OSFC 2018 - coreboot rompayload | Ron Minnich

00:00

[Music]

00:04

give it up for a minute

00:07

[Applause]

00:11

so I got a little jealous of trammels

00:14

picture of Vincent so I was trying her

00:18

to this recursion thing and it didn't

00:19

quite work as you can see with the

00:21

banding yeah so anyway Ram payloads so

00:26

they always tell you if you do a talk

00:29

you need to have an outline so I did an

00:31

outline there so and then I thought

00:36

that's not very very informative so you

00:38

know I did a slightly more of an outline

00:41

so I'm gonna talk about what a Ram

00:43

payload is and why you would do it and

00:45

how it is done so I am NOT trying to

00:50

claim here that this is something you

00:52

would do on every platform mainly I'm

00:55

trying to say it's something that might

00:56

be useful on some platforms so what's

01:00

the random payload I mean it's kind of

01:01

simple it's just a payload loaded from

01:03

the ROM stage instead of loading a Ram

01:05

stage you just load the payload from the

01:06

rom stage and then that begs the

01:09

question because well what is a ram

01:11

stage and a bunch of you in here know

01:15

more about what it is than I do but I'm

01:17

just gonna do my simple definition the

01:20

function of the RAM stage is to discover

01:21

allocate configure and enable resources

01:23

roughly before booting I left one thing

01:27

out have some means of communicating the

01:31

information to the payload it can and

01:35

this is more recent right so the first

01:37

eight years this wasn't a thing but

01:39

since 2007 or so it's been a thing which

01:41

is implementer untimed firmware SMM or

01:44

s3 Linux files would speak this began as

01:47

originally didn't do that because it ran

01:50

on supercomputers and I run on

01:51

supercomputers in places that we

01:53

absolutely did not ever want to have SMM

01:55

running I think even as early as 2000 we

01:59

kind of knew SMM was a very bad thing to

02:04

put it lightly a the RAM stage is small

02:06

in some systems and large on others and

02:08

so then you know some people say to me

02:10

sometimes oh wait a minute Linux does

02:12

that right

02:13

next us all that discover blah blah blah

02:15

stuff so why aren't you doing it with

02:17

Linux and that kind of gets back to the

02:20

beginning and we actually never planned

02:22

on a ramp stage in the beginning in the

02:24

beginning actually Linux was the thing

02:26

we loaded so here's the original ROM

02:29

stage for Linux BIOS which was actually

02:33

completely wrong because between the

02:35

time I stopped working with PCI card

02:37

design and I got back in the pcs again

02:39

this thing called SDRAM happened which

02:42

you know I had not a clue about so for

02:45

what it's worth when I started this

02:46

project I didn't have the faintest idea

02:47

what I was doing and it somehow worked

02:50

out so anyway so that's the first

02:52

totally ridiculous rom stage that didn't

02:54

work but you know okay fine that's the

02:57

wrong stage let's pretend we got SDRAM

02:59

working why don't we do Linux is the RAM

03:01

stage in the first place well it

03:03

actually turns out we did in 1999 I did

03:06

it with Linux 2.2 didn't work get into

03:09

that in a second interesting thing I

03:11

clicked looked at all the binaries so

03:12

the FS Peas on github and the average

03:15

the 450k roughly which is bigger than

03:19

the Linux kernel that we were putting in

03:20

flash back then kind of a surprise

03:24

so here's the problem I kind of stumbled

03:27

my way through the SDRAM in it and

03:28

finally got that working and stumbled my

03:30

way through a bunch of early linux

03:31

startup and now I plugged in and ie the

03:34

IDE device and I got this far and then

03:36

it said device disabled BIOS and I

03:39

thought I can't be right I am the BIOS

03:41

what did I do that I didn't know about

03:43

did I kick myself in the back or

03:45

something and and the answer was no we

03:47

didn't do something behind her back we

03:49

failed to do something and Linux back

03:51

then interpreted not enabled as disabled

03:54

in critical places so and here's the

03:58

critical place in tune I to ID PCI type

04:01

see there's this loop across the base

04:03

address registers and if any one of them

04:05

was 0 would just say oh dear me the BIOS

04:08

has just disabled the IDE PCI device

04:10

which of course we haven't done but we

04:12

hadn't enabled it and then it all just

04:14

you know it went south at that point so

04:19

Linux 2.2 couldn't do it in 2000 and so

04:23

I kind of we were really staring to

04:25

options in the face

04:26

one day option was fixed Linux right fix

04:29

Linux is PCI and probing and all that

04:31

stuff to work correctly when there

04:33

wasn't a BIOS I kind of ping some

04:37

friends so binding the Linux community

04:38

and they kind of came back with oh

04:40

you're just weird so there's no need to

04:43

fix this because it works for us you're

04:44

the only person and it was literally

04:46

true I was the only person on the world

04:47

with that problem but you know

04:49

nevertheless I was having it and in 1998

04:51

I tried to get the ninety subsystem into

04:54

Linux and that took eight years and I

04:57

didn't know that in 1999 but they

05:00

weren't quite as open as they are today

05:01

and remember this is free get free bit

05:03

get keep bit keeper right this is kind

05:05

of like I think there were still

05:06

shuffling tar files around I'm not sure

05:08

so the second option was fix Linux files

05:11

and I went was Plan B I grabbed the

05:14

Linux file Linux PCI enumeration code

05:17

and jammed it into Linux and things kind

05:19

of worked and that became the ROM stage

05:20

and the thing we know as a device model

05:22

came in kind of envy v2 so well the work

05:29

on Linux files started in the second

05:30

millennium announced the third

05:32

millennium so now we've been around for

05:34

like a millennium it seems like a good

05:36

time to think this through a little and

05:38

and you know the RAM stage has grown

05:40

over time from this simple PCI

05:41

configurator to a lot more stuff but

05:43

Linux has similarly grown in in

05:46

capability and they can do a lot more of

05:47

what the RAM stage does so the question

05:51

is there you can think of an

05:52

intersection pointing capabilities

05:54

between what Linux knows how to do it

05:55

the RAM stage does and a question is you

05:58

know do we need the RAM stage it's the

06:00

intersection of capabilities at a point

06:02

where Linux could just do what the rain

06:05

stage does today and part of what drove

06:09

this is the FIR early risk five ports

06:11

there was no RAM stage I mean the only

06:13

thing the RAM stage showed in the

06:14

earlier wrist fight for its is loads

06:15

payload and I get a little worried

06:19

sometimes because I see the risk five

06:21

RAM stage and I got to talk to Jonathan

06:23

and Phillip about this but I see things

06:25

growing in a risk five RAM stage almost

06:27

because they're looking at the x86 as a

06:30

model and that's not really convincing

06:32

reason to do that right so I kind of

06:35

worry a little bit about what I see

06:36

happening because I saw this happen in a

06:38

risk five community well if the x86

06:40

does this we should do that so the x86

06:42

has SMM well we'd better extend the

06:45

privilege mode so we can make sure we

06:46

can do a thing like s mm so you know

06:48

sort of jumping into the mud pond there

06:51

which is not always something you want

06:53

to do and further in a lot of cases we

06:56

don't want the things the RAM stage can

06:57

do for us we don't want s mm we don't

06:59

want s3 resume and we don't want to run

07:01

times services at all on a lot of

07:05

assistants we don't need the RAM stage

07:06

to enumerate resources they're simple

07:09

and hard-coded or they're PCI and we

07:10

know how to enumerate PCI and you know

07:13

SMP setup actually in the earliest days

07:15

of Linux BIOS we did it in a kernel we

07:17

did know SMP setup in Linux files until

07:19

about I don't know a 2001 or two when we

07:22

had to deal with the k7 which had a very

07:24

odd style of SMP setup and we have other

07:28

ways to provision things like API so you

07:31

know if you look at the RAM stage a lot

07:32

of the RAM stage is kind of there in

07:34

some places arguably to support other

07:35

parts of the RAM stage so that that's

07:38

kind of the reason for looking at this

07:40

so can we go right through the payload I

07:42

did the experiment at the coreboot

07:44

conference in Denver in 2015 and kind of

07:47

convince myself that well Linux and

07:49

Harvey actually could be loaded directly

07:51

from the ROM stage the code wasn't great

07:53

but it did the job and convinced me and

07:55

this is actually what we're hoping to do

07:57

in UEFI so here's UEFI today that's a

08:03

lot of binary blobs right and and and

08:05

there's scary stuff like there's this

08:08

stuff right this happens when Linux is

08:10

running what does it do the OS present a

08:13

fact what does that do

08:15

I don't know and there's just a lot of

08:17

stuff in there that's read right for me

08:19

blood-red and this is what we're working

08:23

to we're not there but if we look at the

08:26

SCC and PCI footprint in ROM it's about

08:29

10% and what we want to do is go right

08:33

from that last step which is the board

08:35

in it right into Linux and flash and you

08:38

saw your route this morning we won't

08:40

have an init Ram FS containing you route

08:42

with a net food or local boot and if we

08:45

desperately need to run some UEFI driver

08:47

we're gonna run that out of Linux so the

08:50

big big red mess in the middle is gone

08:52

completely

08:54

and further we're doing we're putting in

08:58

this concept of this air gap okay

09:00

any idea is like we used to do in Linux

09:02

BIOS that thing loads that thing and

09:06

this thing never talks back and the

09:09

reason is simple we don't trust firmware

09:11

so that's a reasonable thing to not

09:13

trust right they still in the last two

09:15

years so the runtime is gone the OS

09:17

president app is gone and this thing

09:19

just runs and that's what we're trying

09:22

to work to so it's simple rule if you

09:27

don't underwear then you'll be owned by

09:28

the firmware and we'd rather not be

09:32

owned so by the way little digression

09:40

the Linux BIOS Linux boot community is

09:42

pretty big as Ryan showed we've had a

09:45

lot of discussions about signing now

09:49

we're stumbling right we're getting

09:51

right close to the edge of my lack of

09:52

understanding of some of these things

09:53

but basically as I understand that the

09:55

current model is that vendor keys get

09:57

fused in to these fuses and then you can

10:02

lock out any further attempts to change

10:04

them that's just got to stop so that's

10:08

got to get fixed the current model is

10:10

just not acceptable and here's the

10:12

simple reason one simple reason let's

10:14

just say the odium sets the fuses and

10:17

then here's a customer let's just i'll

10:19

pick on facebook facebook is a customer

10:22

if they want to do anything and get it

10:24

signed they have to go back to the OEM

10:25

okay fine now facebook sells nodes to

10:28

john reese company for him to resell

10:30

he's got to kind of go back around

10:32

facebook to this company then this

10:34

company buys them from john murray

10:36

they've got to go back to that company

10:38

if they ever change the firmware this is

10:39

just not an acceptable situation this is

10:42

one of those cases where I think chrome

10:43

really completely got it right you get a

10:46

Chromebook you want to change the keys

10:47

you change the keys right cuz it's your

10:49

you are the owner so I'm not even

10:52

arguing here for open up all the source

10:55

give us all the source GPL your source

10:57

I'm really just arguing for give us

10:59

control of the machine we paid money for

11:00

that's a simple argument so if anybody's

11:05

interested in having this discussion

11:06

Friday or Saturday May

11:08

we can sit down and talk about it but

11:10

this has really got to change another

11:12

thing that we keep getting into for the

11:14

last 18 months on this project we've got

11:16

to get from a point where we're doing

11:18

docks by reverse engineering to docks

11:22

and you may hear that theme a few more

11:24

times in the next day anyway that air

11:28

cough I mentioned is essential because

11:29

it breaks this connection between you

11:31

and the firm where you don't trust now

11:34

it's not that people are bad or people

11:38

are dumb it's that people make mistakes

11:40

we all make mistakes right I make lots

11:42

of mistakes and if you have a model

11:44

where someone is going to create a blob

11:46

and that blob will be bug free forever

11:48

and they're gonna put it in this thing

11:50

and are gonna sign it and you are stuck

11:52

with that blob it's not a workable model

11:54

right and and if that is the model and

11:57

that is the model today then your best

11:59

decision you can make is simply not to

12:01

trust that once you're booted and that

12:04

was the model from Linux files right we

12:06

locked out SMN we heard a lot of stuff

12:09

about it was impossible to create a

12:10

server platform that didn't have SMM

12:12

Linux Network shipped well over a

12:14

hundred thousand nodes with no SMM they

12:16

worked fine so um you know in 2000 the

12:21

plan was no SMM and actually no acti

12:23

because we knew a guy from AMD who had

12:25

resigned from the ACPI committee because

12:27

he told us it was just the exploit

12:29

heaven and he didn't want anything to do

12:30

with it

12:31

we're not sure what to do about acne but

12:33

oh well we did keep the air-gap for the

12:36

first eight years of linux fast until

12:38

laptops and you know i think we all know

12:40

the story there if you're gonna do a

12:42

laptop you're gonna do power management

12:43

and the only model you've got there is

12:45

SMM and act ii but what is it BIOS and I

12:50

got to thinking about this and part of

12:51

the reason is almost embarrassing I

12:54

wrote my first firmware 40 years ago

12:56

this year and it gives you some

13:00

perspective so in 75 Garry killed well

13:03

he's kind of the guy who invented the

13:05

term BIOS for CPM you know you let it

13:07

seep yet from a floppy and then in your

13:09

1 kilo byte a EEPROM on your inside or

13:12

out there right you had this little

13:15

library any idea is CPM set the rules

13:19

right

13:19

CPM said if you're gonna run me

13:21

you're gonna implement this to our

13:24

specification so CPM ruled the roost

13:27

right they they defined what that

13:29

interface was then comes 1980 and it got

13:35

a little weird because IBM released the

13:37

PC and they actually released the source

13:38

code to the BIOS but it was copyrighted

13:40

but but this weird thing happened that

13:43

it flipped right it's like the boat

13:44

flipped over all of a sudden the thing

13:48

that set the rules was the BIOS not some

13:50

kernel and if that's the initial

13:52

condition to where we are today where

13:54

BIOS is set rules and we have to conform

13:56

to those rules it wasn't that way in the

13:58

first couple of years so where we are

14:01

today is the firmware it's a 81 92 times

14:04

larger it's a hardware adaptation layer

14:06

it's a vendor lock-in tool I mean you

14:08

can take your choice of these I tend to

14:10

pick them all it's a complex operating

14:12

system it's a large collection to build

14:14

in Valle 'nor abilities and exploits

14:15

it's a very inefficient way to access to

14:17

services and in my opinion is something

14:20

and everyone to use once you're booted

14:21

that's the reason for what we're doing

14:23

here and yet it keeps recurring so the

14:29

risk 5 model is we've got the super end

14:31

user modes and there's this thing called

14:33

machine mode and machine mode is

14:36

provided by the firmware vendor ok and

14:39

you know do we have to do that actually

14:41

we don't in the risk 5 this the one

14:44

privileged mode the kernel could load M

14:46

mode but we're all kind of working

14:47

toward this model and you can see the

14:49

patch is coming into coreboot where the

14:52

firmware is going to provide the M mode

14:54

and it's going to lock out the kernel

14:55

from changing it that's called security

14:57

and some planet or universe but it

15:00

really doesn't have to be that way it's

15:02

just the way we think about it because

15:04

that's how we think about everything

15:05

right firmware is permanent it has a

15:09

higher privilege in anything it's the

15:11

route of trust and the only problem with

15:12

all that is this wrong because we can't

15:14

trust it so we have an untrustable route

15:17

of trust now I'm talking to one risk 5

15:20

company that's working with someone I

15:23

know in do-e they're not going to do

15:25

that in their in their risk 5

15:27

implementation the M mode code will be

15:30

supplied by the kernel not the firmware

15:34

so what's wrong with em mode firmware

15:36

libraries well why would you trust it

15:38

right it's gonna be written by the same

15:40

people you know at these vendors off

15:43

somewhere I'm not playing fingers that

15:45

even the chipset guys somebody is gonna

15:48

hack this thing up because we're trying

15:49

to get a board out in schedule and

15:51

they're gonna insert bugs that's what

15:53

keeps happening so why on earth would

15:56

you want to trust em mode stuff supplied

15:58

by the kernel like I mean that firmware

16:00

I can't think of a reason you know and

16:02

how and when do you update if you if you

16:03

have a bug in M mode you've got to

16:05

reflash the firmware and all your

16:06

machines if you supply the end mode with

16:08

the kernel you reboot and you have the

16:11

fixed end mode code so you know if you

16:14

have an M mode security fix and the

16:15

kernel supplies the code you reboot done

16:17

you've you've updated your M mode code

16:19

you didn't have to reflash for formants

16:24

you know what's the API for these things

16:26

it's always maximally paranoid okay if

16:30

you write firmware that's going to be

16:32

called by something you'd better assume

16:34

the thing calling you is bug-ridden you

16:37

can't trust it at all okay so you've got

16:40

to do this a maximal saving of state to

16:42

make sure that you don't get hurt and

16:46

you know I've been here before on the

16:48

IBM Blue Gene one of the last series in

16:51

order to sort of preserve this IP layer

16:53

they created this giant blob of a

16:55

firmware if you wanted to send a packet

16:56

on the IBM Blue Gene Taurus the idea was

16:59

let's call this thing in firmware to

17:01

send the packet for us okay well when

17:03

you called that firmware on Blue Gene

17:05

headed to a full TLB and cache flush and

17:07

change the page table route so it was

17:08

incredibly horrendously inefficient and

17:10

you know all the guys who did kernels on

17:12

Blue Gene including me we just ignored

17:14

the firmware and we wrote our own code

17:15

to send packets on the torus because we

17:17

couldn't take that performance hit so

17:20

you know I'm just not a big fan of you

17:22

know firmware I call because it hasn't

17:25

proved to really be a great idea and

17:28

where is on risk 5 if the kernel is the

17:30

end mode it can optimize calls to the

17:32

end mode code so here's the slightly I I

17:38

think this is the thing I expect to get

17:40

beat up about kernel should should PI

17:43

firmware services they need and this is

17:45

kind of building on last year or I was

17:46

showing that

17:47

a Linux kernel could supply the SMM code

17:50

and use it instead of the firmware

17:51

supplied code if there's a firmware

17:53

service mode in the CPU then let the

17:56

kernel supply the code it runs that's

17:58

real easy to do on risk 5 most of that

18:00

stuff's to find in the core boot arch

18:02

directories very easy to add that to

18:04

Linux and have Linux set it up and you

18:07

know this this policy though act 10

18:09

sacks against this tendency people have

18:12

like m-mode code or whatever code you

18:14

want to call it you know people say oh

18:16

we need this extra thing I know we'll

18:18

just add another function mo then it

18:20

grows without bound that's what we've

18:21

seen happen that's why you know BIOS is

18:24

on PCs or now eight megabytes of runtime

18:26

stuff so I also think it would force a

18:29

degree of your strength and what gets

18:31

foot into n mode and it would also this

18:35

one's important you know this stuff is

18:37

always a lock in it's always a chance to

18:41

lock you in to a given vendor because

18:42

they supply some firmware library and

18:44

the equivalent of M mode no one else

18:46

supplies and now you've discovered

18:47

you're dependent on it and you can't

18:48

change vendors anyway back to the RAM

18:51

payload that's my rant there's a ram

18:55

payload for Concord org the rom stage

18:58

loads the RAM payload if that fails goes

19:01

directly to the RAM stage that's very

19:03

handy for when things go wrong aside I

19:07

think we need to I keep running across

19:09

calls to run Ram stage that are followed

19:12

by a die but Renton Ram stage never

19:14

returns or didn't used to because it's

19:16

got a die in and if it fails so we've

19:18

got some kind of weirdness in the way we

19:20

call Ram stage a lot of its historical

19:22

and goes back I know some of that code

19:23

is 10-15 years old

19:25

anyway if the RAM payload works you get

19:27

a prompt Brian talked about Linux kernel

19:30

and you root this morning that's what

19:32

the test I'm doing does which I'm going

19:33

to show you in a minute so it changes 13

19:37

files

19:40

I added into the payload called Linux

19:41

check which made my life way way easier

19:44

Linux check is is intended to be a

19:47

regression test that may grow over time

19:48

and all NX check does is grovel just

19:51

hunts around the machine looking for

19:52

things that might cause trouble for

19:53

Linux so it's a nice small piece of code

19:56

it makes sure you have a console that

19:58

the serial is set up that a number of

20:00

memories is in the 8

20:01

a table is greater than zero that's

20:03

always nice Linux will panicked and

20:05

visibly if that is zero so you know

20:08

Linux jet gets handy for finding things

20:11

that Linux will not tell you have

20:13

happened

20:15

and the only problem I've found so far

20:17

once I got through some of this is that

20:19

core boot ROM stage praying at least for

20:21

me doesn't actually work in qmu anymore

20:23

don't know why yet I added a ramp a load

20:28

config bearable in CDF as in Ryan I've

20:31

caught a call to run ramp rogue this is

20:33

kind of boring stuff and I'm just quick

20:34

on a quick run through it in the yard

20:38

8250 i/o if config ramp payload is set

20:41

then I call your fill lb which adds a

20:43

table entry for the serial port and then

20:47

in the you know I created this function

20:49

run ramp rogue and that changes program

20:51

loading todd h one weird thing i added

20:54

my own compact boot mem write memory

20:57

table because calling the standard one

20:59

that runs on the ram staged rings in a

21:01

lot of dependencies on tables that we

21:02

don't actually create in the rom stage

21:04

so it proved to be a lot simpler just to

21:07

have a real truncated write memory table

21:13

in the source leadcore boot table i just

21:16

disabled a few things I enable CBM list

21:19

and here's the one that's been a little

21:20

controversial since I started doing this

21:22

I've got a self loader for the ROM stage

21:25

and it actually looks a lot like the

21:26

Linux BIOS cv3 self loader it's a lot

21:28

simpler than the RAM stage version

21:30

because I don't have anything in RAM

21:32

more or less right so I just called and

21:34

and move it all to memory the push fact

21:37

I got is we should only have one self

21:39

loader my pushback on the pushback is

21:42

self is a data structure format self

21:46

loaders walked that data structure

21:47

format and take certain actions similar

21:50

to elf I don't see a problem with having

21:52

to self loaders one being very complex

21:54

and one being very simple so we can

21:56

argue about that in the next few days

21:57

when we're here I'm sure we will but

21:59

that's my take on self loaders so that's

22:05

it so far what about acti yeah what

22:07

about efi we're not sure of that act ii

22:08

Trammell's work on heads he actually was

22:11

talking about loading a key from a file

22:13

in unit ram FS rather than you

22:15

one in the firmware because guess what

22:16

we don't trust firmware so we're not

22:19

quite sure what we want to do a lot acti

22:22

it's just there have been issues in

22:24

these active tables over the years and

22:27

so I I don't think we'll want to quite

22:30

do the full air gap with coreboot but

22:32

never know so summary is random payloads

22:37

were the original Linux files design the

22:40

RAM stage was created to cover for these

22:42

Linux limitations and they just haven't

22:45

proven to be needed in all cases and

22:47

this began when I was looking at the

22:48

risk 5 and it continued when I was and

22:50

then looking at UEFI when we were

22:52

throwing away everything after the PGI

22:54

and it seemed worth going back and

22:56

taking a look at what we do in coreboot

22:59

we don't want to use run time firmware

23:02

services because we keep getting burned

23:04

by them and that then makes the payloads

23:06

look more sensible than ever and we're

23:09

looking at developing them for a ufi

23:10

that's of course just about well

23:13

work-in-progress coreboot going to demo

23:14

it and you boot on those processor

23:16

architectures and I've forgotten I left

23:19

off power because this works on power

23:23

alright so let me do the demo so this is

23:30

qmu you know normal dot rom you know

23:34

standard Ram stage with the Linux

23:36

payload and as I mentioned this is a

23:39

basically this is the kernel that Ryan

23:41

was talking about this morning along

23:43

with you root as unit ram FS so way we

23:47

go

23:51

okay now ruff that prompt is the root

23:53

shell prompt so you know this this

23:56

varies and and I haven't done enough

23:57

runs because I'm not a statistician but

24:00

it kind of is like in above 5 type

24:02

territory most of the time you can

24:06

hammer me on my lack of statistical

24:08

rigor that's fine and here's the RAM

24:11

payload I mean even in queue of you you

24:16

can see well same time don't like anyway

24:21

generally this seems to be faster and

24:23

it's not surprising because no way about

24:24

it if you load the RAM if you load the

24:27

colonel from the rum stage that's hard

24:30

to see it being much slower than loading

24:31

the RAM stage from the rum stage and

24:33

then loading the colonel from the RAM

24:34

stage so it actually works though and

24:38

after i po the pci thing we have a

24:41

command in your route called pci just

24:43

prints the pci bus and you know you can

24:45

do stuff like well show me your config

24:47

space and the thing i notice here is if

24:52

for those of you who really know pci

24:54

well if you look at sort of config space

24:57

for i don't think i've actually

24:59

correctly configured that command

25:01

register but it's and I don't think well

25:04

I think that might be a bar there I'm

25:05

not sure so I'm not entirely convinced

25:07

that the PCI configuration is correct

25:09

yet but I think it's fairly easy to deal

25:13

with that kind of issue yeah so that's

25:18

kind of it work in progress I think we

25:24

could make this go and I think we can

25:26

sort of dispense with what the RAM stage

25:28

does and more importantly we're trying

25:31

you know I'd kind of actually like this

25:33

to be sort of competitive I you're gonna

25:36

be surprised to hear me say this with

25:37

UEFI boot and one way to get there is is

25:40

not run the ramp stage and boy am i I'm

25:43

also finishing really early so you're

25:45

getting oh five minutes left

25:46

oh I'm not finishing early it's time for

25:48

questions yeah thank you very much yeah

25:52

the round of applause thank you

25:56

[Applause]

25:58

so it's question-and-answer time so

26:00

you're supplying the questions supplying

26:03

the answers or so I've heard

26:06

what's it who survives questions that's

26:08

such a new thing for me here so bright

26:17

so what do you need from other users who

26:21

are interested in coreboot you know rom

26:24

stage do you need tests already yes do

26:27

you think it would work on real boards

26:31

or would you be interested in tests or

26:34

the Theresa I'm glad I'm here is because

26:36

of the two-day hackathon I'm hoping

26:38

someone comes up to me and says I

26:39

brought in x86 with coreboot let's give

26:42

it a shot okay

26:43

and further yes anyone who wants to jump

26:47

in and give me a hand the more we

26:49

learned a better right maybe this will

26:51

never work mate I'm actually pretty sure

26:53

on wrist five it will work very well

26:56

depending x86 not sure yet we'll see

27:01

but yeah I'd anything anyone wants to do

27:04

it love to have the help including code

27:05

reviews of course so any more questions

27:12

all right okay thanks thank you have

27:16

another round of applause for one

27:18

[Applause]

27:22

[Music]