Designing a Secure and Space-Efficient Executable File Format for the Unified Extensible Firmware Interface
Material for the Master's Thesis 'Designing a Secure and Space-Efficient Executable File Format for the Unified Extensible Firmware Interface' (UEFI) at the University of Kaiserslautern-Landau (RPTU).
To separate CI and artifact distribution for the different components and stages, this repository consists of multiple branches:
- audk: The main contribution of the thesis. A fork of the Acidanthera UEFI Development Kit (AUDK) that adds support for the UEFI Executable File Format (UE).
- opencore: A fork of the OpenCore bootloader (OpenCore) that helps add support for the UEFI Executable File Format (UE) to the AUDK build system.
- ocbuild A fork of ocbuild to ensure full reproducibility of the build system.
- qemu_build: A semi-reproducible container to build and distribute QEMU 8.0.2 for performing UEFI boot tests.
- ue_dev_build: A semi-reproducible container image to build and test AUDK firmware artifacts.
- audk_build: A reproducible environment to build, test, and distribute AUDK firmware artifacts.
- ue_test: The testing environment for UE parsing and generation. This includes PE-to-UE conversion tests, static analysis using Coverity, Clang Static Analyzer, and GitHub CodeQL, as well as fuzz-testing using libFuzzer.
- audk_errata: Changes to the audk branch that did not make it in time to meet the deadline.
- thesis: The LaTeX sources for the thesis document.
For artifact evaluation and best-effort reproducibility, the Releases contain the Docker container image, artifacts, and test results used for this work. Due to limitations with Ubuntu package archiving and dependency chain version-pinning, all container images in this repository are only 'semi-reproducible'.
This work has been published by the Embedded Systems Group at the University of Kaiserslautern-Landau. [PDF] [BibTeX]