Developers from 9elements CoreBoot for Supermicro Server Motherboard . Changes already into the core CoreBoot codebase and will be part of the next major release. The Supermicro X11SSH-TF is the first modern Intel Xeon processor-based server motherboard that can be used with CoreBoot. The board supports Xeon processors (E3-1200V6 Kabylake-S or E3-1200V5 Skylake-S) and can be equipped with up to 64 GB of RAM (4 x UDIMM DDR4 2400MHz).
Work done with Mullvad VPN provider as part of the project , aimed at strengthening the security of the server infrastructure and getting rid of proprietary components, the state of which cannot be controlled. CoreBoot is a free analogue of proprietary firmware and is available for full verification and audit. CoreBoot is used as the base firmware for hardware initialization and bootstrap coordination. Including implemented the initialization of the graphics chip, PCIe, SATA, USB, RS232. At the same time, the binary components FSP 2.0 (Intel Firmware Support Package) and the binary firmware for the Intel ME subsystem, which are necessary for initializing and starting the CPU and chipset, are integrated into CoreBoot.
To boot the operating system, it is proposed to use or (UEFI implementation based on not yet supported due to incompatibility with the Aspeed NGI graphics subsystem, which works only in text mode). In addition to adding board support to CoreBoot, the project participants also implemented support for TPM (Trusted Platform Module) 1.2 / 2.0 modules based on Intel ME and prepared a driver for the ASPEED 2400 SuperI / O controller that performs the functions of BMC (Baseboard Management Controller).
For remote management of the board, the IPMI interface provided by the BMC AST2400 controller is provided, but to use IPMI, the original firmware must be installed in the BMC controller. The verified download functionality has also been implemented. To utility added support for AST2400, and in support for Intel Xeon E3-1200. Intel SGX (Software Guard Extensions) is not yet supported due to stability issues.
Source: opennet.ru