oe-chipsec.lists.linux.dev archive mirror
 help / color / mirror / Atom feed
From: Naresh Bhat <naresh.bhat@linaro.org>
To: chipsec@lists.01.org
Subject: Fwd: Regarding CHIPSEC
Date: Thu, 28 Jun 2018 12:24:16 +0530	[thread overview]
Message-ID: <CAFoFrHa-aPVoi5R5kuS47rYOP+M_PWSObg-vuT18+K8aMa6MpA@mail.gmail.com> (raw)
In-Reply-To: <7FE3244EBB31F1449E4EC79CFE44E3F4C2C7AF7B@ORSMSX115.amr.corp.intel.com>

[-- Attachment #1: Type: text/plain, Size: 6217 bytes --]

Hi,

Yuriy, Lee, John and Alex Thank you very much.  We (Linaro) really looking
forward to work with you guys and port CHIPSEC on ARM64.
I am taking the thread discussion on CHIPSEC mailing list which is setup by
Lee couple of months ago. Feel free to subscribe to CHIPSEC mailing list
https://lists.01.org/mailman/listinfo/chipsec

We can also have #chipsec IRC channel to discuss about development.

When can we expect a opensource codebase for CHIPSEC ?

Regards
-Naresh Bhat

Forwarded conversation
Subject: Re: Regarding CHIPSEC
------------------------

From: Lee Fisher <lee@preossec.com>
Date: 28 June 2018 at 00:59
To: Naresh Bhat <naresh.bhat@linaro.org>, Leif Lindholm <
leif.lindholm@linaro.org>, Yuriy Bulygin <yuriy@eclypsium.com>, "Bjorge,
Erik C" <erik.c.bjorge@intel.com>


On 06/26/2018 11:21 PM, Naresh Bhat wrote:
> Hi Lee,
>
> What is the status on CHIPSEC.  Is it 100% opensource ?  Can we port on
> ARM64 ?
>
> Regards
> -Naresh Bhat

[[

Switching from my personal blibbet(a)gmail emails to my work account, as
I'm deprecating my old personal account...

Adding Leif, because I was going to email him nearly same
comments/questions before you sent this email. :-)

Adding Erik of CHIPSEC team at Intel.

Adding Yuri of Eclypsium.

Summary: can we please understand current status of ARM port of CHIPSEC,
Linaro has an interest. I'm currently porting the Windows driver to
Intel and can help with ARM port. Eclypsium already has done a port, no
use in duplicating effort. Linaro started a port of LUV, but seems to
have stopped, but without CHIPSEC LUV is a lot less useful.

]]

Hi,

Yes, CHIPSEC project is GPL. CHIPSEC team has expressed interest in
ports from other architectures. Granted, most of those who've expressed
that interest have now left Intel and are working at Eclypsium :-) but I
think Erik feels this way. Given GPL, I presume this means you could
fork CHIPSEC and have a Linaro-CHIPSEC. But I'd prefer there be a single
CHIPSEC project with multiple architectures.

Yuri, now at Eclypsium, was formerly at Intel and as I understand it,
was CHIPSEC creator. He demoed CHIPSEC running on ARM last summer at DEF
CON (or Black Hat). He mentioned on Twitter (or maybe elsewhere, I
forget) that he was going to release it. Unclear of current status. IMO,
it would seem like a bad idea for Linaro to do an ARM port, if Eclypsium
is about to release their existing ARM port: why waste effort? I'd love
to see Linaro make LUV as capable as possible, ignoring CHIPSEC for the
moment, until existing port is clarified.

I hope CHIPSEC gets both AArch32 *AND* AArch64 ports: both chips need
security, and both would share common tests, and CHIPSEC already has
32/64 codebase in place. There's a lot of overlap in the 32- and 64-bit
code, it would not be a 2x effort. Same goes for LUV, there are LUV-32
and LUV-64 builds, and needs 32- and 64-bit versions of CHIPSEC.

I'm currently updating CHIPSEC's Windows kernel driver, it currently
supports Win7-era build.exe-based build files, and Win10 build tools
require a new msbuild.exe build files -- and need Visual Studio to build
them. Note that Win10 toolchain has ARM support alongside Intel. As soon
as I have CHIPSEC Windows kernel driver ported to Win10, I can now start
targeting ARM, alongside Intel. The Linux and Windows and Mac kernel
drivers all have their own OS-centric build files, and assembler-centric
formats (NASM on *nix, MASM on Windows), and x86 and x64 versions of the
asm file. BUT, the core logic in each asm file is nearly identical. But
they're nearly all Intel-centric, x86 and x64. CHIPSEC needs ARM-centric
equivalents in the kernel driver, for EACH OS, not just Linux. I realize
the "L" in "Linaro" means LINUX. But ARM works on Windows now, so ARM
Ltd has an interest in CHIPSEC on Windows. Is there a Winaro group, with
someone like Naresh thinking about the Windows ARM port of CHIPSEC? Once
Linux CHIPSEC kernel driver tree has new AArch32 and AArch64 subdirs
alongside existing x86 and x64 subdirs, and existing NASM/MASM files are
duplicated to ARM trees and gutted of Intel-centric instructions, and
new ARM-centric instructions are added, then CHIPSEC will not but useful
for most live analysis. Without a kernel driver, it seems mostly useful
for offline analysis (eg, of a rom.bin). I'm happy to help on ARM port.
Especially with Windows side, presuming Linaro has little interest and
there is no Winaro, and I'm stuck having to have a Windows build
environment -- with Intel *AND* ARM support -- and an interest in
CHIPSEC. I'd like to help ARM with Windows ARM port of CHIPSEC. But I'd
like to understand Eclypsium port clarified before I start duplicating code.

Thanks,
Lee


----------
From: Yuriy Bulygin <yuriy@eclypsium.com>
Date: 28 June 2018 at 01:18
To: Lee Fisher <lee@preossec.com>
Cc: Naresh Bhat <naresh.bhat@linaro.org>, Leif Lindholm <
leif.lindholm@linaro.org>, "Bjorge, Erik C" <erik.c.bjorge@intel.com>,
john(a)eclypsium.com, alex(a)eclypsium.com


Thanks Lee! Copying Alex and John on our side...
Naresh, Leif, pleasure to virtually meet you!

Perhaps a call some time in the next couple of weeks?

yuriy

—
Yuriy Bulygin
CEO, Eclypsium, Inc.
https://www.eclypsium.com

----------
From: Bjorge, Erik C <erik.c.bjorge@intel.com>
Date: 28 June 2018 at 02:04
To: Yuriy Bulygin <yuriy@eclypsium.com>, Lee Fisher <lee@preossec.com>
Cc: Naresh Bhat <naresh.bhat@linaro.org>, Leif Lindholm <
leif.lindholm@linaro.org>, "john(a)eclypsium.com" <john@eclypsium.com>, "
alex(a)eclypsium.com" <alex@eclypsium.com>


This sounds good to me.  Improving the portability of the tool will be a
good addition.  I look forward to working with all of you on these
improvements.



Thanks,

-Erik



*From:* Yuriy Bulygin [mailto:yuriy(a)eclypsium.com]
*Sent:* Wednesday, June 27, 2018 12:49 PM
*To:* Lee Fisher <lee@preossec.com>
*Cc:* Naresh Bhat <naresh.bhat@linaro.org>; Leif Lindholm <
leif.lindholm@linaro.org>; Bjorge, Erik C <erik.c.bjorge@intel.com>;
john(a)eclypsium.com; alex(a)eclypsium.com
*Subject:* Re: Regarding CHIPSEC

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 10333 bytes --]

           reply	other threads:[~2018-06-28  6:54 UTC|newest]

Thread overview: expand[flat|nested]  mbox.gz  Atom feed
 [parent not found: <7FE3244EBB31F1449E4EC79CFE44E3F4C2C7AF7B@ORSMSX115.amr.corp.intel.com>]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAFoFrHa-aPVoi5R5kuS47rYOP+M_PWSObg-vuT18+K8aMa6MpA@mail.gmail.com \
    --to=naresh.bhat@linaro.org \
    --cc=chipsec@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).