OCP Flashless Boot Update.pdf

1、OCP Flashless/Streaming Boot UpdateVarun Sampath,Principal Engineer,NVIDIABharat Pillilli,Principal Engineer,MicrosoftAhmad Atamli,Principal Engineer,NVIDIAOCP Flashless/Streaming Boot UpdateSECURITY AND DATA PROTECTIONSECURITYYour ASICCPUPlatform Root of TrustBMCSPDMDC-SCM ModularityDPUGPUpRoTWhere

2、 we left off:OCP CSA II ArchitectureCaliptra for attestationFlashless boot endpointFlashless boot OOB pathSPDM attestationpathMCTPi3cUSBOOB busTrusted VerifierFlash Stream Protocol(TBD)Flashless/Streaming Boot ApproachLeverage OCP Recovery:enables early-fw boot over SMBus or I3CLimit chicken-and-egg

3、:OCP Recovery benefits flash-and flashless bootsPush model simplifies platform and device designUse early-fw to fetch the remainder-fw using MCTP with high performanceI3CPCIe VDMUSB 2.0Updates for PCIe DevicesAvoid dependency on PERST#Tough to change System Firmware to avoid multiple PERST#togglesLe

4、verage PCI-SIG SFI(System Firmware Intermediary)and PCIe-MIDiagram courtesy Austin Bolen DellHost Software(Operating System,Drivers,Applications,UEFI/BIOS)BMCPCIe DeviceProcessorRoot Port or Switch w/SFISMBus/I2CSMBus/I2CPCIe BusPCIe TrafficUpdates for OCP RecoveryAdd Flashless Boot ModeAdd Multi-St

5、age Activation for early-fw loadDesigning OCP Recovery I3CDedicated TargetConcurrent operation with MCTP-I3C66ms for 100KB at I3C SDR 12.5MHzUpdates for Remainder-fw LoadUse PLDM-T5(DSP0267 PLDM for Firmware Update)LeverageModularity(enable packaging of multiple components)“Pull”modelChangesFirmware

6、 Device ID Record,DeviceUpdateOptionFlagsUpdateComponent request,UpdateOptionFlagsUpdateComponent response,UpdateOptionFlagsEnabledApplyComplete request,ComponentActivationMethodsModification-change to self-contained/automaticFlashless/Streaming Boot Flow for PCIe DevicepRoTDeviceOCP Recovery cmd:En

7、ter flashless boot on next bootStep 1:Transition device to Flashless Boot ModepRoTDeviceOCP Recovery cmd:Push INDIRECT_DATAStep 2:Reboot,Push early-fwLTSSM state:disabledTime:4s(200KB)pRoTDevicePCIe L0,enumerationMCTP type 0 enumerationStep 3:Boot PCIe and MCTP(existing system flows)LTSSM state:L0Ti

8、me:system-dependentpRoTDevicePLDM-T5 over MCTPStep 4:Fetch remainder-fwLTSSM state:L0Time:system-dependentSMBus,I3CSMBus,I3CPCIe,I3C,USB2.0PCIe,I3C,USB2.0LTSSM state:disabledTime:1msNext StepsOCP spec updates for RecoveryRC available:Google doc linkTarget release for summerDMTF updates for PLDM-T5Target EOY 2024BMC and PA-RoT architectureTarget EOY 2024Publish white paper:Google doc linkTarget EOY 2024Call to ActionImplement OCP RecoveryImplement PLDM-T5 for firmware updateParticipate in OCP Security WGReach out on spec and whitepaper commentsThank you!