V-series
New Features
- Check to see if SMM (SMI handler) is locked down and can't be hacked (SMM BIOS Write Protect Disable (SMM_BWP)— R/WLO). Also see if BIOS is locked..
see https://www.blackhat.com/docs/us-14/materials/arsenal/us-14-Bulygin-CHIPSEC-Slides.pdf http://www.cs.usfca.edu/~cruse/cs630f08/smram.c, and http://www.ssi.gouv.fr/archive/fr/sciences/fichiers/lti/cansecwest2006-duflot.pdf
- team agrees this will improve the security
- All efi_runtime driver functions support for the Intel Supervisor Mode Access Prevention (SMAP) feature enabled.
- ivan will re-work the efi_runtime driver . ivan will help to verify if this bdw only or not.
- Collect more information such as kernel/module parameters in fwts and fwts-live
- we can improve the “version” test, alex will send out the patches for this and to update the docs
- Enable secure boot on fwts-live
- alex will help to investigate whether we can use ibs to build it and enable SB by default
Improvements
- Continual monthly sync with ACPICA
- colin will keep sending in ACPICA update patches monthly.
- Sync klog with 3.18, 3.19.. kernels
- colin will help to keep updating this
All sign up to the LuvOs project (since they are a fwts consumer) https://01.org/linux-uefi-validation/get-involved
- team will subscribe to this project
Ask the LuvOs project if they need any new features?
- team will try to work on this via multiple channels
- sync up the smicheck to SMBIOS vesion 2.8.0, and 3.0.0(not yet released, target 2014 Q4 released)
- Ivan will own this work, will keep monitoring the status and submit patches accordingly
- Implement more ACPI method tests
- YK will follow up with alex
- Release fwts-live with Utopic kernel
- yk will work with alex to try build two versions : stable and devel
- Investigate inconsistent results when running s3 test with --pm-method=logind, pm-utils, or sysfs
- kengyu will keep working on this, will work with alberto
- restart ITP in debian
- my last package reviewers said he does not have the enough background knowledge after a few rounds to review. So I am seeking a new one.
- kengyu will talk to kamal and timo if needed
Process
- whether to publish the fwts release process ?
- not many people care about this, does not matter much. the team agrees to let YK draft a brief summary and send to team for review
- better maintaining the public fwts docs ?
- team agrees to assign this part of work to release manager
- automate the building for fwts-live, using IBS ?
- Alex and YK will explore and try to automate the builds
Release Schedule
Version |
Release Date |
Release Manager |
Ubuntu schedule |
|
14.11.00 |
Nov/19/2014 |
Alex |
N/A ATM |
|
14.12.00 |
Dec/18/2014 |
Alex |
N/A ATM |
* Dec/22 ~ Jan/2 Chrismas in western |
15.01.00 |
Jan/21/2015 |
Ivan |
Jan/22 Beta 2 |
|
15.02.00 |
Mar/4/2015 |
Ivan |
N/A |
* Feb/18 ~ Feb/27 CNY in Taiwan |
15.03.00 |
Mar/31/2015 |
Kengyu |
Apr/16 Final Freeze |
|
Work items
- Alex
- Work with YK to automate the FWTS building
- Investigate whether we can use ibs to build FWTS/FWTS-Live and enable SB by default
- Send out the patches to collect more information such as kernel/module parameters in fwts and fwts-live
- Colin
- Check to see if SMM (SMI handler) is locked down and can't be hacked
- Keep maintaining ACPICA code
- Keep Syncing klog with 3.18, 3.19.. kernels
- Ivan
- Improve the efi_runtime driver, verify if the SMAP issue only impacts BDW
- Sync up the smicheck to SMBIOS version 2.8.0, and 3.0.0
- Kengyu
https://bugs.launchpad.net/fwts/+bug/1381462 Unable to run hybrid-suspend with fwts 14.09
- Seek a good mentor to help with fwts ITP in debian
- Investigate inconsistent results when running s3 test with --pm-method=logind, pm-utils, or sysfs
- Alberto
- None
- YK
- Draft a brief summary about FWTS release process and send to team for review
- Work with Alex to automate the FWTS building, build both Stable and Devel versions
- Follow up with Alex about implementing more ACPI method tests
FirmwareTestSuite/brainstorming/V-series (last edited 2015-01-29 14:12:01 by eth3)