[coreboot] software hardening research project - request for advices to start
laurent at 2lconsult.be
Mon Oct 21 18:14:38 CEST 2013
After having searched around me for some answers about BIOS and PC board
"hacking", I want to ask directly to the "core" developers.
In short, I would like to run a test software without OS (say, like
"memtest") on a standard mainboard. This software will have to access a
PCIe board, and may be some components of the mainboard. So we expect
the software will not exceed a few hundred kilobytes. During this
experiment, we want that a reset of the CPU does not lead to a reboot,
but just restart our software immediately (only a cold start would redo
all the usual "POST"), skipping all the usual hardware setups.
"immediately" means in one ms or so (the less, the best). More details
about what I'm working on at the end of this post. To achieve this on
standard mainboards, being able to modify the BIOS seems the only way.
My questions /request for comments and advices :
1.Is it feasible to modifiy the BIOS for such a reset (without POST and
2.Is it possible to put our software on the BIOS chip, so that we do not
need to access hard disk, and so that the code is protected (Read only)
during the runs.
3. is it possible to flash the BIOS without locking the board, i.e., is
it always possible to recover a working bios if flashing process failed,
or experimental BIOS is not working as expected. In that sense, are
there boards to avoid?
4.knowing we will have to access a PCIex8/16 extension board, and
knowing the points 1, 2 and 3, which board would you advice to use? For
example, I saw this one (
http://www.coreboot.org/ASUS_F2A85-M#Hardware_info ) for which PCIe
support seems OK. Of course, the board must be easy to buy, so older
ones are not a good choice if they are sold out.
I also saw that some boards offers bigger space to flash BIOS. Again,
this would be a good criterion for our needs, if it is possible to flash
our software in it using the remaining space.
What I wish is to start with a mainboard that has more than 90% of
probability to meet our needs.
Some more details about the project.
I'm research engineer in UCLouvain (Belgium). Our topic is "software
hardening for mission critical embedded software". Quickly said, we want
to test our approach with COTS hardware (usually, testing is done on
FPGA systems, or specific hardened hardware systems). So, we want to
use a PC board to run a very specific software on it (that could be the
"payload" coreboot can start). We intend to make this in two stages :
-first tests on a "naked" machine i.e. without OS. Our software is the
payload. That is the subject of this post.
-later, run a software hardened version of Minix (I saw minix is not yet
usable as such but if we come to this end, we will have some knowledge
to go this way).
The CPU of our "naked machine" will at the end be irradiated to inject
error in it, and see if it detects errors and stays working despite
board with special memory and FPGA on it
More information about the coreboot