Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Intel should provide the main code for UEFI

i am not sure what "main code" is supposed to mean (i am no native speaker). but there is a reference implementation by intel and according to matthew garret most real-world implementations are only slightly changed.



Also, from the article:

"We've seen similar bugs in Intel's reference code in the past, but they were all fixed early last year"

So, this might actually be a bug written by Intel.


Similar in that there are variable writes you can perform that break the system. Code-wise, entirely unrelated.


It could be one of those bugs actually, as I don't think the manufacturers use the latest version of the reference code. Probably they use whatever version was available when the project was started or whatever version the programmers are comfortable with.


Yes, this is what I meant

Problem is these 'slight changes' sometimes are what is wrong.

And this is not only about secure boot, but the whole UEFI infrastructure, which, as far as I know, is very complex.


> TianoCore – Open Intel reference UEFI reference implementation, 7061 files, >100MB of code, 10% of size of Linux kernel. Bigger than Linux core kernel

From Garrets linuxconf.au talk, year ago. As it is reference implementation, it is pretty much untested in the wild. So you can expect those "slight changes" to be mostly bugfixes.

Punchline is that Intel DOES provide pretty much all code for UEFI. And it is still bad.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: