Microsoft Announces Project Mu, an Open-Source Release of the UEFI Core (betanews.com) 121
Mark Wilson writes: Microsoft has a new open source project -- Project Mu. This is the company's open-source release of the Unified Extensible Firmware Interface (UEFI) core which is currently used by Surface devices and Hyper-V. With the project, Microsoft hopes to make it easier to build scalable and serviceable firmware, and it embraces the idea of Firmware as a Service (FaaS). This allows for fast and efficient updating of firmware after release, with both security patches and performance-enhancing updates.
FaaS is something that Microsoft has already enabled on Surface, but the company realized that TianoCore -- the existing open-source implementation of UEFI -- was not optimized for rapid servicing. This is where Project Mu can help, the company says. "Mu is built around the idea that shipping and maintaining a UEFI product is an ongoing collaboration between numerous partners. For too long the industry has built products using a 'forking' model combined with copy/paste/rename and with each new product the maintenance burden grows to such a level that updates are near impossible due to cost and risk," the company said.
FaaS is something that Microsoft has already enabled on Surface, but the company realized that TianoCore -- the existing open-source implementation of UEFI -- was not optimized for rapid servicing. This is where Project Mu can help, the company says. "Mu is built around the idea that shipping and maintaining a UEFI product is an ongoing collaboration between numerous partners. For too long the industry has built products using a 'forking' model combined with copy/paste/rename and with each new product the maintenance burden grows to such a level that updates are near impossible due to cost and risk," the company said.
ALL OF THE SERVICES (Score:1)
Why would we. We have your money and your balls.
Re: (Score:1)
Re: (Score:2)
Do you miss the good old days of keying in the bootstrap routine on start up?
Re: ALL OF THE SERVICES (Score:2)
Keying? Hrrmph! True freedom comes only from entering it with toggle switches!
Re: (Score:2)
Re: (Score:2)
Toggle switches, my god are you lazy! A true electron cowboy configures the boot sequence via jumper wires!
Re: (Score:1)
No sir! A true expert bootstraps by cutting the appropriate diodes out of the diode array with a wire cutter! You only have to do it once!
Re: (Score:2)
Mercy me! You win.
Re: (Score:2)
I assumed keying was the right verb for using any kind of switch. For what it's worth, in my head I was thinking of the front panel toggles on a minicomputer.
Once we had magnetic drums and terminals with paper tape things got a lot easier. Not better, but easier. But it did mean we could raid the bit bucket for an unlimited supply of confetti.
Re: (Score:1)
Re: (Score:2)
Re:ALL OF THE SERVICES (Score:4, Insightful)
Open Source isn't as free as most people think it is.
Free and Open Specifications have far more value then Source Code does.
And No Open Source doesn't mean the specifications are Open automatically, There is a lot of ways to hide stuff in source code that would make comprehending the logic far more complex then just a normal reverse engineering of it. There is also a lot of system particular calls which may be the case as well.
For example a lot of old Legacy Applications will save data files by just dumping the memory structure into the file in raw binary format. I can take this code it will compile and work on a different platform but wouldn't be able to read the data files, Because how the system handled memory was different (such a using Big Endian vs Little Endian which is more common today) or just how an integer may be classified 16bit, 32bit, 64bit....
Open Source alone doesn't make it free or open. It just gives you the source code, which you may be able to alter some features without having to do a full rewrite.
Re: (Score:3)
Legacy is hard on closed or open, but at least with open there's a place to start. And thankfully CPU's uses to be slower, so emulation of the whole system isn't a terrible option.
Re: (Score:3)
Open Source isn't as free as most people think it is. Free and Open Specifications have far more value then Source Code does. (...) For example a lot of old Legacy Applications will save data files by just dumping the memory structure into the file in raw binary format.
And how many of those applications do you think have specifications that are actually current, correct and complete? Specifications are vital if you're trying to establish a standard. If you're trying to decipher a one-of-a-kind format created by proprietary software, custom-developed code or anything like that the source code is in 99.9% of the cases the only answer to what is really happening. Then you start looking through version control systems (if you're lucky), design docs, bug reports, ask the busin
Re: ALL OF THE SERVICES (Score:2)
ACs on Slashdot in 2018:
Re: (Score:2)
Re: (Score:3)
it's just a spelling mistake, it was meant to read "open sores".
Re: (Score:2)
You bought your computer from Microsoft, what did you except?
Though if other OEM's followed suit, it might be interesting.
GET YOUR OWN NAMES MICROSOFT (Score:2)
At least they took the name of a company that makes brake parts instead of another computer-related thing this time.
Re: (Score:2)
Well the company is called "Project Mu."
Firmware as a service? (Score:1)
Why? What possible reason do we need firmware as a service? Oh, I know. One more thing to generate recurring fees to fix the stuff that you already paid for. Plus the ability to plant stuff deep in your system when you aggravate the wrong people. Or how about exploitation by malicious parties? What a great idea.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
You already can't write your own firmware for these devices due to signing requirements. At least being able to audit a common codebase is a step up.
Re: (Score:2)
Re: (Score:2)
They'd have to reopen Bug #1 [launchpad.net]
Not a Fan of UEFI (Score:3, Insightful)
Other than the wave of fancy graphics found on computer set-up screens, UEFI, has brought little to the table. As someone who has assembled over one-hundred computer, I think that the old BIOS, being a very minimal, compact, low-bug, text-based setup software was a idea better suited to reliable computers than "modern" bloated, bug-filled, UEFI.
Monopoly-wise, UEFI, has given Microsoft and unfair advantage to draw a circle around all (IBM Compatible) PCs and call them their own.
Re: (Score:2)
Monopoly-wise, UEFI, has given Microsoft and unfair advantage to draw a circle around all (IBM Compatible) PCs and call them their own.
In what way? Pretty much every other x86-based OS can boot off of UEFI.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:1)
Because they all need to petition redmond for a signature with the redmond key to be somewhat viable as a competitor to redmond. And, of course, it means supporting lots of redmond tech (fatshame32) just so you can boot. BIOS is crappy but so much simpler to deal with, that UEFI is not an improvement.
Re: (Score:3)
Bullshit. We have our Linux images signed with our own key, and they work just fine. There is zero Microsoft involvement. FAT is 'lots of redmond tech'?
Re: (Score:2)
Not true, quite a few computers, especially server and business grade allow a physically present user enter platform setup mode and upload the public portion of the PEK and then you can sign any KEK that you like.
Re: (Score:2)
IF you add your own KEK, you can sign any bootloader, driver, or kernel that you'd like to use.
Re: (Score:2)
That may be technically true, but I think the original poster was mainly referring to off-the-shelf desktop computers, which come with only the Microsoft keys - and for which typical (and even fairly technical) desktop Linux users need to deal with a Microsoft-sanctioned shim to get a working installation (or disable encryption altogether - if the BIOS in question allows that).
I guess the bottom line question is - if an MS Surface does not allow you to install Linux on it, should we be wary of other boxes s
Re: (Score:3)
You can install any Linux that uses the shim, or you can install your own KEK key. I not sure if you can take control of the PEK though and entirely block microsoft software from the device though. https://docs.microsoft.com/en-... [microsoft.com]. But the suface is largely business class, having a TPM that you can use to verify the boot chain.
All in all replacing consumer firmware with mu, may actually provide more control on average, giving more options than such M$ key on or secure boot off.
Re: (Score:2)
Also having one codebase to pressure to enable PEK setup is still a better situation than trying to tie OEM's down on a thousand different codebases.
Re: (Score:2)
I guess the bottom line question is - if an MS Surface does not allow you to install Linux on it, should we be wary of other boxes starting to use its UEFI implementation?
But they do, they always have. Despite all the fear-mongering over the years of how SecureBoot will kill Linux on the desktop.
You can add your own keys (if the OEM adds that feature), you can turn SecureBoot off altogether or you can use the shim. Even then that all only applies to hardware that has gone through the "Certified for Windows 10" program.
Re: (Score:2)
Not true, quite a few computers, especially server and business grade allow a physically present user enter platform setup mode and upload the public portion of the PEK and then you can sign any KEK that you like.
Any OEM machine that ships with Windows is required to allow a physically present user to install their own key. The only OEM that can get around this? Microsoft. They do not follow that rule with the Surface, as an example. At least not the ARM ones. I don’t know what they do with the x86 ones.
Re: (Score:2)
ARM's always been an exception unfortunately, and the whole embedded space is a mess generally.
Re: (Score:2)
ARM's always been an exception unfortunately, and the whole embedded space is a mess generally.
True. It's a lot easier to use non UEFI firmware with ARM, though. In fact, it is rarely used on ARM. AFAIK the only phone manufacturer to use UEFI is Apple, but I could be wrong. Though in the ARM server world there is a lot more UEFI firmware. If you have a very limited set of hardware requirements, CoreBoot is probably a better choice. But if you need to support expansion slots and a very configurable boot process then UEFI is way more mature. I know the Siemens uses CoreBoot to load up Intel base
Re: (Score:2)
Because they all need to petition redmond for a signature with the redmond key to be somewhat viable as a competitor to redmond.
That's *ONLY* if you get a machine with secure-boot enabled by default and Windows pre-installed, and even then it's only a couple of manufacturers that only include Microsoft keys. I think it was only a *requirement* on WinRT devices, which are now dead and buried. My MSI motherboard from four years ago lets you add keys to UEFI to enable secure-boot for other OSes.
Re: Not a Fan of UEFI (Score:2)
Re: (Score:2)
So it's only if you buy pretty much any computer you are likely to find in a store then? Wow ... Good thing it is an exception and not the norm!
Is there any system that doesn't have a switch to turn SecureBoot off? Even Microsoft's own Surface devices have a switch for it.
Re: (Score:2)
Because they all need to petition redmond for a signature with the redmond key to be somewhat viable as a competitor to redmond.
No, you're confused. You're talking about the SecureBoot feature of UEFI, which you can turn off even on Microsoft's own Surface computers. Even then the only motherboards that even have any requirement for the SecureBoot feature at all are ones that want the "Certified for Windows 10" sticker on them.
Re: (Score:3)
Because they all need to petition redmond for a signature with the redmond key to be somewhat viable as a competitor to redmond. And, of course, it means supporting lots of redmond tech (fatshame32) just so you can boot. BIOS is crappy but so much simpler to deal with, that UEFI is not an improvement.
This is FUD. The UEFI Forum solicited proposals for companies to provide the root of trust for Secure Boot and all of the big security companies wanted a lot of money to host this. Microsoft offered to host it for free. Any other company could make the same offer the UEFI Forum would gladly accept it and add another root of trust. Not to mention that a requirement to get a system certified for OEM sale of Windows requires that the end user be able to install their own Secure Boot key. This means that a
Re:Not a Fan of UEFI (Score:5, Informative)
As is normal on slashdot, 99% of the people complaining about UEFI appear to have absolutely no idea what it is or does. UEFI has nothing to do with 'fancy graphics set-up screens (although it may make creating such screens much easier). On all of the UEFI-based systems I have used, the setup screens look exactly like BIOS screens.
And WTF does UEFI have to do with giving Microsoft a monopoly? If anything, it does exactly the opposite. The access to firmware functions is provided by standardized UEFI calls, not proprietary drivers provided by a device manufacturer.
Re: (Score:2)
Wrong again. Any distro can publish the public portion of their signing key, and anyone can install that key using the OS of their choice. If you chose a crappy vendor that does not allow installation of your own keys, that is on you, not MS.
Re: Not a Fan of UEFI (Score:2)
Re: (Score:2)
I have built Tianocore images and booted them in order to understand UEFI so I think it's fair to say I'm in that other 1% and I assure you UEFI is a clusterfuck.
That depends entirely on what you are trying to accomplish. TianoCore provides drivers for just about everything. Way more than is needed to boot most systems. THat’s because UEFI is designed to work for everybody in just about every use case imaginable. You could use something like CoreBoot but the feature set is much smaller. Sometimes that is a good thing and sometimes that is a bad thing. It depends entirely on what you’re trying to accomplish.
Re: (Score:1)
Some of the people complaining about UEFI may be clueless, but despite that they're not wrong. UEFI is overcomplicated, bloated, design-by-committee, buggy garbage (see also: ACPI).
OpenFirmware is BIOS done right. But sadly, people don't appreciate Forth so it died.
Re: (Score:1)
If you manage desktops for a business, UEFI is both a pain in the but and a God-send.
A pain in the but because all these new-fangled UEFI machines broke your old imaging process. You've had to adapt to either learn to switch machines over to legacy boot more or (worst case) completely re-design your imaging process from the ground up with UEFI in mind.
A god-send because it enables some really cool new deployment scenarios, mainly through network booting. So you can set a machine to boot to a network locatio
Re: (Score:2)
If you manage desktops for a business, UEFI is both a pain in the but and a God-send.
A pain in the but because all these new-fangled UEFI machines broke your old imaging process. You've had to adapt to either learn to switch machines over to legacy boot more or (worst case) completely re-design your imaging process from the ground up with UEFI in mind.
A god-send because it enables some really cool new deployment scenarios, mainly through network booting. So you can set a machine to boot to a network location that will automatically deploy the OS. You can even configure the machine to reboot every night and re-image back to pristine, without any 3rd-party software. A god-send because it enables some new security features: namely, validating the boot image, which makes it very difficult for root kits to take hold.
I remember the Slashdot reaction when MS first announced support for SecureBoot. So many comments about how MS would use it to lock out linux or other open source products. That was nearly 10 years ago, and nothing even close to that has happened, but we have seen a meaningful security benefit.
You should not be using legacy boot in an enterprise situation. The only exception to that would be if you have some old operating system that does not work except in legacy mode. If you’re booting in legacy mode then your system’s security is about as solid as a slice of swiss cheese.
Re: (Score:2)
I think that the old BIOS, being a very minimal, compact, low-bug,
Normally I'd say something like "found the millennial" but you must be Gen-Z as even millennial would laugh at that statement.
BIOSes have since the early 90s been a clusterfuck of horrendously poorly written workarounds, barely working code messing up half the OSes that required to use them. UEFI is no worse than the old ones, and arguably better since it has provided a means of a non-archaic way of applying bugfixes that didn't involve digging through your junk drawer to look for a floppy drive and hope th
Re: (Score:2)
UEFI: the only thing imaginable that could be worse than BIOS. Now, every computer has a shitty DOS-class OS burned into the firmware, which is permanently resident, and the perfect platform for back doors and spyware. That is on top of the IME, which reduces trust even further. Intel x86 considered harmful [invisiblethings.org] paints a vivid and damning picture of the modern x86 platform.
Any bootstrap mechanism should be simple and transparent, and leave the owner with full control of the machine. CoreBoot [coreboot.org] is a good starting point. Replacing x86 is a good next step, since Intel refuses to document the platform, and requires binary blobs to boot the platform.
There are worrying efforts which may also infect RISC-V platforms with UEFI and "secure" enclaves. It is ironic that open hardware efforts could help accelerate locked-down computing, if vendors widely adopt these user-hostile technologies.
CoreBoot has its place but it does not natively provide the security of the UEFI specification and also does not handle all of the potential use cases that the UEFI specification does as well. And how many exploits have you seen recently that revolve around issues in the firmware and not issues in the secure processor? I can tell you right now that most computers that have shipped in the last year or two, while potentially containing exploitable flaws, have generally not had any issue that allows an attack
So, the author has no clue whatsoever (Score:2, Insightful)
UEFI is a replacement for the "beloved" BIOS, that's there in firmware, before your system boots.
It's been on *EVERY* workstation and server for years.
M$ tried to lock in Windows by making "secure boot" with UEFI... and only they had the cryptographic signing that was accepted. That didn't fly very long....
And for anyone who thinks "firmware as a service" is a good idea, instead of running away screaming, here, let me hijack your system, and install my own firmware on your system....
Re: (Score:2)
I don't think I understand what's intended by "Firmware as a service". What, is the idea that we pay Microsoft a subscription fee to run firmware now?
Re: (Score:2)
Seriously? Firmware as a service has nothing to do with subscriptions or fees. It means that an OS gets access to firmware functions by an architected interface (ie a service) to the UEFI. That is as opposed to BIOS, which provided no such functions, so every device manufacturer had to provide their own interface to their firmware via proprietary drivers.
Re: (Score:2)
I think my confusion should be understandable. SaaS = You rent software by a subscription. IaaS = You rent infrastructure by a subscription. FaaS = ???
I'm still not sure what "Firmware as a Service" means from your description. How is Project Mu more of a "service" than existing UEFI?
Re: (Score:2)
I take it as meaning they want to use the 'firmware as a service' aspects of UEFI (all UEFIs), but their current UEFI (TianoCore) is a bloated mess that is too difficult to maintain.
Re: (Score:2)
I take it as meaning they want to use the 'firmware as a service' aspects of UEFI (all UEFIs), but their current UEFI (TianoCore) is a bloated mess that is too difficult to maintain.
Microsoft basically wants the ability for the firmware image on the flash part to have multiple signatures. The ME or PSP portion of the flash part would be signed by the silicon vendor. Same with microcode, etc etc. UEFI allows modules. So if a generic module is being deployed then it can be signed by the developer of that module. This would allow security fixes to be pushed down to the flash without worrying about whether the OEM or ODM has decided to roll a new firmware image. This is actually the
Re: So, the author has no clue whatsoever (Score:2)
Re: (Score:2)
Haha! Good one! The original BIOS (circa 1981) provided a small set of 'standard' calls for text-mode video, serial port, parallel port, diskette drive, cassette tape, and not much else. By the time DOS 2.0 came out they were already starting to use device drivers, as the BIOS calls were simply not sufficient. When the 386 was released with 'protected mode', BIOS usage dropped to 0, as you could not even access it in protected mode. There are NO modern OS's that use BIOS.
Re: So, the author has no clue whatsoever (Score:2)
Re: (Score:2)
M$ tried to lock in Windows by making "secure boot" with UEFI... and only they had the cryptographic signing that was accepted. That didn't fly very long...
Actually it never flied at all. Despite how much you revise history, the very first requirements for UEFI mentioned in any Windows certification (specifically when Windows 8 was released) was that for a vendor to get the Microsoft certification for their product they *had* to provide a software switch to disable secure boot, something that Microsoft's own devices do despite them having no incentive or requirement to do so.
And for anyone who thinks "firmware as a service" is a good idea, instead of running away screaming, here, let me hijack your system, and install my own firmware on your system....
You can come and try, but may I suggest you go for my desktop first? You see my device
Re: So, the author has no clue whatsoever (Score:2)
Re: (Score:2)
How about getting it right the first time, *before* they sell the motherboard?
There's only so much you can get "right" then you also need to rely on everyone else's stuff working too. The vast majority of bug fixes are kludges to support edge cases or hardware pushed to the absolute limit.
Re: (Score:2)
M$ tried to lock in Windows by making "secure boot" with UEFI... and only they had the cryptographic signing that was accepted.
SecureBoot is not a Microsoft feature, there's no reason you can't add your own signing keys to it and there's no reason you can't just disable it altogether, even on Microsoft's own Surface computers. Not sure how you manage to be "locked in" by that situation. At the time they even put in a provision to OEMs that if you wanted certification they forced you put in a switch to turn SecureBoot off entirely. That's the exact opposite of being locked in.
Re: (Score:2)
Sorry, but I have five year old servers - real servers, rackmount Dells and rebranded Supermicro, and they all have UEFI. I think I started seeing it before them, tool
Solve the forking problem by... forking??? (Score:5, Interesting)
I fully agree with Microsoft that UEFI has a forking problem. But that is caused by the fact that BIOS vendors take tianocore as a baseline and extend it. The root of the issue is that tianocore itself does not provide a complete UEFI firmware implementation, it gets about 40% of the way there and expects the Silicon vendors (Intel, AMD, NVidia, Qualcomm, etc.) and BIOS vendors (AMI, Phoenix, Insyde, Biosoft, etc.) to fill in the rest with proprietary code. This problem is actually almost identical to the Android fragmentation problem. But really what Microsoft has done here is create another fork for their Surface products.
The good thing is that Microsoft has open sourced a lot of that fork and have pushed the percentage forward from 40% to maybe 50 or 60%. If you look at what they have released though it is very customized for Surface... they have come up with their own answers for a lot of stuff that the UEFI specification already has answers for; the BIOS setup menu/HII database being the most notable. The percentage gained could be much higher if they didn't insist on duplicating code already in tianocore just because they think they know better. Separately, the tianocore guys are also trying to solve the fragmentation problem. A complete open source UEFI firmware implementation is under development right now: https://github.com/tianocore/edk2-platforms/tree/devel-MinPlatform [github.com] I am one of the active contributors to tianocore. It is my hope that if Microsoft is truly interested in trying to solve the fragmentation problem that they are willing to work with tianocore and contribute to it instead of building their own competing open source community.
The one thing that all of us should keep an eye on is the potential for a Microsoft attempt to use the Windows Hardware Compatibility Program [microsoft.com] to force every PC on the planet to use MU. Creating a firmware mono-culture would give Microsoft much more control over the PC industry than Windows itself already affords them. They could turn every PC into nothing more than a Surface with a different OEM logo on the lid. It's certainly one way of solving UEFI's forking issue, but it would significantly strengthen the walled garden they are trying to build with Windows 10 at the same time.
Re: Solve the forking problem by... forking??? (Score:2)
Why EFI at all (Score:2)
Has anyone actually gotten anything from EFI but pain? Anything that would justify the whole new debacle rather than just an update to the old BIOS to understand bigger drives?
Re: (Score:3)
You do know there are NO OSs that use BIOS, right? Not a single one. It would take one hell of a lot more than 'understand bigger drives' to make BIOS useful, starting with running in other than real mode, and continuing with support of all the device types that have appeared in the last 35 years or so.
Re: (Score:3)
Yes, I do know that all OSes take over once they are loaded. Another reason why EFI is of questionable benefit.
Since all EFI and old BIOS seem to be good for is initializing the system, finding, and loading a boot loader, why do we even need to invite the new bugs and new pain from EFI? I've seen plenty of old BIOS that can load from iSCSI, USB, FC, etc.
EFI seems to suffer very much from second system syndrome as well as kitchen sinkism.
Everything as a service. (Score:1)
Firmware as a Service (Score:2)
No 'firrmware as a service" (Score:2)