Software Bill of Materials
Brad Bishop
bradleyb at fuzziesquirrel.com
Sat Mar 19 00:39:44 AEDT 2022
On Thu, Mar 17, 2022 at 05:20:50PM -0500, Patrick Williams wrote:
>On Thu, Mar 17, 2022 at 04:26:08PM +0000, Richard Hughes wrote:
>> I've been thinking this about the SBoM problem from a firmware point
>> of view, but in a "BMC image" it's often lumped together as one thing,
>> but in reality a single BMC image might contain a BSP/FSP, microcode
>> blob, an EC, a root filesystem and a lot more. Even something as
>> seemingly-monolithic as a USB controller might contain a HAL from the
>> silicon vendor, an ISV-supplied bootloader and an ODM-provided runtime
>> firmware all built together.
>
>I believe most of our BMC images actually are much simpler than you've laid out
>here. Typically it really is just the BMC code and images for any other devices
>are updated independently.
I think many general purpose offerings do this in the way Richard
describes. Can we include that world-view in the disucssion too?
brad
More information about the openbmc
mailing list