Monday, May 8th 2023

AMD Open-Source Firmware is Coming, openSIL will Replace AGESA by 2026

During the OCP Regional Summit, AMD has shared plans to replace AGESA with openSIL. The change will not come soon, and according to details, it will be a slow process starting in 2026. AGESA firmware updates are quite important but also vulnerable to cyber-attacks, which is one of the key points for the new OpenSIL, which is proposed as an open-source solution.

As detailed by Phoronix, AMD mentioned the Open-Source Silicon Initialization Library (openSIL) back in mid-April, when it launched initial support for 4th Gen EPYC processors and its reference platform. Although initially aimed at server processors, AMD has made clear during the OCP presentation that the OpenSIL is meant to be a replacement to AMD Generic Encapsulated Software Architecture (AGESA), covering the entire product stack. As said, AMD plans for openSIL to be simple, easily scalable, lightweight, and open-source, thus increasing the overall security.
Raj Kapoor, AMD Fellow and Chief Firmware Architect shared a bit more details about the challenges that AGESA brings, and said that: "AMD openSIL will be scaling to both server and client platforms by the 2026 timeframe." During Q&A, he added that "AGESA will be end of life, openSIL will replace it."

Considering the timeframe, openSIL won't be ready before AMD launches Zen 6 or even Zen 7 CPUs, at least on the client side, while the proof of concept code for the AMD 4th Gen EPYC Genoa server CPUs will be ready soon.
Source: Phoronix
Add your own comment

47 Comments on AMD Open-Source Firmware is Coming, openSIL will Replace AGESA by 2026

#1
AusWolf
I wonder what changes this will bring to home users. I mean, whether it's called AGESA or OpenSIL, it doesn't matter much. A BIOS update is a BIOS update regardless.
Posted on Reply
#2
dgianstefani
TPU Proofreader
AusWolfI wonder what changes this will bring to home users. I mean, whether it's called AGESA or OpenSIL, it doesn't matter much. A BIOS update is a BIOS update regardless.
Well, AGESA is a borderline joke of a codebase written by outsourced coders, so open-source will be a significant improvement.

Community can and will fix things faster than AMD.
Posted on Reply
#3
unwind-protect
I thought this is binary blobs with open source glue?
Posted on Reply
#4
AusWolf
dgianstefaniCommunity can and will fix things faster than AMD.
That depends on what community we're talking about. Open-source can also lead to a mess of infinite versions from various different communities. Take Linux, for example. There are so many distros that there's no way of telling which one is good for you unless you know a lot about Linux in general - it's what I like to call "open source, closed community".

That is, unless AMD takes the open source route to include the best community fixes in official versions, which I'll welcome.
Posted on Reply
#5
Super Firm Tofu
It’s a step in the right direction.

Maybe I’ll consider AMD again sometime after 2026.

Maybe.
Posted on Reply
#6
Vya Domus
dgianstefaniwritten by outsourced coders
The vast majority of software written these days for major corporations is outsourced, this doesn't mean anything.
Posted on Reply
#7
devilblessed
will this be compatible with previous generation?
Posted on Reply
#8
Easo
dgianstefaniWell, AGESA is a borderline joke of a codebase written by outsourced coders, so open-source will be a significant improvement.

Community can and will fix things faster than AMD.
That's far from guaranteed. Linux had security holes more than decade old - and that's with basically thousands of high level and skill contributors.
Posted on Reply
#9
Daven
Super Firm TofuIt’s a step in the right direction.

Maybe I’ll consider AMD again sometime after 2026.

Maybe.
Freesync
FSR open source
RSR/FSR supported on Intel/Nvidia/AMD GPUs
OpenSIL
Stacked cache
Extreme CPU power efficiency

I’m a proud owner of AMD products.
Posted on Reply
#10
TheDeeGee
DavenFreesync
FSR open source
RSR/FSR supported on Intel/Nvidia/AMD GPUs
OpenSIL
Stacked cache
Extreme CPU power efficiency

I’m a proud owner of AMD products.
Nvidia RTX Remix (open source)

I'm a proud owner of an Nvidia GPU.
Posted on Reply
#11
L'Eliminateur
dgianstefaniWell, AGESA is a borderline joke of a codebase written by outsourced coders, so open-source will be a significant improvement.

Community can and will fix things faster than AMD.
You're not counting that AGESA is a critical secured piece of FW, so even if it's open source you won't be able to fix and patch anything as you won't have the signing keys for it.
And even if you had you have to integrate it into a bios file that your system will take(the easiest part as there are lots of tools for that nowadays, but even then i don't think the modded bios pass secure boot requirements)
Posted on Reply
#12
bug
Title:
openSIL will Replace AGESA by 2026
Article:
The change will not come soon, and according to details, it will be a slow process starting in 2026.
Kudos.
Posted on Reply
#13
wNotyarD
bugTitle:


Article:
Both are correct, if you follow the roadmap. openSIL will be production-ready by 2026, which is when it'll start being deployed to replace AGESA. Until it does so completely, it'll be a somewhat lengthy process.
Posted on Reply
#14
bug
wNotyarDBoth are correct, if you follow the roadmap. openSIL will be production-ready by 2026, which is when it'll start being deployed to replace AGESA. Until it does so completely, it'll be a somewhat lengthy process.
By that logic, we've already replaced ICE cars with EVs :D
Posted on Reply
#15
Dirt Chip
If it ain't broken - don't fix it.
Posted on Reply
#16
phanbuey
This sounds interesting but also somewhat unstable?
Posted on Reply
#17
dgianstefani
TPU Proofreader
Dirt ChipIf it ain't broken - don't fix it.
Have you... been following the news? :confused:
phanbueyThis sounds interesting but also somewhat unstable?
As opposed to now? :laugh:
Posted on Reply
#18
phanbuey
dgianstefaniHave you... been following the news? :confused:

As opposed to now? :laugh:
It just seems like the conversation went like:
"hey we need more stability, and uh our last agesa started melting chips, should we hire some testers?"
"nah, let's just move to an open source model"
"ok, whatever you say, boss"
Posted on Reply
#19
R-T-B
EasoThat's far from guaranteed. Linux had security holes more than decade old - and that's with basically thousands of high level and skill contributors.
Almost all software more than a decade old has security holes more than a decade old, the important thing is in open source eventually they are found.
Posted on Reply
#20
Solaris17
Super Dainty Moderator
L'EliminateurYou're not counting that AGESA is a critical secured piece of FW, so even if it's open source you won't be able to fix and patch anything as you won't have the signing keys for it.
And even if you had you have to integrate it into a bios file that your system will take(the easiest part as there are lots of tools for that nowadays, but even then i don't think the modded bios pass secure boot requirements)
to be fair that is likely not how this will work.

they may end up using there own platform svn if they don’t use git.

in either case they would be the branch owners. Not sure if you have ever used git before but I’m guessing not.

they would do what many other open source friendly companies/divisions do and host the source public while maintaining and owning the repo.

anyone can work on it and create a pull request which they as a company would look over and then merge.

at such a point they deem the repo code meets the next milestone they will make it, compile, host, sign and distribute.
Posted on Reply
#21
dgianstefani
TPU Proofreader
Solaris17to be fair that is likely not how this will work.

they may end up using there own platform svn if they don’t use git.

min either case they would be the branch owners. Not sure if you have ever used git before but I’m guessing not.

they would do what many other open source friendly companies/divisions do and host the source public while maintaining and owning the repo.

anyone can work on it and creat a pull request which they as a company would look over and then merge.

at such a point they deem the repo code meets the next milestone they will make it compile host sign and distribute.
It's worked for Intel and Linux, alongside many others for years, why would this be any different.
Posted on Reply
#22
Dirt Chip
dgianstefaniHave you... been following the news? :confused:
I have, it's a subtle insinuation ;)
Posted on Reply
#23
Solaris17
Super Dainty Moderator
dgianstefaniIt's worked for Intel and Linux, alongside many others for years, why would this be any different.
Mailing lists are scary but if people took a moment to read commit requests I think it would widen there perspective of these companies if not the engineers people love to hate so much.

People would be surprised to see how many engineers from MS, Intel, AMD nvidia etc contribute to the kernel. Even new technologies that don’t appear on windows until much later. I don’t think it crosses peoples mind that these things are tested on linux first because it’s faster to prototype.

like what bro you thought windows was just going to install the drivers for your prototype GPU?
Posted on Reply
#24
dgianstefani
TPU Proofreader
Solaris17Mailing lists are scary but if people took a moment to read commit requests I think it would widen there perspective of these companies if not the engineers people love to hate so much.

People would be surprised to see how many engineers from MS, Intel, AMD nvidia etc contribute to the kernel. Even new technologies that don’t appear on windows until much later. I don’t think it crosses peoples mind that these things are tested on linux first because it’s faster to prototype.

like what bro you thought windows was just going to install the drivers for your prototype GPU?
Not only that, but in my opinion, Clear Linux is literally the best distro. I use it on an AMD 4300U Thinkpad
Posted on Reply
#25
Easo
R-T-BAlmost all software more than a decade old has security holes more than a decade old, the important thing is in open source eventually they are found.
Sure, but so are they in closed source software. It is not like AMD or Microsoft or whatever are not working on that daily. Also one difference is that for bunch of people that is just a hobby in free time, for others it is full time paid job - I can take a guess which one has more dedicated high level people and let's be honest - there will be very few persons out in the wild who understand firmware code for something this complicated and specific. Obvious issues might be caught quicker, I can agree with that, though.
Posted on Reply
Add your own comment
Dec 17th, 2024 23:19 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts