Utilizing the Linux security subsystem
u-bmc uses the Linux kernel just as OpenBMC does but also enables more hardened configurations and makes extensive use of the existing security subsystems like Yama, Lockdown and soon Landlock and SELinux.
You’re most likely going to come up with an answer that has something to do with managing servers remotely, or maybe debugging them. Both are valid use-cases for BMCs. In addition, some servers are manufactured to rely on the BMC for tasks such as fan control.
This creates a problem, since the two previous stated use-cases (managing and debugging) requires high level of access to the host system and as a debugger the BMC has supreme access to critical resources, or as a system manager its function is critical for system relyability.
A system that is both critical and highly privileged should be easy to audit, and employ modern security. Those are the goals of u-bmc.
u-bmc sacrifices classical industry compatibility in order to offer a solution that is genuinely tailored for the mission. This usually results in a more secure implementation but also better integration with other systems in general. Example: IPMI is replaced with gRPC, and SNMP with OpenMetrics.
To ease adoption for the users that require classical interfaces there are protocol adapters being planned that run off-BMC which converts from protocols like Redfish to gRPC.
u-bmc uses the Linux kernel just as OpenBMC does but also enables more hardened configurations and makes extensive use of the existing security subsystems like Yama, Lockdown and soon Landlock and SELinux.
By having all of the userspace in Go we can guarantee memory safety and high performance. And because your client software is also written in Go, it will run on every OS that a static Go binary can run on e.g. Linux, FreeBSD, macOS and Windows.
Instead of using IPMI we rely on gRPC for the tooling. The same control software that runs on the BMC can run on your client and communicates via gRPC. This makes controlling your BMC incredibly flexible!
The OpenMetrics format is widely adopted and neatly integrates with Prometheus, making it DevOps friendly and easy to get a visual representation about your fleet as a whole without having to check each BMC manually.
Task is a task runner / build tool that aims to be simpler and easier to use than, for example, GNU Make or OpenBMCs Yocto. Not only is it easy to use, it’s also pretty fast, speeding up development with incremental builds and an overall lean build pipeline that only takes a few minutes depending on the compiling hardware. (For reference, it takes roughly 5 minutes on a recent ThinkPad T14)
Historically BMCs have been considered insecure by nature and have received little to no attention - not unlike BIOSes.
While LinuxBoot’s mission is to uplift BIOS firmware for existing servers, u-bmc’s is to uplift BMC firmware. The implementations differ, some things are shared, but the goal is the same.
u-bmc, like LinuxBoot, sacrifices classical industry compatibility in order to offer a solution that is genuinely tailored for the mission. By close collaboration between LinuxBoot and u-bmc, the hope is to one day have servers that ship with a both free and open source firmware stack for the BMC as well as system BIOS.
If you want to know more about our vision, check out our talk at OSFC 2021.
Find us on
GitHub!
Join our
Slack Channel!