Announcement

Collapse
No announcement yet.

Linux Foundation Announces OpenBMC Project To Create Open-Source BMC Firmware

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux Foundation Announces OpenBMC Project To Create Open-Source BMC Firmware

    Phoronix: Linux Foundation Announces OpenBMC Project To Create Open-Source BMC Firmware

    Last week Intel announced their open-source sound firmware project while the latest project in the open-source realm comes via the Linux Foundation with the launch of OpenBMC...

    http://www.phoronix.com/scan.php?pag...dation-OpenBMC

  • #2
    Wow, they have a quite well written, **small** charter on their website, detailing the project.
    https://www.openbmc.org/wp-content/u...c_02142018.pdf

    development under an OSI-approved
    open source license
    I hope it will be GPLv3 so that it is upgradeable by the user, but given who is on board, MIT or BSD sounds more likely (Apple isn't there, though, so there's still a chance!)

    Edit: glanced at their GitHub repo from my phone, it seems that they use yocto as a base, which use GPLv2 and MIT in places. So it looks like they are building a distro. I am not very familiar with it, but wouldn't going with Nix be something more interesting?
    Last edited by [email protected]; 19 March 2018, 04:33 PM.

    Comment


    • #3
      Worth noting that OpenBMC is already happening for the POWER9 powered Talos II workstation.

      Comment


      • #4
        Originally posted by [email protected] View Post
        Wow, they have a quite well written, **small** charter on their website, detailing the project.
        https://www.openbmc.org/wp-content/u...c_02142018.pdf


        I hope it will be GPLv3 so that it is upgradeable by the user, but given who is on board, MIT or BSD sounds more likely (Apple isn't there, though, so there's still a chance!)

        Edit: glanced at their GitHub repo from my phone, it seems that they use yocto as a base, which use GPLv2 and MIT in places. So it looks like they are building a distro. I am not very familiar with it, but wouldn't going with Nix be something more interesting?
        The project licenses all code it creates under Apache 2.

        OpenBMC is a meta distribution, the same as Yocto. It provides Yocto configurations for a number of different machines, as well as the pieces to assemble your own BMC firmware. The supported machines are mainly OpenPOWER-based platforms, though expect support for more Intel and ARM platforms in the near future.

        It's mission isn't to be interesting, rather to be pragmatic and get open source code running in embedded environments that have previously been very much closed source.

        Hope that clarifies a bit.

        Comment


        • #5
          So, basically, there's hope that IPMI will stop being the laughing stock at most computer security conferences ?

          Comment


          • #6
            Originally posted by DrYak View Post
            So, basically, there's hope that IPMI will stop being the laughing stock at most computer security conferences ?
            More like hope of having a custom firmware to reflash whatever crap IPMI garbage the vendor places in.

            And IPMI isn't just shit for security, it's a shit show also for usability. I mean it's great to have it, but it is usually controllable from some dodgy Java application or something else that is full of its own issues.

            Comment


            • #7
              Originally posted by DrYak View Post
              So, basically, there's hope that IPMI will stop being the laughing stock at most computer security conferences ?
              Only to a degree; for instance the IPMI specification makes user management hard to secure in a meaningful way. No amount of well reviewed code will fix that.

              Comment


              • #8
                Originally posted by amboar View Post
                Only to a degree; for instance the IPMI specification makes user management hard to secure in a meaningful way. No amount of well reviewed code will fix that.
                Could you go in a bit more detail?

                Comment


                • #9
                  Originally posted by [email protected] View Post
                  I hope it will be GPLv3 so that it is upgradeable by the user, but given who is on board, MIT or BSD sounds more likely (Apple isn't there, though, so there's still a chance!)

                  Edit: glanced at their GitHub repo from my phone, it seems that they use yocto as a base, which use GPLv2 and MIT in places. So it looks like they are building a distro. I am not very familiar with it, but wouldn't going with Nix be something more interesting?
                  It's basically going the Android route. Linux kernel + Apache 2 userspace, and it is basically an embedded Linux system.

                  They do have strong push on having all drivers upstreamed though:
                  https://github.com/openbmc/docs/blob...development.md

                  This means that the situation should be similar to (but better than) Android, as if the drivers are upstreamed (opensource) you can theoretically nuke any vendor-customized closed variant and place a BMC firmware compiled from upstream sources.

                  Kinda like AOSP or LineageOS for Android.

                  As long as they let you "unlock" or "jailbreak" or however they call the procedure that lets the BMC bootloader start up an unsigned firmware, as with Android (or other embedded).

                  Comment


                  • #10
                    Originally posted by starshipeleven View Post
                    It's basically going the Android route. Linux kernel + Apache 2 userspace, and it is basically an embedded Linux system.

                    They do have strong push on having all drivers upstreamed though:
                    https://github.com/openbmc/docs/blob...development.md

                    This means that the situation should be similar to (but better than) Android, as if the drivers are upstreamed (opensource) you can theoretically nuke any vendor-customized closed variant and place a BMC firmware compiled from upstream sources.

                    Kinda like AOSP or LineageOS for Android.

                    As long as they let you "unlock" or "jailbreak" or however they call the procedure that lets the BMC bootloader start up an unsigned firmware, as with Android (or other embedded).
                    Addressing a couple of points here:

                    Yes, we aggressively push to upstream the modifications to any existing open source project we use. We don't want to be carrying patches. Mainline Linux will boot on a number of Aspeed BMC chips, mainline QEMU boots images produced by an OpenBMC build and we have some support for the AST2500 in mainline u-boot.

                    Regarding unlocking, the OpenBMC project itself won't be locking down your BMCs. The tools will be provided for manufacturers to ensure only signed updates are accepted by their platform, but whether they choose to only accept signed images or what keys they choose to accept are entirely up to them (the platform developer) not the OpenBMC project

                    Comment

                    Working...
                    X