AMD openSIL Planned to Replace AGESA Firmware in Client and Server in 2026
by Gavin Bonshor on May 5, 2023 5:15 PM ESTAt a recent OCP Regional Summit held in Prague, AMD shared its plans to replace its AMD Generic Encapsulated Software Architecture (AGESA) firmware with an open-source alternative called Open-Source Silicon Initialization Library (openSIL). The new firmware would be ready for production use in 2026, following a multi-year, four phase development cycle.
Firmware is a crucial component for modern computer systems, and on modern AMD systems, that critical code blob is AGESA. Among other things, AGESA is responsible for initializing several sub-systems of the platform, including processor cores, chipset, and memory; and it is frequently updated to support new hardware and resolve bugs.
But for all the utility that firmware brings, it can also be a weak point in a system via vulnerable to cyber attacks. So as part of their new firmware initiative, AMD has proposed making the development, architecture, and validation of the Silicon Initialization Firmware open-source to enhance security. AMD has a history of supporting open-source solutions for software and drivers, and openSIL is designed to be lightweight, simple, transparent, and secure and can be scaled easily.
As initially reported on by Phoronix, openSIL is not intended to replace the Unified Extensible Firmware Interface (UEFI) but rather to be integrated with other host firmware such as coreboot, reboot, and FortiBIOS. It is written in standard industry language, allowing vendors to statically link it to the host firmware and bypass any host firmware protocols.
AMD is presently testing openSIL in the Proof-of-Concept (POC) phase, and it is currently compatible with AMD's 4th-generation EPYC (Genoa) processors and related platforms. The 5th-generation EPYC (Turin) processors will also be included in the POC phase. AMD intends to make openSIL the default choice for the 6th-generation EPYC series by 2026, and AGESA will be phased out.
While AMD admits that openSIL is still a work in progress, it is very close to parity with AGESA. However, since openSIL won't be ready until 2026 and AMD's most recent roadmap shows Zen 5 for 2024, it may take until Zen 6 or even Zen 7 before seeing a finished product. AMD has not released a projected roadmap for openSIL on the client side, but it will eventually replace AGESA on all AMD products.
18 Comments
View All Comments
Flunk - Monday, May 8, 2023 - link
You mean open-source software isn't like a wiki where every random person can just change anything they want?Kevin G - Monday, May 8, 2023 - link
I believe that that comparison doesn't fully apply as more people looking at it is done in a parallel independent manner, not all working together coherently. The dependent steps are validation and peer review in an open source project to move into the mainline production branch. For example the maintainers may need to select from half a dozen fixes that were independently created or may choose to replace their first selection for a fix with a later, more well written solution.ET - Tuesday, May 9, 2023 - link
That's not what Brook's Law says. It talks about adding people to a project that's behind schedule.In general, throwing more people at finding problems means finding more problems and more quickly.
ECC_or_GTFO - Saturday, May 6, 2023 - link
Amazing how zero famous "security experts" are able to implement kindergarten-level security, likely because they're all corrupt shills. You cannot know how good proprietary security is, especially when its hidden in hardware and very difficult to reverse engineer and inspect (even for well-funded third party orgs).ECC_or_GTFO - Saturday, May 6, 2023 - link
Does "firmware" include or exclude "management engines" and the software that runs inside of them? Are they being sneaky here? By definition, I believe the mini OS running transparently to the CPU and host OS (inside of AMD's PSP or Intel's IME) should be deemed "firmware"!ballsystemlord - Sunday, May 7, 2023 - link
Does "firmware" include or exclude Pluton?Dolda2000 - Sunday, May 7, 2023 - link
I could be wrong, but my understanding of Pluton is that it isn't a firmware thing at all to begin with, but rather is a program loaded into some sort of coprocessor under control of the operating system, presumably during boot, so I wouldn't expect it to be included either way.A big part of the reason I could be wrong is that Pluton isn't exactly terribly well documented though, so that's part of the issue.
davebyrd - Monday, May 8, 2023 - link
OCP? i prefer Security Concepts.