What have we done?
As part of the System Transparency project and partnership with Mullvad, we ported the Supermicro X11SSH-TF server platform to coreboot. This platform is the first modern upstream coreboot server platform on the market with an Intel Xeon E3-1200 v6 processor also known as Kabylake-DT.
We have implemented the following features aside from supporting the mainboard in coreboot:
- ASPEED 2400 SuperI/O and BMC driver
- BMC IPMI interface driver
- Verified and Measured Boot functionality
- AST2400 superiotool support
- Intel Xeon E3-1200 inteltool support
- TPM 1.2 and 2.0 support
Of course the code can be found upstream in the coreboot project and is licensed under the GPLv2.
Why is it important?
Closed source firmware development has been the de-facto standard for the electronics industry since its inception. That didn't change even when open-source took off in other areas. Now, with changing use-cases and strict security requirements, it's more important than ever to take open-source firmware development to the next level.
Help us to change the way of firmware development and join the OSFC'19!
Where can you find out more?
The Supermicro source code can be found in the upstream coreboot gerrit and is under review. Our partners blog post is available here, if you want to get more familar with the concept of system transparency.
If you are interested in our firmware security services and trainings, just get in touch with us!