piotr Król · 7 min read
Some time ago (around August 2016) embedded community media were hit with hype around simplified flow for AWS IoT provisioning (1, 2, 3). I’m personally very interested in all categories related to those news: IoT - is 3mdeb business core and despite this term was largely abused these days, we just love to build connected embedded devices. Building this kind of devices is inherently related with firmware deployment, provisioning and update problems....
Starting with Nucleo-F411RE and mbed OS for command line enthusiasts
Published at November 23, 2016 · Piotr Król · 9 min read
When I first time read about mbed OS I was really sceptical, especially idea of having web browser as my IDE and compiler in the cloud seems to be very scary to me. ARM engineers proved to provide high quality products, but this was not enough to me. Then I heard very good words about mbed OS IDE from Jack Ganssle, this was still not enough. Finally customers started to ask about this RTOS and I had to look deeper....
SAMG55 + OLED1 Xplained Pro Hello World!
Published at October 20, 2016 · Piotr Król · 4 min read
AMG55 - recognition in the field If you are considering working on SAMG55 Xplained Pro board here you will find some basic know-how to quickly get you started. What you will need? In this example I will be using SAMG55 Xplained Pro with OLED1 extension board, and Atmel Studio 7.0 with Data Visualizer addon, wich requires Windows to work. This however should be similar for other board with EDBG debugger....
FWTS on ARMv8 platform (HiKey LeMaker version) from scratch
Published at July 25, 2016 · Piotr Król · 8 min read
This is second post from series about LeMaker version of HiKey board from 96boards Customer Edition family. Previous post focused on describing hardware part. In this post I would like to show how to setup firmware development and testing environment. This post highly rely on 96boards documentation, so kudos to 96boards and LeMaker for providing lot of information for developers. Obtain pre-compiled binaries 1 2 3 4 5 6 7 wget https://builds....
Categories: firmware
Powering on LeMaker HiKey (ARMv8)
Published at May 19, 2016 · Piotr Król · 4 min read
Embedded Systems Consultants have chance to live in interesting times. ARM expansion touch server market and UEFI coming to non-x86 platforms. Firmware gaining its importance and because handling real development is harder and harder lot of things starting to happen in open source. Big players trying to address security and virtualization issues, what leads to really interesting features in recent SoCs. Couple weeks ago I decided to recover my knowledge about UEFI and take a look how it is implemented for architecture that have its momentum - namely ARM in its 8 version (ARMv8)....
Categories: firmware
Using PlatformIO with TI MSP430 LunchPads
Published at December 8, 2015 · Piotr Król · 6 min read
PlatformIO is very interesting project that aim to solve very important problem of configuring deployment environment for embedded systems. IMHO good approach is to focus on modularity (various IDE can be used, even Vim) and simplicity (in best case 2 command should be enough to deploy first code). Recent years we have explosion of bootstraping applications (ie.vagrant, puppet). Most of them seems to follow git-like command line interface and getting a lot of attention from programmers community....
UEFI Application development in OVMF
Published at November 21, 2015 · Piotr Król · 3 min read
OVMF (Open Virtual Machine Firmware) is a project that aim is to enable UEFI support in various virutal machines. According to whitepaper various projects have interest in supporting OVFM ie. VirtualBox, Xen, BHyVe and of course QEMU. Why someone may be interested in OVMF ? IMHO the most important reason is that OVMF give ability to develop UEFI applications without using real hardware. This speeds up development cycle by giving ability to start before hardware prototype arrive....
Categories: firmware
ESP-12 update to SDK v0.9.5 and AT v0.21.0.0? noobs tutorial
Published at January 25, 2015 · Piotr Król · 5 min read
January 23th Espressif published new ESP IOT SDK on their forum v0.9.5. My ESP-12 came with with pretty old version so I decide to update it to latest one: 1 2 3 4 5 6 7 8 9 10 AT+RST OK y_RSöfJ[úndor:www.ai-thinker.com Version:0.9.2.4] ready AT+GMR 0018000902-AI03 OK ESP-12 firmware update pin configuration As picture presents in addition to normal operation we have to pull down GPIO0 and pull up GPIO2....
Published at January 24, 2015 · Piotr Król · 3 min read
ESP8266 is a SoC made by Espressif. For last couple of months this chip is a rockstar of HackADay and makers community around the Internet. Mostly because of WiFi modules built based on it (ESP-XX family). Rich interface (GPIO, SPI, SDIO, I2C) give those boards potential to be standalone MCU with WiFi capability for wide range of applications. In quantity you can get ESP-01 for $2.7 (for 1kpcs). Of course there is no free lunch....
Published at August 18, 2014 · Piotr Król · 10 min read
Trying to google ‘USB over IP’ doesn’t give much except some business web pages that give you it as a service. This brings some information about potential on the market IMHO. Main idea is well presented on open source project page for usbip. I really recommend to read USB/IP - a Peripheral Bus Extension for Device Sharing over IP Network technical paper it describe briefly technical details and capability. In short USB over IP is a sharing system aim to expose USB devices from server to client encapsulating USB I/O messages in TCP/IP payload....
Categories: firmware
Coreboot for QEMU armv7 (vexpress-a9) emulated mainboard
Published at August 7, 2014 · Piotr Król · 8 min read
Recently I came back to look into coreboot. Mainly because low level is fun and skills related to firmware (even coreboot) starting get attention on freelance portals (first odesk job, second odesk job). I was surprised that under the wings of Google coreboot team start to support ARM (BTW ARM programming is IMHO next great skill to learn). So I cloned latest, code compiled QEMU armv7 mainboard model and tried to kick it in latest qemu-system-arm....
Categories: firmware
0x3: Embedded board bootloader
Published at June 7, 2013 · Piotr Król · 3 min read
Table of contents What is bootloader ? Why we need bootloader ? Which bootloader ? What is versatilepb ? Compilation Where to go from here ? Kudos What is bootloader ? It is a program written to bring up more complex code (eg. kernel). On very simple system it can even not exist. Bootloader should prepare all required hardware that kernel or different operating software will need at its start point....
Categories: firmware
0x0: Intro to Virtual Development Board building
Published at June 7, 2013 · Piotr Król · 3 min read
Preface First question: How to start ? Virtual Development Board - table of contents Kudos Preface There are many reasons why ambitious programmers should care about huge rush in embedded market. IMO there is great potential in it. I don’t want to go deep into this but take a look at all tablets, phones, smart TVs and other cool stuff like wireless in you washing machine or refrigerator (ok this two are right now only a gadgets :) )....
Categories: firmware
Debugging coreboot in qemu environment - part 2
Published at April 18, 2012 · Piotr Król · 2 min read
In previous post coreboot was configured and installed. Here we try to establish good debugging environment for it. To create a good emulated environment to debug, research and learn coreboot few tricks are required. First of all we need to know how to run our emulated environment (qemu). What I mean by that?...
Categories: firmware
Debugging coreboot in qemu environment - part 1
Published at March 12, 2012 · Piotr Król · 2 min read
First of all I use testing version of Debian - wheezy. Clone coreboot repository: git clone http://review.coreboot.org/p/coreboot cd coreboot; make menuconfig Configure FILO as apayload and use its latest version: Payload -> Add a payload -> FILO Payload -> FILO version -> HEAD Add verbose debugging messages: Debugging -> Check PIRQ table consistency Debugging -> Output verbose malloc debug messages Debugging -> Output verbose ACPI debug messages Debugging -> Enable debug messages for option ROM execution Debugging -> Built-in low-level shell Debugging -> Trace function calls Try to build:...
Categories: firmware
Published at January 6, 2012 · Piotr Król · 2 min read
During Christmas break I found an old unused motherboard in my home, right away I thought that it maybe useful as learning environment for coreboot. First you need to do with this kind of board is to check if it is possible to flash its BIOS with user space tool called flashrom List of supported hardware can be found here. All you need to do is go through this HOWTO. Be aware that these operations can cause you will not be able to run your motherboard if something goes wrong....
Categories: firmware
Published at January 6, 2012 · Piotr Król · 1 min read
About a month ago I started my adventure with coreboot. As coreboot home page says “coreboot is a Free Software project aimed at replacing the proprietary BIOS (firmware) found in most computers”. Although I read the majority of materials from mentioned page I still suffered from a lack of basic information that would help me to arrange everything in my head. Therefore, I decided to write a series of posts described my actions associated with this interesting project....
Categories: firmware
.png){kind=small}
