From 1d77aa87eedd33f5068dd658e8da68f2fb5581e4 Mon Sep 17 00:00:00 2001 From: lkcl Date: Fri, 15 Jul 2022 22:20:03 +0100 Subject: [PATCH] --- nlnet_2022_librebmc.mdwn | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/nlnet_2022_librebmc.mdwn b/nlnet_2022_librebmc.mdwn index 49463d1c6..5eda911fd 100644 --- a/nlnet_2022_librebmc.mdwn +++ b/nlnet_2022_librebmc.mdwn @@ -26,12 +26,14 @@ and for scenarios where data privacy is paramount this turns out to be critical. One of the most commonly-used BMC Processors in the world has a silicon-baked plaintext password for its Serial Console, and with a BMC being the very means by which -a processor's BIOS is uploaded it allows full bypass of every conceivable +a processor's BIOS is uploaded, this publicly-available password +allows for a full bypass of every conceivable security measure. BMC Processors are also present in every AMD and Intel desktop and Laptop in the world. Even replacing the BIOS with coreboot is not enough to -gain trust because the BMC is in charge of uploading coreboot. +gain trust because the BMC is in charge of uploading coreboot, and could +easily alter it. At least in this case if the BMC's firmware is replaced it increases trust that the payload (coreboot) has not been tampered with. However this is so low-level that there is serious risk of damaging the machine. @@ -55,6 +57,12 @@ EUR 75,000. # Explain what the requested budget will be used for? +* Design and fabrication of Libre/Open Hardware Dual FPGA Carrier + boards (most likely accepting OrangeCrab as a module) +* Porting of both LibreBMC and OpenBMC to the FPGA Board +* Implementation of *server* side LPC (client-side already exists) +* Verilator simulation of both client and server side LPC + and testing of the two simulations back-to-back # Compare your own project with existing or historical efforts. -- 2.30.2