To many, the (UEFI-based) boot process is like voodoo; interesting in that it’s something that most of us use extensively but is – in a technical-understanding sense – generally avoided by all but those that work in this space.
In this article, I hope to present a technical overview of how modern PCs boot using UEFI (Unified Extensible Firmware Interface). I won’t be mentioning every detail – honestly my knowledge in this space isn’t fully comprehensive (and hence the impetus for this article-as-a-primer).
A rather detailed overview of the UEFI boot process.
My main takeaway is that the PC is no longer a computer, but a network of computers, even without additional PCI-e peripherals or such.
According to the article the Chipset itself contains a i486 and a boot ROM just to begin the power cycle of the system. The CPU is of course known to contain additional computers (network accessible in case of ME), and there seems to be several other autonomous components in the mix (like the power management controller).
I think we are way past the point where we can audit / control all the components of the system, let alone have a fully open source stack.
sukru,
IMHO there’s more than enough talent to get us there, the main obstacle is having manufactures who not only won’t cooperate but are actively using hardware restrictions to deny owners the ability to deploy open source software alternatives. So while I mostly agree with your conclusion, I don’t believe it’s due to intrinsic complexity so much as proprietary designs that block alternatives.
Having an IME is an awesome feature for servers, as an owner though I just wish it wasn’t stuck running intel’s rather crappy software. I have to face the reality that proprietary blobs are likely a permanent fixture of computing for the masses. Not only are the features somewhat limited, but serious vulnerabilities have been detected in Intel’s IME. Having so many computers around the world dependent on manufacturers on manufacturer bundled software is bad for security.
We may have the talent, but has that talent yet delivered a product? Even a fully open proof of concept stack? Sure there are projects here and there such as Coreboot, but has any of our talent integrated all of these components together to form a fully open stack? It’s useless to complain about manufacturers when you don’t have a competing product yet.