Online / 6 & 7 February 2021

schedule

Porting fwupd to the BSD distributions

Porting firmware update system from Linux to FreeBSD, OpenBSD, NetBSD, and DragonFlyBSD


This presentation will describe the plan of porting the fwupd daemon to BSD distributions (FreeBSD, OpenBSD, NetBSD, DragonFlyBSD). It will explain the challenges connected with the implementation of firmware update systems. Through the fwupd daemon port, we will extend the functionality of the Linux Vendor Firmware Service (LVFS) to another family of systems. I will demonstrate the process of porting the fwupd/LVFS, based on the previous implementations. Also, I would like to present the fwupd/LVFS chain of trust and answer any questions the BSD community may have on this topic. I would love to hear some suggestions and feedback, which we should take into account during the development process.

The security of the whole system is not determined only by the software it runs, but also the firmware. Firmware is a piece of software inseparable from the hardware. It is responsible for proper hardware initialization as well as its security features. That means that the safety of the machine strongly depends on the mitigations of vulnerabilities provided by firmware (like microcode updates, bug/exploit fixes). For these particular reasons, the firmware should be kept up-to-date.

Nowadays, one of the most popular firmware update software is fwupd/LVFS. fwupd is a Linux daemon that manages firmware updates of each of your hardware components that have some kind of firmware. What is more fwupd is open source, which makes it more trustworthy than proprietary applications delivered by hardware vendors designed for (only) their devices.

Speakers

Norbert KamiƄski

Links