diff --git a/config.toml b/config.toml index 6e51123..33f0903 100644 --- a/config.toml +++ b/config.toml @@ -1,4 +1,4 @@ -baseURL = "https://linuxboot.org/" +baseURL = "http://localhost/" languageCode = "en-us" title = "LinuxBoot" theme = "beautifulhugo" @@ -24,6 +24,6 @@ pygmentsUseClassic = true github = "linuxboot" [[menu.main]] - name = "About" - url = "page/about/" + name = "FAQ" + url = "page/faq/" weight = 1 diff --git a/content/_index.md b/content/_index.md new file mode 100644 index 0000000..823a9d3 --- /dev/null +++ b/content/_index.md @@ -0,0 +1,21 @@ +# Linux as Firmware +**Tired of reinventing the wheel by implementing drivers for firmware again and again.**
+**Not with LinuxBoot!** + +![](images/linuxboot_info.png) + +### What? +LinuxBoot is a firmware for modern servers that replaces specific firmware functionality +like the UEFI DXE phase with a Linux kernel and runtime. + +### Why? +* Reduces the attack surface by replacing firmware drivers with Linux. +* Improves boot time by removing unnecessary code. +* Allows customization of the initrd runtime to support site specific +needs (both device drivers as well as custom executables). +* Provides an environment for security research. + +### More info? +* [Heads, the slightly more secure firmware](http://osresearch.net/) +* [NERF branch of Heads for building LinuxBoot ROMs](https://github.com/osresearch/heads/tree/nerf) +* [Installation instructions for the Dell R630](https://trmm.net/NERF) diff --git a/content/page/about.md b/content/page/about.md deleted file mode 100644 index 0dce6e0..0000000 --- a/content/page/about.md +++ /dev/null @@ -1,35 +0,0 @@ -![Installing LinuxBoot on an Intel S2600 mainboard](images/s2600-flash.jpg) - -What? -=== - -LinuxBoot is a firmware for modern servers that replaces the UEFI DXE -phase with a Linux kernel and runtime. - - -Why? -=== - -* Reduces the attack surface by replacing UEFI drivers with Linux. -* Improves boot time by removing unnecessary code. -* Allows customization of the initrd runtime to support site specific -needs (both device drivers as well as custom executables). -* Provides an environment for security research. - - -How? -=== - -A ROM dump of the vendor firmware is extracted with a SPI -flash programmer and split into its components with -`uefi-firmware-parser`. -The SEC and PEI phases are retained to do initial measurement, memory -controller initialization and CPU interconnect setup, but all of the -vendor device drivers are removed. - - -More info? -=== -* [Heads, the slightly more secure firmware](http://osresearch.net/) -* [NERF branch of Heads for building LinuxBoot ROMs](https://github.com/osresearch/heads/tree/nerf) -* [Installation instructions for the Dell R630](https://trmm.net/NERF) diff --git a/content/page/faq.md b/content/page/faq.md new file mode 100644 index 0000000..ee518c3 --- /dev/null +++ b/content/page/faq.md @@ -0,0 +1,20 @@ +![Installing LinuxBoot on an Intel S2600 mainboard](images/s2600-flash.jpg) + +### Platform init and memory training +As part of the hardware setup the so called "SoC" init is required. It consists +of the platform bring-up and memory training. If the RAM training succeeds the +Linux kernel can be loaded. + +### x86 bootblock magic +Under x86 architecture there is no cache as RAM support from the beginning of the +platform init. Therefore, a register must be used as memory in order to initialize +CAR. + +### Cache As RAM +In order to do RAM [training](https://www.youtube.com/watch?v=h-Lkkg03Erk) some sort +of memory is needed. That is why the CPU caches are utilized. + +### What about SMM, ACPI, PCI DT and GFX init? +Graphics init and PCI Device Tree enumeration are already part of the linux kernel. +System Management Mode can be integrated as [well](https://www.youtube.com/watch?v=6GEaw4msq6g). +ACPI table generation is currently not supported and should be done by the firmware instead. diff --git a/static/images/linuxboot_info.png b/static/images/linuxboot_info.png new file mode 100644 index 0000000..6d96567 Binary files /dev/null and b/static/images/linuxboot_info.png differ