converged firmware infrastructure drives innovation...collaborate on hp uefi features provided...
TRANSCRIPT
presented by
Converged Firmware Infrastructure Drives Innovation
The 10‐in‐10 Computing Conference –October 28, 2011
Presented by Dong Wei (VP, UEFI Forum)
www.uefi.org 1
Updated 2011‐06‐01
Agenda
• The Firmware Convergence• Basis for Innovations• UEFI Forum Status• Questions
www.uefi.org 2
The Firmware Convergence
• UEFI is processor architecture agnostic– Provides a converged firmware boot infrastructure for x86, x64, ARM and Itanium
• Modularity & Extensibility– Enables reuse and value‐add– Optimizes code size (code only as needed)– Improves boot performance
• Ecosystem benefits– Enabled code sharing opportunities among business entities and with partners/vendors
www.uefi.org 3
UEFI View
Firmware
Platform Specific UEFI Firmware
OS
System Hardware
UEFI Boot Services
UEFI OS Loader OS APIs
UEFI Mode
UEFI Runtime Services
Pla
tform
Initi
aliz
atio
n
PI Modular components
Hardware
UEFI-enabled
OS
UEFI Shell Legacy
OS
OptionROMs
CPU PEIModules
C/S PEI Modules
UEFI
• • •
UE
FI Driver
DX
E D
river
Com
patibility S
upport Module
UE
FI Driver
BDS
UE
FI Driver
Example: UEFI Deployment @ HP
Microsoft Windows 7
Embedded Systems PC Clients
Printers and ScannersScanjet Enterprise 7000n*, Color Laserjet CM4540 MFP*, Color LaserJet CP5525*, LaserJet M4555MFP*.
Storage
Network
Notebook PCs and TabletsCommercial group has shipped Class 2 systems since 2008Consumer group is shipping Class 1 systems
Desktops and WorkstationsAdopted a common UEFI codebaseShipped Class 2 systems since 2H’2010
Enterprise Servers
Integrity ServersAlways Class 3 systemsHP-UX, VMS, Integrity VM Operating Environment
• Collaborate on HP UEFI features provided enhanced manageability, security and ease of code with shared UEFI-based diagnostics
Basis for Innovations
• Secure boot• Network stack• User interface and seamless boot • Fast boot• Legacy removal• System Management
www.uefi.org 6
Why Secure Boot
• Growing class of malware targets the boot path–http://www.theregister.co.uk/2011/09/14/bios_rootkit_discovered/
www.uefi.org 7
It should be no surprise that a TDL Gang botnet climbed into the number one position in the Damballa Threat Report – Top 10 Botnets of 2010. “RudeWarlockMob” … applied
effective behaviors of old viruses and kits. It combined techniques that have been effective since the days of 16‐bit operating systems, like Master Boot Record (MBR) infection … with
newer malware techniques. (from http://blog.damballa.com)
Secure Boot
• All firmware and software in the boot process must be signed by a trusted Certificate Authority (CA)
• Based on UEFI Driver Signing and Authenticated Variable Service
• Global defined variables–Platform Key (PK)–Key Exchange Key (KEK)
www.uefi.org 8
Network Stack
• Rich network capability at pre‐OS time– Supports IPv4 and IPv6– Supports iSCSI Boot– Supports PXE network boot– Enables system management
www.uefi.org 9
User Experience
• Graphics Output Protocol (GOP) enables high‐resolution graphics during pre‐Boot– Seamless graphics experience at POST, OS launch, OS crash
–Graphical BIOS Setup interface• Absolute Pointer Protocol enables the mouse and touch experience during Pre‐OS
www.uefi.org 10
Example: Windows 8 Seamless Boot
www.uefi.org 11
POST Explorer Init.
Device Init.Hiber Resume
OEM Logo
OEM Logo
Clean, high-resolution branding elements persist through OS boot
Post with highest supported native resolution
Seamless single graphics transition from firmware to native OS driver
Example:ASUS GUI Setup
www.uefi.org 12
Example:HP DayStarter
60s
<5s
POST Microsoft Windows† VistaHWMicrosoft Windows†
7
A Typical Boot Sequence to Windows†
Boot Sequence Improvements
Microsoft Windows 7 <
2s
60 s
POST Microsoft Windows† VistaHW
HP DayStarter
Microsoft Windows†
7
HP DayStarter
The New HP Innovative Boot with DayStarter
A Better User Experience
• Customer benefit: • Instant-on User Experience• displays user’s info
• calendar• to-do list• customizable info
• before Windows† is booting.
CalendarCustomizable information
Non authenticate
Data
HP DayStarter
Info
Slot 0
HPPI Feature1
Slot 1
HP_Tools\Hewlett-Packard\HPDayStarter
Non authenticate
Data
Non authenticateData
Auth DataUser 1User 2User N
Auth DataUser 1User 2User N
Auth DataUser 1User 2User N
HPPI Feature2
Slot 2
Non authenticate
Data
Auth DataUser 1User 2User N
HPPI Feature N
Slot N
Non authenticate
Data
Auth DataUser 1User 2User N
Extensible Architecture
Innovative TechnologyThe main technology behind the HP DayStarter is for UEFI BIOS to locate the proper JPEG image and use the System Management Mode (SMM) to update the frame buffer content until Windows† is ready for system login. At runtime, the HP DayStarter implements an Microsoft Outlook plug-in to capture the calendar information.
To-do List
An HP Platform Innovation enabled by UEFI
Fast Boot
• OS’s compression of time needed for its initialization exposes POST time length
• Hardware choices impact boot time• UEFI enables many optimization opportunities– Collaborate with OS to avoid repetition–Only perform functions needed to boot– Use GOP rather than vBIOS– Class 3 boot does not need CSM
www.uefi.org 14
System Management
• Build on the UEFI Foundation • Potential for future standardization
www.uefi.org 15
Example:IBMThe IBM® BladeCenter HS22 offers flexible options to support a broad range of workloads,
including virtualization and enterprise applications. Along with intuitive UEFI‐based tools, the HS22 can be customized and deployed quickly while best‐in‐class reliability features help keep you up and running
IBM System x Server Firmware has many features that go well beyond the basic requirements of UEFI‐compliant firmware, including the following key features:
• Ability to boot UEFI‐compliant operating systems and existing legacy master boot record operating systems without requiring that boot modes or settings be changed
• Active Energy Manager • Memory predictive failure technology • Fatal memory error recovery and DIMM isolation • Enhanced light path diagnostics • Simplified hierarchical POST and UEFI diagnostic codes • Out‐of‐band configuration and deployment capabilities
www.uefi.org 16
17
Industry BIOS Transition
Pre‐2000 All Platforms BIOS were proprietary
2000
Intel invented the Extensible Firmware Interface (EFI) and provided sample implementation under free BSD terms
tianocore.org, open source EFI community launched
2004
Unified EFI (UEFI)Industry forum, with 11 promoters, was formed to standardize EFI
2005
185 members and growing! Major MNCs shipping ‐ UEFI platforms crossed 50% of IA worldwide units ‐Microsoft* UEFI x64 support in Server 2008, Vista* and Win7* ‐ RedHat* and Novell* OS support
2011
www.uefi.org
Source: Various – UEFI Industry Communication Working Group data through 2010; Intel customers platform UEFI adoption projection data for 2011-2015
UEFI Firmware DeploymentsOver 50% of worldwide IA units in 2010 and expected to reach 90% by 2015
IA Mobile PlatformsUEFI Transition Complete;
MNCs UEFIServers shipping
IA DesktopsUEFI Transition
to complete
Full IA Industry Native UEFI
Transition Expected
UEFI System Classes Based on Firmware I/F
Class0
Class1
Class2
Class3
LegacyBIOS
UEFI CSM1
only UEFI Switch: CSM & UEFI
UEFI only
Limited Benefits:OEMs/ODMs internal
Development Optimization& Code Organization
Full Benefits:UEFI Innovation
PerformanceExtensibility
Advanced Usability
Inte
rfac
eEx
pose
d
FutureToday
1Compatibility Support Module
19www.uefi.org
UEFI Specification Roadmap
www.uefi.org 20
UEFI Plugfest (Taipei)
• Insyde hosted. AMD, AMI, Insyde, Intel, Microsoft and Phoenix sponsored
• ~170 people from ~30 vendors present• Test results• Ready for Win8?
www.uefi.org 21