Thoughts dereferenced from the scratchpad noise.

Stop rewriting your pipelines - achieving CI portability with Docker and Taskfile

Published at April 27, 2026 · Maciej Pijanowski · 18 min read

After years of reacting to CI platform changes and rewriting pipeline definitions, we decided to research a better approach. This post describes our evaluation of different solutions and why we settled on treating CI systems as interchangeable orchestration layers, with build logic living in portable Docker containers orchestrated by Taskfile. We plan to adopt this approach more widely and see how it holds up in practice....

Categories: miscellaneous

What Open Source Firmware Can Learn from Apple Pre-OS Security

Published at April 24, 2026 · Piotr Król · 17 min read

Apple Platform Security Guide is the most comprehensive platform security documentation in the industry. Instead of dismissing it as closed-source irrelevance, we read it through a firmware engineer's lens and extracted transferable security patterns for x86 and ARM open source firmware. Here is what we found about boot chains, Secure Enclave architecture, and five opportunities for Dasharo and coreboot....

Categories: firmware security

MSI PRO B850-P coreboot port: Phoenix openSIL AM5 IP block porting

Published at April 3, 2026 · Michał Żygowski · 14 min read

Continuing the MSI PRO B850-P coreboot port series, this post covers the porting of Phoenix AM5 specific code to openSIL. We describe the progress on NBIO, SMU, MPIO and GFX IP blocks, the chipset authentication breakthrough, SMM initialization challenges, and the current state of the platform including a successful OS boot....

Categories: firmware

MSI PRO B850-P coreboot port: PCIe and USB descriptors and Phoenix OpenSIL

Published at March 6, 2026 · Michał Żygowski · 17 min read

Continuing the journey of porting MSI PRO B850-P to coreboot. This post covers the port configuration phase: USB and PCIe MPIO descriptors derived from hardware topology discovery. It also describes the integration of Phoenix OpenSIL as a Proof of Concept and the challenges encountered compared to the Genoa and Turin platforms....

Categories: firmware

New adventure: Porting MSI PRO B850-P to coreboot

Published at February 9, 2026 · Michał Żygowski · 28 min read

The blog post describes the effort made to port a modern AMD desktop board to coreboot. The target is MSI PRO B850-P, supporting AMD AM5 socket processor family and Phoenix OpenSIL....

Categories: firmware

Dasharo TrustRoot Ephemeral Key Incident

Published at December 22, 2025 · Michał Kopeć · Maciej Pijanowski · 8 min read

This report details a release engineering incident where a Dasharo firmware update successfully performed End-of-Manufacturing (EOM) fusing on NovaCustom laptops but utilized an ephemeral testing key instead of the persistent production key. We provide a technical analysis of the situation and outline impact for affected end users....

Categories: firmware security

Windows HLK for Firmware Validation

Published at December 11, 2025 · Filip Gołaś · 23 min read

Learn about introducing a new tool to the arsenal of Dasharo testers. Windows Hardware Lab Kit - a framework able to perform over 3000 tests used to certify hardware and drivers as compatible with Windows...

Categories: miscellaneous

Gigabyte MZ33-AR1 Porting Update: BMC IPMI commands and Upstream

Published at December 5, 2025 · Michał Żygowski · 11 min read

The Gigabyte MZ33-AR1 porting effort is slowly coming to an end. In the previous blog post we already showed a booting Linux and Windows. Now we show the finishing touches before Dasharo release: BMC IPMI commands, HCL tooling updates for the incoming Phoenix platforms and the Turin upstream status....

Categories: firmware

Porting Dasharo to ASRock Rack SPC741D8/2L2T

Published at December 2, 2025 · Michał Kopeć · 12 min read

This is a post about the process of porting Dasharo to a modern Intel-based server platform. Join me to learn how a coreboot port is integrated into Dasharo and enhanced with Dasharo features....

Categories: firmware

Stop dreading NIS2: Unlock your firmware digital sovereignty with Zarhus.

Published at November 28, 2025 · Kamil Aronowski · 12 min read

The NIS2 Directive marks a new era of mandatory cyber risk management and accountability, with a focus on supply chain integrity. Today, we'll discover how Zarhus empowers you to master NIS2 compliance effortlessly, so you can take back control, secure your digital sovereignty, and focus on what truly matters - YOUR way....

Categories: firmware security

Latest posts

Donate

Search

Recent posts

Stop rewriting your pipelines - achieving CI portability with Docker and Taskfile

What Open Source Firmware Can Learn from Apple Pre-OS Security

MSI PRO B850-P coreboot port: Phoenix openSIL AM5 IP block porting

MSI PRO B850-P coreboot port: PCIe and USB descriptors and Phoenix OpenSIL

New adventure: Porting MSI PRO B850-P to coreboot

Top authors

Archives

Popular tags