Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/aws/uefi

UEFI
https://github.com/aws/uefi

Last synced: about 1 month ago
JSON representation

UEFI

Awesome Lists containing this project

README 

          
# UEFI



This repository contains the changes that need to be applied on top of

[edk2](https://github.com/tianocore/edk2) in order to run x86_64 guests on

Nitro-based EC2 instances. We use [Nix](https://nixos.org/download.html) for

creating reproducible builds of the UEFI binaries to ensure that the same UEFI

binaries that are used with instance launches can be reproduced on any environment.

EC2 customers running instances with AMD SEV-SNP support can match their

running UEFI firmware with the binaries released here and even reproduce the

binaries themselves.



## How to build



Amazon EC2 instances that have AMD SEV-SNP enabled will use UEFI binaries built

in this repository as instance boot firmware. The Github workflow that is run

on every new release uses Nix to build the binary. However, the binary can also

be generated manually after installing [Nix](https://nixos.org/download.html)

by running the command:



```

nix-build --pure

```



This will produce the `result/ovmf_img.fd` binary which can be matched

against running and released UEFI binaries.



## How to generate a measurement

The [sev-snp-measure](https://github.com/virtee/sev-snp-measure) tool

can be used to generate measurements, e.g.  for a guest with 4 vCPUs:



```

./sev-snp-measure.py --mode snp --vcpus=4 --vmm-type=ec2 --ovmf=ovmf_img.fd

```



## Security



See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.



## License



This project is licensed under the [BSD-2-Clause-Patent License](LICENSE).