Send in your ideas. Deadline February 1, 2025
Grant
Theme fund: NGI Zero Core
Start: 2024-04
More projects like this
Hardware
Operating Systems

Transitioning SMM Ownership to Linuxboot

More robust defense Against Firmware Vulnerabilities

In an era marked by escalating cybersecurity threats, firmware security is one of biggest blind spots. One pervasive weakness lies in an architectural design called System Management Mode (SMM). Sometimes referred to as “Ring -2”, SMM is used by device manufacturers to interact with hardware like NVRAM, emulate hardware functionality, handle hardware interrupts or errata, and perform other functions.

The unrestricted, non-standardized control inherent to SMM implies significant security vulnerabilities. There is no shortage of Day-0 and Day-1 Firmware vulnerabilities related to SMM. Current industry practices open a wide door for cyber attacks, and the attacker can even bypass the secured OS kernel with the SMM loopholes.

This proposal introduces a novel SMM architectural design, by transitioning SMM ownership from core firmware (e.g. coreboot) to payload - in this case Linuxboot. This will leverage the robust, open-source nature of Linux’s SMM drivers, as its drivers that has been proven working very well over decades, and its open source nature made it easier for security reviews. This initiative aims to develop and universalize a secure architectural design in collaboration with chip vendors, and thus elevating the resilience and integrity of our digital ecosystem.

Run by 9elements GmbH

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 Core Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101092990.