# NL.net proposal ## Project name LibreBMC ## Website / wiki Please be short and to the point in your answers; focus primarily on the what and how, not so much on the why. Add longer descriptions as attachments (see below). If English isn't your first language, don't worry - our reviewers don't care about spelling errors, only about great ideas. We apologise for the inconvenience of having to submit in English. On the up side, you can be as technical as you need to be (but you don't have to). Do stay concrete. Use plain text in your reply only, if you need any HTML to make your point please include this as attachment. ## Abstract: Can you explain the whole project and its expected outcome(s). LibreBMC replaces the proprietary Boot Management Controller and its secret firmware, entirely. In servers typically used in Data Centres and for scenarios where data privacy is paramount this turns out to be critical. One of the most commonly-used BMC Processors in the world has a silicon-baked plaintext password for its Serial Console, and with a BMC being the very means by which a processor's BIOS is uploaded, this publicly-available password allows for a full bypass of every conceivable security measure. BMC Processors are also present in every AMD and Intel desktop and Laptop in the world. Even replacing the BIOS with coreboot is not enough to gain trust because the BMC is in charge of uploading coreboot, and could easily alter it. At least in this case if the BMC's firmware is replaced it increases trust that the payload (coreboot) has not been tampered with. However this is so low-level that there is serious risk of damaging the machine. LibreBMC therefore intends to make a low-cost dual FPGA-based "Experimentation" platform, as Libre/Open Hardware, for developers to iteratively test out development of alternative BMC Firmware (LibreBMC, OpenBMC), without risk of damage to the machine it is managing. One FPGA will run LibreBMC, the other Libre-SOC/Microwatt/A2O, and the first will boot the second. This will allow the next phase - actual booting of servers and desktop machines - to proceed with confidence. # Have you been involved with projects or organisations relevant to this project before? And if so, can you tell us a bit about your contributions? # Requested Amount EUR 75,000. # Explain what the requested budget will be used for? * Design and fabrication of Libre/Open Hardware Dual FPGA Carrier boards (most likely accepting OrangeCrab as a module) * Porting of both LibreBMC and OpenBMC to the FPGA Board * Implementation of *server* side LPC (client-side already exists) * Verilator simulation of both client and server side LPC and testing of the two simulations back-to-back # Compare your own project with existing or historical efforts. ## What are significant technical challenges you expect to solve during the project, if any? ## Describe the ecosystem of the project, and how you will engage with relevant actors and promote the outcomes? # Extra info to be submitted * TODO URLs etc