Coreboot conference Bonn 2015: Difference between revisions

From coreboot
Jump to navigation Jump to search
 
(27 intermediate revisions by 4 users not shown)
Line 21: Line 21:
==Goodies==
==Goodies==


 


<gallery>
<gallery>
Line 89: Line 89:
==Date and time==
==Date and time==
October 9-11 2015
October 9-11 2015
* Friday: 9:00-19:00
* Friday: 9:00-19:00 (talks start at 9:30)
* Saturday: 9:00-16:00
* Saturday: 9:30-15:00 (talks start at 10:00)
* Sunday: 9:00-19:00
* Sunday: 9:00-19:00


Line 109: Line 109:
=Agenda=
=Agenda=


TBD, evaluating submissions right now.
''Preliminary schedule, order still subject to change, some last-minute talks might still be added''
Please check back on thursday evening for a final schedule.


==Friday==
==Friday==


''Preliminary schedule, order still subject to change, some last-minute talks might still be added''
=== 09:30 Opening speech (10 min) ===


 
Dr. Gerhard Schabhüser, Head of the department, Bundesamt für Sicherheit in der Informationstechnik.
=== 09:30 Opening speech (10 min) ===
Dr. Gerhard , Department Head of Cryptographic Technology, BSI


=== 9:45 Keynote (15 min) ===
=== 9:45 Keynote (15 min) ===
Line 129: Line 128:
=== 11:05 Broken assumptions, and how coreboot deals with them (30 min) ===
=== 11:05 Broken assumptions, and how coreboot deals with them (30 min) ===
Patrick Georgi, Google Inc.
Patrick Georgi, Google Inc.
[https://docs.google.com/presentation/d/1esTe7l3C1aF1CAYww3NLHNS7JQvLTyy9gYzm2wyLXy4/preview slides]


=== 12:00 lunch (45 min) ===
=== 11:40 A reasonably safe travel burner laptop (45 min) ===
Georg Wicherski, Manager Information Dominance, CrowdStrike


=== 12:45 A reasonably safe travel burner laptop (45 min) ===
=== 12:30 lunch, getting to know each other (60 min) ===
Georg Wicherski, Manager Information Dominance, CrowdStrike


=== 13:40 NIST SP800-147 and the depthcharge payload (30 min) ===
=== 13:30 NIST SP800-147 and the depthcharge payload (30 min) ===
Patrick Georgi, Google Inc.
Patrick Georgi, Google Inc.
[https://docs.google.com/presentation/d/148zjoMv930RBF_Er1mc86B9qScpA42yWXWaaOB13qgE/preview slides]


=== 14:10 mini-break (15 min) ===
=== 14:05 coreboot quality assurance (45 min) ===
Paul Menzel, Giant Monkey Software Engineering
 
=== 14:50 mini-break (15 min) ===
 
=== 15:05 Blob free coreboot: A lost cause on x86? (30 min) ===


=== 14:25 coreboot quality assurance (45 min) ===
Paul Menzel, Giant Monkey Software Engineering
Paul Menzel, Giant Monkey Software Engineering


''ca. 3 more hours of talks, order is being finalized now''
=== 15:40 coreboot binary policy (20 min) ===
=== XX:XX Title (xx min) ===
Marc Jones [https://docs.google.com/presentation/d/1RmP7FPGZhx5Obq_YODXCNCBFyPwkqoqTlBRiCuANoAI/edit?usp=sharing slides]
 
=== 16:05 Making coreboot vendor/product friendly (30 min) ===
Stefan Reinauer, Marc Jones, Patrick Georgi [https://drive.google.com/open?id=1GzxK6GOp1YkGfs2jXLPM0qC_VTCyw5i1eJTWhh_XLBQ slides]
 
panel & discussion
 
* why do it?
* challenges vendors have
* release cycle - details
* validation
 
=== 16:35 mini-break (15 min) ===
 
=== 16:50 coreboot consortium (15 minutes) ===
Stefan Reinauer, Marc Jones
 
* who is it for?
* how does it work?
* role in community?
 
=== 17:10 Title (xx min) ===
N.N., Company
N.N., Company


 
''ca. 1.5 more hours of talks, order is being finalized now''


=== ca. 19:00 ===
=== ca. 19:00 ===
Line 154: Line 180:


==Saturday==
==Saturday==
<span style="background:red">NOTE: There will be no food on site on Saturday. We do have a 75 minute lunch break to go to restaurants close to the venue.</span>
=== Morning presentations over Hangouts ===
=== Morning presentations over Hangouts ===


Line 170: Line 199:


(See also: JELTKA [https://plus.sandbox.google.com/+JohnLewis-meh/posts/BGDUohexV9H])
(See also: JELTKA [https://plus.sandbox.google.com/+JohnLewis-meh/posts/BGDUohexV9H])
Recording: https://youtu.be/aTqBtifNRKw


Presenter: David Hendricks (dhendrix)
Presenter: David Hendricks (dhendrix)
Line 179: Line 210:


USENIX paper: https://www.usenix.org/system/files/conference/atc15/atc15-paper-minnich.pdf
USENIX paper: https://www.usenix.org/system/files/conference/atc15/atc15-paper-minnich.pdf
Recording: https://www.youtube.com/watch?v=FpzUd3NID6E


Presenter: Ron Minnich (rminnich)
Presenter: Ron Minnich (rminnich)
Line 184: Line 217:
==== 11:30 Flashrom ====
==== 11:30 Flashrom ====
Flashrom is a utility for programming ROMs that is commonly used by firmware developers as well as in support and manufacturing processes. It was spun off of coreboot many years ago and has remained as kind of a sister project ever since as many developers involved with flashrom are also involved with coreboot. This talk will attempt to summarize interesting developments upstream, in the ChromiumOS fork, considerations for manufacturing and field support versus end-user usage, and plans for the future.
Flashrom is a utility for programming ROMs that is commonly used by firmware developers as well as in support and manufacturing processes. It was spun off of coreboot many years ago and has remained as kind of a sister project ever since as many developers involved with flashrom are also involved with coreboot. This talk will attempt to summarize interesting developments upstream, in the ChromiumOS fork, considerations for manufacturing and field support versus end-user usage, and plans for the future.
Recording: https://youtu.be/OEu_YGlx0kw


Presenter(s): David Hendricks (dhendrix), possibly others
Presenter(s): David Hendricks (dhendrix), possibly others
==== 12:15 Automatic porting of coreboot (10 min) ====
Vladimir just managed to port coreboot to the Macbook Air. He is going to give a short presentation on how he did it with minimal effort.
Recording: https://www.youtube.com/watch?v=kzqg4aH6fzg
Presenter: Vladimir Serbinenko
==== 12:30 lunch break ====
==== 13:30 <span style="background:red">CANCELED</span> Automated testing of coreboot with REACTS (15 min) ====
==== 13:50 TBD ====
talks until 14:50


=== 15:00 Spare time activities (not part of the official conference) ===
=== 15:00 Spare time activities (not part of the official conference) ===
Line 215: Line 265:
|
|
|STR 16
|STR 16
 
|-
|-
|Bad Godesberg Bahnhof, Bonn
|Bad Godesberg Bahnhof, Bonn
Line 228: Line 278:
|1 (subject to change, if in doubt look for signs "Trains to Koblenz")
|1 (subject to change, if in doubt look for signs "Trains to Koblenz")
|RB 11156 (may also be another number, check the destination of the train)
|RB 11156 (may also be another number, check the destination of the train)
 
|-
|-
|Ahrweiler Markt
|Ahrweiler Markt
Line 254: Line 304:
==Sunday==
==Sunday==


Mostly development and one-on-one discussions, plus possibly a few talks.
The schedule will be decided ad-hoc depending on suggestions at the conference. If you have a great idea, talk about it and tell me (Carl-Daniel) to add it to the schedule!
Proposed topics include:
=== Building coreboot (tutorial) ===
Paul Menzel
A complete walkthrough for building your own coreboot image including payload and the settings you want.
=== Community building (group discussion) ===
Marc Jones [https://docs.google.com/presentation/d/1neB7Nl1ImgHBFZUc0qq5741dWmPfyBESIsIgBhFdg_E/edit?usp=sharing slides]
- things we do well and things we do poorly
- owning your nak (Gerrit review process)
- diversity
- teaching moments
=== Maintainers ===
Stefan Reinauer
- growth of coreboot and need?
- areas to maintain
- process changes?


=Participants=
=Participants=
Line 264: Line 339:
* Fabian Kunkel, BAP AB
* Fabian Kunkel, BAP AB
* Nico Huber, secunet Security Networks AG
* Nico Huber, secunet Security Networks AG
* Marc Jones, MJC
* ~30 other participants so far, waiting for OK to list them here
* ~30 other participants so far, waiting for OK to list them here



Latest revision as of 15:18, 11 May 2017

Invitation letter

Dear vendors, developers, users and interested parties,

on behalf of the Federal Office for Information Security (BSI) Germany I would like to invite you to the coreboot conference and developer meeting on October 9-11 2015 in Bonn, Germany.

Target audience

This conference and developer meeting is geared towards manufacturers of hardware (processors, chipsets, mainboards and servers/ laptops/ tablets/ desktops/ appliances) as well as developers of firmware with an interest in coreboot and the possibilities it offers as well as (potential) coreboot users. Both professionals and hobbyists are invited.

Who will host the conference

The Federal Office for Information Security (BSI) in Germany will host the conference in Bonn, Germany. As the national cyber security authority, the goal of the BSI is to promote IT security in Germany. For this reason, the BSI has funded coreboot development in the past for security reasons.

Date

The date of the coreboot conference is Friday October 9 to Sunday October 11, 2015. This is scheduled directly after Embedded Linux Conference Europe to make travel arrangements easier for people attending both events.

When should you attend

If your main interest is forging business relationships and/or strategic coordination and you want to skip the technical workshops, Friday (and possibly Saturday) will be the outreach day of talks, presentations and discussions.

If your main interest is doing development, you can use the separate developer room next to the during all three days of the conference.


Goodies

Call for presentations

We are looking for interesting talks/presentations about coreboot related topics for the first (and possibly second) day of the conference. Please note that those presentations are not intended to be advertisements or company portfolio presentations. Expected duration is between 10 and 45 minutes.

Deadlines

Submission: Please send the title, a brief summary, the expected duration and name/organization of the speaker to coreboot-conference@bsi.bund.de until September 21. We will notify you of acceptance until September 28. If you want us to make sure the slides work fine with the projector at the venue, please submit your final slides in pdf form before October 7.

Call for discussion topics and development suggestions

We hope to stimulate discussion and foster new ideas as well as explore ways to improve code, development and deployment. The format for this will be a few minutes (1-5) of presenting your idea/topic followed by discussing it with the audience for approximately 5-20 minutes.

Deadlines

While there is no formal deadline for submission, we'd appreciate a submission to coreboot-conference@bsi.bund.de before October 2 to be able to list the topic on the agenda to allow others to think about the topic in advance.

Call for profiles

This is the chance to tell others what you're doing, what you can offer and in what area you'd like to collaborate. If desired, we can attempt to distribute your profile to other conference participants before the conference.

Deadlines

Please submit such profiles before September 30 to coreboot-conference@bsi.bund.de.

Call for developers

If you want to do development all day, every day, just come and do it. We have power, networking and some spare hardware (please tell us in advance if you need something on site, we might have it in our lab).


Travel information

If you wonder about how to reach Bonn, there are three options available by plane:

  • The closest is Cologne Airport (CGN), 30 minutes by bus to Bonn main station.
  • Next is Dusseldorf Airport (DUS), 1 hour by train to Bonn main station.
  • The airport with most international destinations is Frankfurt Airport (FRA), 1 hour by train to Bonn main station.

Another option is travelling by train:

  • Bonn (main station: Bonn Hbf) is reachable by high-speed train (ICE), and other high-speed train stations (Cologne, Siegburg) are reasonably close (30 minutes). http://www.bahn.de/p_en/view/index.shtml is the easiest way to check your public transport options (train, buses etc.).

Travelling by car:

  • Use a GPS navigation device with up-to-date maps, otherwise you may find yourself unable to go where you want due to subtle changes of turn restrictions in Bonn. Be warned that rush hour traffic in the morning and afternoon (Mo-Fr) can add delays of up to an hour if you're trying to get into or out of Bonn. Inside Bonn rush hour traffic is much less severe, expect roughly twice the expected time between 7am and 9am as well as between 4pm and 6pm.

Conference location

Wissenschaftszentrum Bonn

Ahrstrasse 45

53175 Bonn

GERMANY

Getting there

http://www.stifterverband.info/veranstaltungen/wissenschaftszentrum_bonn/anfahrt/index.html (German only) An English version of the directions will be made available soon at http://coreboot.org/coreboot_conference_Bonn_2015

Accommodation

Accommodation is not centrally organized, but if desired we can point you to websites listing hotel contact information and/or booking services as well as the local tourist information office. We also have a small allotment of affordable bed&breakfast rooms at the venue reserved for conference participants, just ask us.

Spare time activities

If there is enough interest, it might be possible to get a tour of the former top secret bunker of the German Federal Government on Saturday evening. More info at http://regbu.de/Fremdsprachen/GB1.html Besides that, Bonn and Cologne have lots of tourist attractions (e.g. Cologne Cathedral, excavations of ancient Roman sites, a rich cultural life, ...).

Food and drinks

More info will be posted to http://coreboot.org/coreboot_conference_Bonn_2015 shortly.

Date and time

October 9-11 2015

  • Friday: 9:00-19:00 (talks start at 9:30)
  • Saturday: 9:30-15:00 (talks start at 10:00)
  • Sunday: 9:00-19:00

Signing up / Registration

There is no fee, attending the conference is free.

To enable us to estimate the number of attendees (for catering etc.), please notify us ASAP whether you will attend the conference at coreboot-conference@bsi.bund.de. Thank you!

Should you need a personal invitation email to justify attending the conference, please tell us and we'll try to oblige.

All information is also available at http://coreboot.org/coreboot_conference_Bonn_2015

Sincerely,

Carl-Daniel Hailfinger


Agenda

Preliminary schedule, order still subject to change, some last-minute talks might still be added Please check back on thursday evening for a final schedule.

Friday

09:30 Opening speech (10 min)

Dr. Gerhard Schabhüser, Head of the department, Bundesamt für Sicherheit in der Informationstechnik.

9:45 Keynote (15 min)

Stefan Reinauer, Engineering Manager Firmware & Embedded Controller Group, Google Inc.

10:05 coreboot introduction (45 min)

Martin Roth, Google Inc.

10:50 mini-break (15 min)

11:05 Broken assumptions, and how coreboot deals with them (30 min)

Patrick Georgi, Google Inc. slides

11:40 A reasonably safe travel burner laptop (45 min)

Georg Wicherski, Manager Information Dominance, CrowdStrike

12:30 lunch, getting to know each other (60 min)

13:30 NIST SP800-147 and the depthcharge payload (30 min)

Patrick Georgi, Google Inc. slides

14:05 coreboot quality assurance (45 min)

Paul Menzel, Giant Monkey Software Engineering

14:50 mini-break (15 min)

15:05 Blob free coreboot: A lost cause on x86? (30 min)

Paul Menzel, Giant Monkey Software Engineering

15:40 coreboot binary policy (20 min)

Marc Jones slides

16:05 Making coreboot vendor/product friendly (30 min)

Stefan Reinauer, Marc Jones, Patrick Georgi slides

panel & discussion

  • why do it?
  • challenges vendors have
  • release cycle - details
  • validation

16:35 mini-break (15 min)

16:50 coreboot consortium (15 minutes)

Stefan Reinauer, Marc Jones

  • who is it for?
  • how does it work?
  • role in community?

17:10 Title (xx min)

N.N., Company

ca. 1.5 more hours of talks, order is being finalized now

ca. 19:00

Exploring local food and beverages... Possible destination is http://www.gasthausimstiefel.de/ Gasthaus im Stiefel. They do have local specialties and enough space for all of us. Other destinations are possible as well, let's talk about it sometime during friday lunch break and decide where to go.

Saturday

NOTE: There will be no food on site on Saturday. We do have a 75 minute lunch break to go to restaurants close to the venue.

Morning presentations over Hangouts

Those who will not be physically at the conference in Bonn can still participate in the talks/presentations via video conferencing. Morning sessions over Hangouts are planned to begin at around 10:00 in the morning in Bonn. For reference this is 01:00 in California, 04:00 in New York, 16:00 in Taipei and Beijing. If there is enough interest additional sessions can be planned to accommodate people in various timezones.

If you live in Silicon Valley you may join a small group of people at Google's campus in Mountain View. See David's invite on the mailing list [1].

People from anywhere in the world are welcome to join the Hangouts session. There is a limited number of slots available, so if you would like to participate please contact David Hendricks (dhendrix@google.com). You may also ask on IRC (#coreboot on freenode). There are two ways to join:

  • Use a Google-authenticated account such as Gmail. You will be able to join at any time.
  • If you do not wish to use a Google-authenticated account you may request to join by following the meeting link. One of the session hosts will need to accept your request, so coordinate via e-mail or IRC.

10:00 Linux-As-Bootloader

Linux-As-Bootloader is an attempt to revive the old LinuxBIOS model of storing a stripped down Linux kernel alongside the firmware (e.g. in NOR flash). This approach allows us to leverage the power of Linux to give us maximum features and capabilities without duplicating a lot of kernel code. This is particularly useful for systems that have non-trivial drivers for storage, filesystems, network, etc. which may be used to boot the machine.

I will try to have a couple demos prepared to demonstrate this on x86 and ARM systems by bundling a kernel with Busybox and diagnostic utilities on the firmware ROM and booting Linux from main storage. Detailed instructions, scripts for building one's own Busybox rootfs, etc. will be posted on the coreboot wiki.

(See also: JELTKA [2])

Recording: https://youtu.be/aTqBtifNRKw

Presenter: David Hendricks (dhendrix)

10:45 U-root

U-root is an embedded environment written in Go that is currently used as a payload for coreboot. Its aim is to provide an embedded environment where the user can inspect the source code and modify programs on-the-fly and potentially become smaller than binary-based environments as more utilities get bundled.

U-root includes only 5 binaries in its distribution: go, 6c, 6g, 6l, 6a. All other programs are compiled from source upon the first invocation (cached in memory thereafter), and compilation usually takes on the order of a few hundred milliseconds. U-root currently includes support for basic UNIX utilities and network utilities including a simple webserver. Since all programs are compiled from source they are 100% portable so long as the Go toolchain is supported for your architecture.

USENIX paper: https://www.usenix.org/system/files/conference/atc15/atc15-paper-minnich.pdf

Recording: https://www.youtube.com/watch?v=FpzUd3NID6E

Presenter: Ron Minnich (rminnich)

11:30 Flashrom

Flashrom is a utility for programming ROMs that is commonly used by firmware developers as well as in support and manufacturing processes. It was spun off of coreboot many years ago and has remained as kind of a sister project ever since as many developers involved with flashrom are also involved with coreboot. This talk will attempt to summarize interesting developments upstream, in the ChromiumOS fork, considerations for manufacturing and field support versus end-user usage, and plans for the future.

Recording: https://youtu.be/OEu_YGlx0kw

Presenter(s): David Hendricks (dhendrix), possibly others

12:15 Automatic porting of coreboot (10 min)

Vladimir just managed to port coreboot to the Macbook Air. He is going to give a short presentation on how he did it with minimal effort.

Recording: https://www.youtube.com/watch?v=kzqg4aH6fzg

Presenter: Vladimir Serbinenko

12:30 lunch break

13:30 CANCELED Automated testing of coreboot with REACTS (15 min)

13:50 TBD

talks until 14:50

15:00 Spare time activities (not part of the official conference)

If you plan to participate in the bunker tour, please note we have to leave 15:05. If you haven't yet told me that you want to come, please send a short email ASAP to [3] so I can try to adjust the number of participants.

16:45 Former government secret nuclear bunker (90 min)

Guided tour. Roughly 10 EUR/person for the tour (depends on number of participants)

We will be travelling there by tram+train. Please note that we will have to walk from the venue to the tram station (1 km) and from the final train station to the bunker (1.5 km). If you want to look up a timetable, use http://www.bahn.de/p_en/view/index.shtml . We'll board the tram at "Bonn Hochkreuz/Deutsches Museum Bonn", take the train at "Bad Godesberg Bahnhof, Bonn", and arrive at "Ahrweiler Markt".

Station/Stop Date Time Platform Train/Tram Direction
Venue Sa, 10.10.2015 dep 15:05 walk 15 min
Bonn Hochkreuz/Deutsches Museum Bonn Sa, 10.10.2015 dep 15:23 STR 16
Bad Godesberg Bahnhof, Bonn Sa, 10.10.2015 arr 15:27 walk 8 min. Caution! The train station is under construction and NOT usable for anyone with a walking disability. If in doubt, ask early enough so we can organize alternative transportation or assistance.
Bonn-Bad Godesberg Sa, 10.10.2015 dep 15:55 1 (subject to change, if in doubt look for signs "Trains to Koblenz") RB 11156 (may also be another number, check the destination of the train)
Ahrweiler Markt Sa, 10.10.2015 arr 16:29 2
Ahrweiler Markt Sa, 10.10.2015 dep 16:30 walk 15 min
Regierungsbunker Sa, 10.10.2015 arr 16:45

Sunday

Mostly development and one-on-one discussions, plus possibly a few talks.

The schedule will be decided ad-hoc depending on suggestions at the conference. If you have a great idea, talk about it and tell me (Carl-Daniel) to add it to the schedule!

Proposed topics include:

Building coreboot (tutorial)

Paul Menzel

A complete walkthrough for building your own coreboot image including payload and the settings you want.

Community building (group discussion)

Marc Jones slides

- things we do well and things we do poorly - owning your nak (Gerrit review process) - diversity - teaching moments

Maintainers

Stefan Reinauer

- growth of coreboot and need? - areas to maintain - process changes?

Participants

  • Stefan Reinauer, Google Inc
  • Georg Wicherski, CrowdStrike
  • Wim Vervoorn, Eltan BV
  • Gerard Duynisveld, Eltan BV
  • Werner Zeh, Siemens AG
  • Fabian Kunkel, BAP AB
  • Nico Huber, secunet Security Networks AG
  • Marc Jones, MJC
  • ~30 other participants so far, waiting for OK to list them here

Who brings what

If you intend to bring hardware and/or need hardware you can't travel with, please either add it to the Talk:Coreboot conference Bonn 2015 page or mail coreboot-conference@bsi.bund.de.